| _key | core | string | |
| accepted_senders | core | json | The list of users or groups allowed to create posts or calendar events in this group. If this list is nonempty, then only users or groups listed here are allowed to post. |
| allow_external_senders | core | bool | Indicates if people external to the organization can send messages to the group. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| app_role_assignments | core | json | Represents the app roles granted to a group for an application. Supports $expand. |
| assigned_labels | core | json | The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on $select. This property can be updated only in delegated scenarios where the caller requires both the Microsoft Graph permission and a supported administrator role. |
| assigned_licenses | core | json | The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. |
| auto_subscribe_new_members | core | bool | Indicates if new members added to the group are autosubscribed to receive email notifications. You can set this property in a PATCH request for the group; don't set it in the initial POST request that creates the group. Default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| classification | core | string | Describes a classification for the group (such as low, medium, or high business impact). Valid values for this property are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). |
| conversations | core | json | The group's conversations. |
| created_date_time | core | string | Timestamp of when the group was created. The value can't be modified and is automatically populated when the group is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. |
| created_on_behalf_of | core | json | The user (or application) that created the group. NOTE: This property isn't set if the user is an administrator. Read-only. |
| deleted_date_time | core | string | Date and time when this object was deleted. Always null when the object hasn't been deleted. |
| description | core | string | An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. |
| expiration_date_time | core | string | Timestamp of when the group is set to expire. It's null for security groups, but for Microsoft 365 groups, it represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. |
| extensions | core | json | The collection of open extensions defined for the group. Read-only. Nullable. |
| group_lifecycle_policies | core | json | The collection of lifecycle policies for this group. Read-only. Nullable. |
| group_types | core | array<string> | Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. Supports $filter (eq, not). |
| has_members_with_license_errors | core | bool | Indicates whether there are members in this group that have license errors from its group-based license assignment. This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have members with license errors (that is, filter for this property being true). See an example. Supports $filter (eq). |
| hide_from_address_lists | core | bool | True if the group isn't displayed in certain parts of the Outlook UI: the Address Book, address lists for selecting message recipients, and the Browse Groups dialog for searching groups; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| hide_from_outlook_clients | core | bool | True if the group isn't displayed in Outlook clients, such as Outlook for Windows and Outlook on the web; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| id | core | string | The unique identifier for an entity. Read-only. |
| is_archived | core | bool | When a group is associated with a team, this property determines whether the team is in read-only mode.To read this property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and unarchiveTeam APIs. |
| is_assignable_to_role | core | bool | Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility must be Hidden, and the group can't be a dynamic group (that is, groupTypes can't contain DynamicMembership). Only callers with at least the Privileged Role Administrator role can set this property. The caller must also be assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such groups. For more, see Using a group to manage Microsoft Entra role assignmentsUsing this feature requires a Microsoft Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). |
| is_management_restricted | core | bool | Indicates whether the group is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a group member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. |
| is_subscribed_by_mail | core | bool | Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| license_processing_state | core | string | |
| location | core | string | |
| mail | core | string | The SMTP address for the group, for example, 'serviceadmins@contoso.com'. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| mail_enabled | core | bool | Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not). |
| mail_nickname | core | string | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the ASCII character set 0 - 127 except the following characters: @ () / [] ' ; : <> , SPACE. Required. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| member_of | core | json | Groups that this group is a member of. HTTP Methods: GET (supported for all groups). Read-only. Nullable. Supports $expand. |
| members | core | json | The members of this group, who can be users, devices, other groups, or service principals. Supports the List members, Add member, and Remove member operations. Nullable. Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=members($select=id,userPrincipalName,displayName). |
| members_with_license_errors | core | json | A list of group members with license errors from this group-based license assignment. Read-only. |
| membership_rule | core | string | The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). |
| membership_rule_processing_state | core | string | Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by default. Supports $filter (eq, ne, not, in). |
| name | core | string | |
| on_premises_domain_name | core | string | Contains the on-premises domain FQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. |
| on_premises_last_sync_date_time | core | string | Indicates the last time at which the group was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). |
| on_premises_net_bios_name | core | string | Contains the on-premises netBios name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. |
| on_premises_provisioning_errors | core | json | Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, not). |
| on_premises_sam_account_name | core | string | Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. |
| on_premises_security_identifier | core | string | Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Read-only. Returned by default. Supports $filter (eq including on null values). |
| on_premises_sync_enabled | core | bool | true if this group is synced from an on-premises directory; false if this group was originally synced from an on-premises directory but is no longer synced; null if this object has never synced from an on-premises directory (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). |
| onenote | core | json | |
| owners | core | json | The owners of the group who can be users or service principals. Limited to 100 owners. Nullable. If this property isn't specified when creating a Microsoft 365 group the calling user (admin or non-admin) is automatically assigned as the group owner. A non-admin user can't explicitly add themselves to this collection when they're creating the group. For more information, see the related known issue. For security groups, the admin user isn't automatically added to this collection. For more information, see the related known issue. Supports $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1); Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=owners($select=id,userPrincipalName,displayName). |
| permission_grants | core | json | |
| photo | core | json | The group's profile photo |
| photos | core | json | The profile photos owned by the group. Read-only. Nullable. |
| planner | core | json | Entry-point to Planner resource that might exist for a Unified Group. |
| preferred_data_location | core | string | The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the user be assigned at least one of the following Microsoft Entra roles: User Account Administrator Directory Writer Exchange Administrator SharePoint Administrator For more information about this property, see OneDrive Online Multi-Geo. Nullable. Returned by default. |
| preferred_language | core | string | The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| proxy_addresses | core | array<string> | Email addresses for the group that direct to the same group mailbox. For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. The any operator is required to filter expressions on multi-valued properties. Returned by default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). |
| rejected_senders | core | json | The list of users or groups not allowed to create posts or calendar events in this group. Nullable |
| renewed_date_time | core | string | Timestamp of when the group was last renewed. This value can't be modified directly and is only updated via the renew service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. |
| resource_group | core | string | |
| security_enabled | core | bool | Specifies whether the group is a security group. Required. Returned by default. Supports $filter (eq, ne, not, in). |
| security_identifier | core | string | Security identifier of the group, used in Windows scenarios. Read-only. Returned by default. |
| service_provisioning_errors | core | json | Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a group object. Supports $filter (eq, not, for isResolved and serviceInstance). |
| settings | core | json | Settings that can govern this group's behavior, like whether members can invite guests to the group. Nullable. |
| subscription_id | core | string | |
| subscription_name | core | string | |
| tags | core | hstore_csv | |
| theme | core | string | Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange, or Red. Returned by default. |
| threads | core | json | The group's conversation threads. Nullable. |
| transitive_member_of | core | json | The groups that a group is a member of, either directly or through nested membership. Nullable. |
| transitive_members | core | json | The direct and transitive members of a group. Nullable. |
| unique_name | core | string | The unique identifier that can be assigned to a group and used as an alternate key. Immutable. Read-only. |
| unseen_count | core | int64 | Count of conversations that received new posts since the signed-in user last visited the group. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| visibility | core | string | Specifies the group join policy and group content visibility for groups. Possible values are: Private, Public, or HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be updated later. Other values of visibility can be updated after group creation. If visibility value isn't specified during group creation on Microsoft Graph, a security group is created as Private by default, and the Microsoft 365 group is Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned by default. Nullable. |
