Set-EntraPolicy
Updates a policy.
Syntax
Default (Default)
Set-EntraPolicy
-Id <String>
[-Definition <System.Collections.Generic.List`1[System.String]>]
[-DisplayName <String>]
[-Type <String>]
[-IsOrganizationDefault <Boolean>]
[<CommonParameters>]
Description
The Set-EntraPolicy cmdlet sets a policy in Microsoft Entra ID. Specify Id parameter to updates specific policy.
Examples
Example 1: Update a policy display name
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$policy = Get-EntraPolicy | Where-Object { $_.DisplayName -eq 'Microsoft User Default Recommended Policy' }
Set-EntraPolicy -Id $policy.Id -DisplayName 'NewUpdated'
This command updates display name of the specified policy in Microsoft Entra ID.
-Idspecifies the ID of the policy for which you want to set values.DisplayNamespecifies the display name.
Example 2: Update a policy definition
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$policy = Get-EntraPolicy | Where-Object { $_.DisplayName -eq 'Microsoft User Default Recommended Policy' }
$definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')
Set-EntraPolicy -Id $policy.Id -Definition $definition
This command updates definition of the specified policy in Microsoft Entra ID.
-Idspecifies the ID of the policy for which you want to set values.Definitionspecifies the array of stringified JSON that contains all the rules of the policy. In this example,@('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')represents definition of the activityBasedTimeoutPolicy.
Example 3: Update a policy organization default
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$policy = Get-EntraPolicy | Where-Object { $_.DisplayName -eq 'Microsoft User Default Recommended Policy' }
Set-EntraPolicy -Id $policy.Id -IsOrganizationDefault $false
This command updates organization default of the specified policy in Microsoft Entra ID.
-Idspecifies the ID of the policy for which you want to set values.-IsOrganizationDefaultIf true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false.
Example 4: Update policy type
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$policy = Get-EntraPolicy | Where-Object { $_.DisplayName -eq 'Microsoft User Default Recommended Policy' }
Set-EntraPolicy -Id $policy.Id -Type 'ActivityBasedTimeoutPolicy'
This example demonstrates how to update the type property of a specified policy in Microsoft Entra ID.
-Idspecifies the ID of the policy for which you want to set values.-Typespecifies the type of policy. In this example,ActivityBasedTimeoutPolicyrepresents the type of policy.
Parameters
-Definition
Specifies the array of stringified JSON that contains all the rules of the policy. For example -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}').
Parameter properties
| Type: | System.Collections.Generic.List`1[System.String] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DisplayName
Specifies the display name.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Id
The ID of the policy for which you want to set values.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-IsOrganizationDefault
True if this policy is the organizational default.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Type
Specifies the type of policy. For token lifetimes, use "TokenLifetimePolicy."
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.