Skip to main content
Version: 1.6.0

Escalations

These webhooks are triggered when a resource is found to be non-compliant and the responsible owners have not taken corrective action. Based on the associated policy, an escalation is initiated at a predefined time. The webhook that is triggered is the one specified within that policy.

HTTP Request

POST YourApiUrl
Content-Type: application/json

The payload content varies depending on the resource escalating.

This payload is sent to the webhook when an escalation for a Shared Mailbox with No Owners is applied.

{
"escalationType": 2,
"mailbox": {
"id": "bc7cb416-1234-1xw2x-yz34-1fe84daf41f3",
"displayName": "My Test Mailbox",
"mail": "mymailbox@mydomain.test",
"metadata": {
"additionalData": {}
},
"policy": {
"pId": "9a46cacb-1234-1xw2x-yz34-8f2d46be0fa5",
"noEsca": true
},
"schema": {
"ResourceType": "SharedMailbox",
"PolicyId": "9a46cacb-1234-1xw2x-yz34-8f2d46be0fa5",
"IsCompliant": false,
"HasOwners": false,
"AdditionalData": {},
"BackingStore": {
"ReturnOnlyChangedValues": false,
"InitializationCompleted": true
},
"OdataType": "#microsoft.graph.ComplexExtensionValue"
},
"isDirSynced": false
}
}

The escalationType indicates the type of policy that triggered an escalation. These escalation types correspond to specific governance or compliance policies applied to a resource (such as a shared mailbox, equipment mailbox, room mail box or distribution list). Not all policy types are necessarily applicable to every resource — their availability depends on the configuration, policy scope, and the type of resource in question.

note

Not all escalation types are applicable to all resources. Availability depends on the resource type and configured policies in the system.

escalationTypePolicy TypeDescription
0ConfirmationThe resource requires periodic confirmation of its continued relevance.
1Minimum OwnersThe number of owners is below the defined minimum threshold.
2No OwnersThe resource has no assigned owners.
3Access ReviewAn access review policy requires verification of user access or permissions.
4Mailbox Deleted On PremiseThe resource was deleted on Premise server.
6TemplateThe resource lacks mandatory template metadata.

Response

A status 200 OK is expected with no body.