microsoftgraph
diff --git a/‎api-reference/beta/images/preview-label.png
497 Bytes b/‎api-reference/beta/images/preview-label.png
497 Bytes
diff --git a/‎api-reference/beta/resources/identity-network-access-overview.md
Lines changed: 15 additions & 11 deletions b/‎api-reference/beta/resources/identity-network-access-overview.md
Lines changed: 15 additions & 11 deletions
@@ -8,7 +8,7 @@ ms.subservice: entra-id
 author: FaithOmbongi
 ms.author: ombongifaith
 ms.reviewer: dkershaw10, krbash
-ms.date: 01/07/2025
+ms.date: 02/07/2025
 ---
 
 # Manage Microsoft Entra identity and network access by using Microsoft Graph
@@ -50,13 +50,13 @@ A core functionality of identity and access management is managing your tenant c
 | Retrieve BitLocker recovery keys | [bitlockerRecoveryKey resource type](bitlockerrecoverykey.md) and its associated APIs |
 | Manage custom security attributes | See [Overview of custom security attributes using the Microsoft Graph API](custom-security-attributes-overview.md) |
 | Manage deleted directory objects. The functionality to store deleted objects in a "recycle bin" is supported for the following objects: <li> Administrative units <li> Applications <li> Public key infrastructure<li> External user profiles <li> Groups <li> Pending external user profiles <li> Service principals <li> Users | <li> [Get](../api/directory-deleteditems-get.md) or [List](../api/directory-deleteditems-list.md) deleted objects <li> [Permanently delete](../api/directory-deleteditems-delete.md) a deleted object   <li> [Restore a deleted item](../api/directory-deleteditems-restore.md) <li> [List deleted items owned by user](../api/directory-deleteditems-getuserownedobjects.md) |
-| Manage devices in the cloud |<li> [device resource type](device.md) and its associated APIs <li> [deviceTemplate resource type](devicetemplate.md) and its associated APIs|
+| Manage devices in the cloud |<li> [device resource type](device.md) and its associated APIs <li> :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: [deviceTemplate resource type](devicetemplate.md) and its associated APIs|
 | View local administrator credential information for all device objects in Microsoft Entra ID that are enabled with Local Admin Password Solution (LAPS). This feature is the cloud-based LAPS solution | [deviceLocalCredentialInfo resource type](devicelocalcredentialinfo.md) and its associated APIs |
 | Directory objects are the core objects in Microsoft Entra ID, such as users, groups, and applications. You can use the directoryObject resource type and its associated APIs to check memberships of directory objects, track changes for multiple directory objects, or validate that a Microsoft 365 group's display name or mail nickname complies with naming policies | [directoryObject resource type](directoryobject.md) and its associated APIs |
 | Administrator roles, including Microsoft Entra administrator roles, are one of the most sensitive resources in a tenant. You can manage the lifecycle of their assignment in the tenant, including creating custom roles, assigning roles, tracking changes to role assignments, and removing assignees from roles | [directoryRole resource type](directoryrole.md)  and [directoryRoleTemplate resource type](directoryroletemplate.md) and their associated APIs <br/><br/> [roleManagement resource type](rolemanagement.md) and its associated APIs (**recommended**)<br/><br/> These APIs allow you to make direct role assignments. Alternatively, you can use Privileged Identity Management APIs for [Microsoft Entra roles](privilegedidentitymanagementv3-overview.md) and [groups](privilegedidentitymanagement-for-groups-api-overview.md) to make just-in-time and time-bound role assignments, instead of direct forever active assignments. |
 | Define the following configurations that can be used to customize the tenant-wide and object-specific restrictions and allowed behavior. <li> Settings for Microsoft 365 groups such as guest user access, classifications, and naming policies <li> Password rule settings such as banned password lists and lockout duration <li> Prohibited names for applications, reserved words, and blocking trademark violations <li> Custom conditional access policy URL <li> Consent policies such as user consent requests, group-specific consent, and consent for risky apps | [directorySetting resource type](directorysetting.md) and [directorySettingTemplate resource type](directorysettingtemplate.md)  and their associated APIs <br/><br/> For more information, see [Overview of group settings](/graph/group-directory-settings). |
 | Domain management operations such as: <li> associating a domain with your tenant <li> retrieving DNS records <li> verifying domain ownership <li> associating specific services with specific domains <li> deleting domains | [domain resource type](domain.md) and its associated APIs |
-| Manage the profile objects for external users that you're invited to collaborate via Teams. These APIs aren't similar to the invitation APIs for Microsoft Entra External ID B2B collaboration | [externalUserProfile resource type](externaluserprofile.md) and [pendingExternalUserProfile resource type](externaluserprofile.md) and their associated APIs |
+| Manage the profile objects for external users that you're invited to collaborate via Teams. These APIs aren't similar to the invitation APIs for Microsoft Entra External ID B2B collaboration :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only.":::| [externalUserProfile resource type](externaluserprofile.md) and [pendingExternalUserProfile resource type](externaluserprofile.md) and their associated APIs |
 | Configure and manage staged rollout of specific Microsoft Entra ID features | [featureRolloutPolicy resource type](featurerolloutpolicy.md) and its associated APIs |
 | Monitor licenses and subscriptions for the tenant | <li> [companySubscription resource type](companysubscription.md) and its associated APIs   <li> [subscribedSku resource type](subscribedsku.md) and its associated APIs |
 | Manage the policies for Mobile Device Management (MDM) and Mobile Application Management (MAM) autoenrollment for Microsoft Entra joined and registered devices | [mobilityManagementPolicy resource type](mobilitymanagementpolicy.md) and its associated APIs |
@@ -76,20 +76,20 @@ A core functionality of identity and access management is managing your tenant c
 | Configure listeners that monitor events that should trigger or invoke custom logic, typically defined outside Microsoft Entra ID | [authenticationEventListener resource type](authenticationeventlistener.md) and its associated APIs |
 | Manage authentication methods that are supported in Microsoft Entra ID | See [Microsoft Entra authentication methods API overview](authenticationmethods-overview.md) and [Microsoft Entra authentication methods policies API overview](authenticationmethodspolicies-overview.md) |
 | Manage the authentication methods or combinations of authentication methods that you can apply as grant control in Microsoft Entra Conditional Access | See [Microsoft Entra authentication strengths API overview](authenticationstrengths-overview.md) |
-| Customize the UI/UX in Azure AD B2C using the Identity Experience Framework (IEF) | [trustFrameworkKeySet resource type](trustframeworkkeyset.md) and [trustFrameworkPolicy resource type](trustframeworkpolicy.md) and their associated APIs |
-|Configure Continuous Access Evaluation (CAE), which allows access tokens to be revoked based on critical events and policy evaluation rather than relying on token expiry based on lifetime| [continuousAccessEvaluationPolicy resource type](continuousaccessevaluationpolicy.md) and its associated APIs|
+| Customize the UI/UX in Azure AD B2C using the Identity Experience Framework (IEF) :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: | [trustFrameworkKeySet resource type](trustframeworkkeyset.md) and [trustFrameworkPolicy resource type](trustframeworkpolicy.md) and their associated APIs |
+| Configure Continuous Access Evaluation (CAE), which allows access tokens to be revoked based on critical events and policy evaluation rather than relying on token expiry based on lifetime :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: | [continuousAccessEvaluationPolicy resource type](continuousaccessevaluationpolicy.md) and its associated APIs|
 | Manage the policies for certificate-based authentication in the tenant | [certificateBasedAuthConfiguration resource type](certificatebasedauthconfiguration.md) and its associated APIs |
 | Manage Microsoft Entra conditional access policies | [conditionalAccessRoot resource type](conditionalaccessroot.md) and its associated APIs |
 | Manage cross-tenant access settings and manage outbound restrictions, inbound restrictions, tenant restrictions, and cross-tenant synchronization of users in multitenant organizations | See [Cross-tenant access settings API overview](crosstenantaccesspolicy-overview.md) |
-| Manage the user profiles that are shared with you or external tenants using B2B direct connect, including removing and exporting personal data | [inboundSharedUserProfile resource type](inboundshareduserprofile.md) and [outboundSharedUserProfile resource type](outboundshareduserprofile.md) and their associated APIs |
+| Manage the user profiles that are shared with you or external tenants using B2B direct connect, including removing and exporting personal data :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: | [inboundSharedUserProfile resource type](inboundshareduserprofile.md) and [outboundSharedUserProfile resource type](outboundshareduserprofile.md) and their associated APIs |
 | Configure how and which external systems interact with Microsoft Entra ID during a user authentication session | [customAuthenticationExtension resource type](customauthenticationextension.md) and its associated APIs |
 | Manage requests against user data in the organization, such as exporting personal data | [dataPolicyOperation resource type](datapolicyoperation.md) and its associated APIs |
-|Configure the policies for managing Microsoft Entra join and Microsoft Entra register devices|[deviceRegistrationPolicy resource type](deviceregistrationpolicy.md) and its associated APIs|
-| Manage the tenant-wide policy that controls whether external users can leave a Microsoft Entra tenant via self-service controls, for example, through the **organizations** menu of the **My Account** portal | [externalIdentitiesPolicy resource type](externalidentitiespolicy.md) and its associated APIs |
+| Configure the policies for managing Microsoft Entra join and Microsoft Entra register devices :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: |[deviceRegistrationPolicy resource type](deviceregistrationpolicy.md) and its associated APIs|
+| Manage the tenant-wide policy that controls whether external users can leave a Microsoft Entra tenant via self-service controls, for example, through the **organizations** menu of the **My Account** portal :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: | [externalIdentitiesPolicy resource type](externalidentitiespolicy.md) and its associated APIs |
 |Force autoacceleration sign-in to skip the username entry screen and automatically forward users to federated sign-in endpoints |[homeRealmDiscoveryPolicy resource type](homerealmdiscoverypolicy.md) resource type and its associated APIs|
 | Detect, investigate, and remediate identity-based risks using Microsoft Entra ID Protection and feed the data into security information and event management (SIEM) tools for further investigation and correlation | See [Use the Microsoft Graph identity protection APIs](identityprotection-overview.md) |
 | Manage identity providers for Microsoft Entra ID, Microsoft Entra External ID, and Azure AD B2C tenants. You can perform the following operations: <li> Manage identity providers for external identities, including social identity providers, OIDC, Apple, SAML/WS-Fed, and built-in providers <li> Manage configuration for federated domains and token validation | [identityProviderBase resource type](identityproviderbase.md) and its associated APIs |
-| Stay informed about Microsoft Entra product lifecycle updates, including the product roadmap and change announcements | See <li>[changeItemBase resource type](changeitembase.md) and its associated APIs for product updates <li> [announcement resource type](announcement.md) and its associated APIs for change annoncements <li> [roadmap resource type](roadmap.md) and its associated APIs for product roadmap information  |
+| Stay informed about Microsoft Entra product lifecycle updates, including the product roadmap and change announcements :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: | See <li>[changeItemBase resource type](changeitembase.md) and its associated APIs for product updates <li> [announcement resource type](announcement.md) and its associated APIs for change annoncements <li> [roadmap resource type](roadmap.md) and its associated APIs for product roadmap information  |
 | Define a group of tenants belonging to your organization and streamline intra-organization cross-tenant collaboration | See [Multitenant organization API overview](multitenantorganization-overview.md) |
 | Customize sign-in UIs to match your company branding, including applying branding that's based on the browser language | [organizationalBranding resource type](organizationalbranding.md) and its associated APIs |
 | Configure trusted certificate authorities for certificates that can be assigned to apps and service principals in the tenant. | [certificateBasedApplicationConfiguration resource type](certificatebasedapplicationconfiguration.md) and its associated APIs |
@@ -99,7 +99,7 @@ A core functionality of identity and access management is managing your tenant c
 | **Other policies** | |
 |Manage tenant-wide authorization policies such as: <li> enable SSPR for administrator accounts <li>enable self-service join for guests <li> limit who can invite guests <li> whether users can consent to risky apps <li> block the use of MSOL <li> customize the default user permissions <li> identity private preview features enabled <li>Customize the guest user permissions between *User*, *Guest User*, and *Restricted Guest User*| [authorizationPolicy resource type](authorizationpolicy.md) and its associated APIs|
 |Manage app consent policies and condition sets|[permissionGrantPolicy resource type](permissiongrantpolicy.md)|
-|Manage app consent preapproval policies|[permissionGrantPreApprovalPolicy resource type](permissiongrantpreapprovalpolicy.md)|
+| Manage app consent preapproval policies :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: |[permissionGrantPreApprovalPolicy resource type](permissiongrantpreapprovalpolicy.md)|
 |Enable or disable security defaults in Microsoft Entra ID|[identitySecurityDefaultsEnforcementPolicy resource type](identitysecuritydefaultsenforcementpolicy.md)|
 
 ---
@@ -124,10 +124,14 @@ The following API use cases ar supported to customize how users interact with yo
 
 ## Multicloud permissions management
 
+:::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: 
+
 For more information, see [Discover, remediate, and monitor permissions in multicloud infrastructures using permissions management APIs](permissions-management-api-overview.md).
 
 ## Network access management
 
+:::image type="content" source="../images/preview-label.png" alt-text="Available on beta only.":::
+
 For more information, see [Secure access to cloud, public, and private apps using Microsoft Graph network access APIs](networkaccess-global-secure-access-api-overview.md).
 
 ## Partner tenant management
@@ -137,7 +141,7 @@ Microsoft Graph also provides the following identity and access capabilities for
 |-----------------------------------------------------|---------------------------------------------------------------|
 | Manage contracts for the partner with its customers | [contract resource type](contract.md) and its associated APIs |
 | Microsoft partners can empower their customers to ensure the partners have least privileged access to their customers' tenants. This feature gives extra control to customers over their security posture while allowing them to receive support from the Microsoft resellers | See [Granular delegated admin privileges (GDAP) API overview](delegatedadminrelationships-api-overview.md) |
-| Get detections and security alerts for unauthorized party abuse, account takeovers, and anomalous usage of Azure subscriptions in the customer tenants that you're responsible for. | See [Use the partner security alert API in Microsoft Graph](identity-network-access-overview.md) |
+| Get detections and security alerts for unauthorized party abuse, account takeovers, and anomalous usage of Azure subscriptions in the customer tenants that you're responsible for. :::image type="content" source="../images/preview-label.png" alt-text="Available on beta only."::: | See [Use the partner security alert API in Microsoft Graph](identity-network-access-overview.md) |
 
 ## Identity and access reports