ESC
Type to search...
Navigate Open ESC Close

Synchronization.ReadWrite.All

Export JSON
Export CSV
Copy URL
Print
ApplicationDelegated Read/Write All Resources

Allows the application to configure the Azure AD synchronization service, without a signed-in user.

Permission data: April 6, 2026 at 4:06 AM UTC
Delegated Access App-Only Access

Permission Details

Application Permission

Read and write all Azure AD synchronization data.

Allows the application to configure the Azure AD synchronization service, without a signed-in user.

Permission ID: 9b50c33d-700f-43b1-b2eb-87e89b703581
Delegated Permission Admin consent required

Read and write all Azure AD synchronization data

Allows the app to configure the Azure AD synchronization service, on behalf of the signed-in user.

User sees: Allows the app to configure the Azure AD synchronization service, on your behalf.
Permission ID: 7bb27fa3-ea8f-4d67-a916-87715b6188bd

Properties

Microsoft Graph v1.0 exact-category

Properties is shown from stable Microsoft Graph v1.0 metadata.

Property Type Description
id string The unique identifier for an entity. Read-only.
jobs synchronizationJob collection Performs synchronization by periodically running in the background, polling for changes in one directory, and pushing them to another directory.
secrets synchronizationSecretKeyStringValuePair collection Represents a collection of credentials to access provisioned cloud applications.
templates synchronizationTemplate collection Preconfigured synchronization settings for a particular application.

JSON Representation

Microsoft Graph v1.0 exact-category

JSON representation is shown from stable Microsoft Graph v1.0 metadata.

JSON representation 
{
  "id": "String",
  "jobs": [
    {
      "@type": "synchronizationJob",
      "id": "00000000-0000-0000-0000-000000000000"
    }
  ],
  "secrets": [
    {
      "@type": "synchronizationSecretKeyStringValuePair",
      "id": "00000000-0000-0000-0000-000000000000"
    }
  ],
  "templates": [
    {
      "@type": "synchronizationTemplate",
      "id": "00000000-0000-0000-0000-000000000000"
    }
  ]
}

Relationships

Microsoft Graph v1.0 exact-category

Relationships is shown from stable Microsoft Graph v1.0 metadata.

Relationship Type Description
jobs synchronizationJob collection Synchronization jobs configured for the resource.
templates synchronizationTemplate collection Synchronization templates available for the resource.
secrets synchronizationSecretKeyStringValuePair collection Represents a collection of credentials to access provisioned cloud applications.

Graph Methods

Delegated access App-only access
Exact Microsoft Learn match

Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.

Methods
GET /applications/{id}/synchronization/templates
GET /applications/{id}/synchronization/templates/{templateId}
GET /applications/{id}/synchronization/templates/{templateId}/schema
GET /applications/{id}/synchronization/templates/{templateId}/schema/filterOperators
GET /applications/{id}/synchronization/templates/{templateId}/schema/functions
GET /servicePrincipals/{id}/synchronization/jobs/
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/filterOperators
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/functions
GET /servicePrincipals/{id}/synchronization/templates
GET /servicePrincipals/{id}/synchronization/templates/{templateId}
GET /servicePrincipals/{id}/synchronization/templates/{templateId}/schema
GET /servicePrincipals/{id}/synchronization/templates/{templateId}/schema/filterOperators
GET /servicePrincipals/{id}/synchronization/templates/{templateId}/schema/functions
POST /applications/{applicationsId}/synchronization/acquireAccessToken
POST /servicePrincipals/{id}/synchronization/jobs/
POST /servicePrincipals/{id}/synchronization/jobs/{id}/schema/parseExpression
POST /servicePrincipals/{id}/synchronization/jobs/{id}/validateCredentials
POST /servicePrincipals/{id}/synchronization/jobs/{jobId}/pause
POST /servicePrincipals/{id}/synchronization/jobs/{jobId}/start
POST /servicePrincipals/{id}/synchronization/templates/{id}/schema/parseExpression
POST /servicePrincipals/{servicePrincipalId}/synchronization/jobs/{jobId}/restart
POST /servicePrincipals/{servicePrincipalsId}/synchronization/acquireAccessToken
POST /servicePrincipals/{servicePrincipalsId}/synchronization/jobs/{synchronizationJobId}/provisionOnDemand
PATCH /applications/{id}/synchronization/templates/{templateId}
PUT /applications/{id}/synchronization/templates/{templateId}/schema
PUT /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
PUT /servicePrincipals/{id}/synchronization/secrets
DELETE /applications/{id}/synchronization/templates/{templateId}/schema
DELETE /servicePrincipals/{id}/synchronization/jobs/{jobId}/
DELETE /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
Exact Microsoft Learn match

Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.

Methods
GET /applications/{id}/synchronization/templates
GET /applications/{id}/synchronization/templates/{templateId}
GET /applications/{id}/synchronization/templates/{templateId}/schema
GET /applications/{id}/synchronization/templates/{templateId}/schema/filterOperators
GET /applications/{id}/synchronization/templates/{templateId}/schema/functions
GET /servicePrincipals/{id}/synchronization/jobs/
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/filterOperators
GET /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/functions
GET /servicePrincipals/{id}/synchronization/templates
GET /servicePrincipals/{id}/synchronization/templates/{templateId}
GET /servicePrincipals/{id}/synchronization/templates/{templateId}/schema
GET /servicePrincipals/{id}/synchronization/templates/{templateId}/schema/filterOperators
GET /servicePrincipals/{id}/synchronization/templates/{templateId}/schema/functions
POST /applications/{applicationsId}/synchronization/acquireAccessToken
POST /servicePrincipals/{id}/synchronization/jobs/
POST /servicePrincipals/{id}/synchronization/jobs/{id}/schema/parseExpression
POST /servicePrincipals/{id}/synchronization/jobs/{id}/validateCredentials
POST /servicePrincipals/{id}/synchronization/jobs/{jobId}/pause
POST /servicePrincipals/{id}/synchronization/jobs/{jobId}/start
POST /servicePrincipals/{id}/synchronization/templates/{id}/schema/parseExpression
POST /servicePrincipals/{servicePrincipalId}/synchronization/jobs/{jobId}/restart
POST /servicePrincipals/{servicePrincipalsId}/synchronization/acquireAccessToken
POST /servicePrincipals/{servicePrincipalsId}/synchronization/jobs/{synchronizationJobId}/provisionOnDemand
PATCH /applications/{id}/synchronization/templates/{templateId}
PUT /applications/{id}/synchronization/templates/{templateId}/schema
PUT /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
PUT /servicePrincipals/{id}/synchronization/secrets
DELETE /applications/{id}/synchronization/templates/{templateId}/schema
DELETE /servicePrincipals/{id}/synchronization/jobs/{jobId}/
DELETE /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
Exact Microsoft Learn PowerShell match

Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.

Commands
Get-MgApplicationSynchronizationAccessToken /applications/{applicationsId}/synchronization/acquireAccessToken
synchronization: acquireAccessToken
Get-MgServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/
List synchronization jobs
Get-MgServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/{jobId}/
Get synchronizationJob
Get-MgServicePrincipalSynchronizationJobSchema /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
Get synchronizationSchema
Get-MgServicePrincipalSynchronizationTemplate /servicePrincipals/{id}/synchronization/templates
List existing synchronization templates
Invoke-MgFilterServicePrincipalSynchronizationJobSchemaOperator /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/filterOperators
synchronizationSchema: filterOperators
Invoke-MgFunctionServicePrincipalSynchronizationJobSchema /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/functions
synchronizationSchema: functions
New-MgServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/
Create synchronizationJob
New-MgServicePrincipalSynchronizationJobOnDemand /servicePrincipals/{servicePrincipalsId}/synchronization/jobs/{synchronizationJobId}/provisionOnDemand
synchronizationJob: provisionOnDemand
Remove-MgServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/{jobId}/
Delete synchronizationJob
Set-MgServicePrincipalSynchronizationSecret /servicePrincipals/{id}/synchronization/secrets
Add synchronization secrets
Exact Microsoft Learn PowerShell match

Microsoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.

Commands
Get-MgBetaApplicationSynchronizationAccessToken /applications/{applicationsId}/synchronization/acquireAccessToken
synchronization: acquireAccessToken
Get-MgBetaServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/
List synchronization jobs
Get-MgBetaServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/{jobId}/
Get synchronizationJob
Get-MgBetaServicePrincipalSynchronizationJobSchema /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema
Get synchronizationSchema
Get-MgBetaServicePrincipalSynchronizationTemplate /servicePrincipals/{id}/synchronization/templates
List existing synchronization templates
Invoke-MgBetaFilterServicePrincipalSynchronizationJobSchemaOperator /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/filterOperators
synchronizationSchema: filterOperators
Invoke-MgBetaFunctionServicePrincipalSynchronizationJobSchema /servicePrincipals/{id}/synchronization/jobs/{jobId}/schema/functions
synchronizationSchema: functions
New-MgBetaServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/
Create synchronizationJob
New-MgBetaServicePrincipalSynchronizationJobOnDemand /servicePrincipals/{servicePrincipalsId}/synchronization/jobs/{synchronizationJobId}/provisionOnDemand
synchronizationJob: provisionOnDemand
Remove-MgBetaServicePrincipalSynchronizationJob /servicePrincipals/{id}/synchronization/jobs/{jobId}/
Delete synchronizationJob
Set-MgBetaServicePrincipalSynchronizationSecret /servicePrincipals/{id}/synchronization/secrets
Add synchronization secrets
Test-MgBetaServicePrincipalSynchronizationJobCredential /servicePrincipals/{id}/synchronization/jobs/{id}/validateCredentials
synchronizationJob: validateCredentials

Code Examples

C# / .NET SDK
Add synchronization secrets
View official example on Microsoft Learn
// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.ServicePrincipals.Item.Synchronization.Secrets;
using Microsoft.Graph.Models;

var requestBody = new SecretsPutRequestBody
{
	Value = new List<SynchronizationSecretKeyStringValuePair>
	{
		new SynchronizationSecretKeyStringValuePair
		{
			Key = SynchronizationSecret.BaseAddress,
			Value = "[email protected]",
		},
		new SynchronizationSecretKeyStringValuePair
		{
			Key = SynchronizationSecret.SecretToken,
			Value = "password-value",
		},
		new SynchronizationSecretKeyStringValuePair
		{
			Key = SynchronizationSecret.SyncNotificationSettings,
			Value = "{\"Enabled\":false,\"DeleteThresholdEnabled\":false}",
		},
		new SynchronizationSecretKeyStringValuePair
		{
			Key = SynchronizationSecret.SyncAll,
			Value = "false",
		},
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.ServicePrincipals["{servicePrincipal-id}"].Synchronization.Secrets.PutAsSecretsPutResponseAsync(requestBody);
JavaScript
Add synchronization secrets
View official example on Microsoft Learn
const options = {
	authProvider,
};

const client = Client.init(options);

const secrets = {
    value: [
        {
            key: 'BaseAddress',
            value: '[email protected]'
        },
        {
            key: 'SecretToken',
            value: 'password-value'
        },
        {
            key: 'SyncNotificationSettings',
            value: '{\"Enabled\':false,\'DeleteThresholdEnabled\':false}"
        },
        {
            key: 'SyncAll',
            value: 'false'
        }
    ]
};

await client.api('/servicePrincipals/{id}/synchronization/secrets')
	.put(secrets);
PowerShell
Add synchronization secrets
View official example on Microsoft Learn
Import-Module Microsoft.Graph.Applications

$params = @{
	value = @(
		@{
			key = "BaseAddress"
			value = "[email protected]"
		}
		@{
			key = "SecretToken"
			value = "password-value"
		}
		@{
			key = "SyncNotificationSettings"
			value = '{"Enabled":false,"DeleteThresholdEnabled":false}'
		}
		@{
			key = "SyncAll"
			value = "false"
		}
	)
}

Set-MgServicePrincipalSynchronizationSecret -ServicePrincipalId $servicePrincipalId -BodyParameter $params
Python
Add synchronization secrets
View official example on Microsoft Learn
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.serviceprincipals.item.synchronization.secrets.secrets_put_request_body import SecretsPutRequestBody
from msgraph.generated.models.synchronization_secret_key_string_value_pair import SynchronizationSecretKeyStringValuePair
from msgraph.generated.models.synchronization_secret import SynchronizationSecret
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = SecretsPutRequestBody(
	value = [
		SynchronizationSecretKeyStringValuePair(
			key = SynchronizationSecret.BaseAddress,
			value = "[email protected]",
		),
		SynchronizationSecretKeyStringValuePair(
			key = SynchronizationSecret.SecretToken,
			value = "password-value",
		),
		SynchronizationSecretKeyStringValuePair(
			key = SynchronizationSecret.SyncNotificationSettings,
			value = "{\"Enabled\":false,\"DeleteThresholdEnabled\":false}",
		),
		SynchronizationSecretKeyStringValuePair(
			key = SynchronizationSecret.SyncAll,
			value = "false",
		),
	],
)

result = await graph_client.service_principals.by_service_principal_id('servicePrincipal-id').synchronization.secrets.put(request_body)

App Registration

1

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

2

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

3

Select Permission Type

Choose Application permissions or delegated permissions and search for Synchronization.ReadWrite.All

4

Grant Admin Consent

Application permissions always require admin consent.