Escalations
These webhooks are triggered when a resource is found to be non-compliant and the responsible owners have not taken corrective action. Based on the associated policy, an escalation is initiated at a predefined time. The webhook that is triggered is the one specified within that policy.
HTTP Request
POST YourApiUrl
Content-Type: application/json
The payload content varies depending on the resource escalating.
- No Owner Escalation
This payload is sent to the webhook when an escalation for a Shared Mailbox with No Owners is applied.
{
"escalationType": 2,
"mailbox": {
"id": "bc7cb416-1234-1xw2x-yz34-1fe84daf41f3",
"displayName": "My Test Mailbox",
"mail": "mymailbox@mydomain.test",
"metadata": {
"additionalData": {}
},
"policy": {
"pId": "9a46cacb-1234-1xw2x-yz34-8f2d46be0fa5",
"noEsca": true
},
"schema": {
"ResourceType": "SharedMailbox",
"PolicyId": "9a46cacb-1234-1xw2x-yz34-8f2d46be0fa5",
"IsCompliant": false,
"HasOwners": false,
"AdditionalData": {},
"BackingStore": {
"ReturnOnlyChangedValues": false,
"InitializationCompleted": true
},
"OdataType": "#microsoft.graph.ComplexExtensionValue"
},
"isDirSynced": false
}
}
The escalationType indicates the type of policy that triggered an escalation. These escalation types correspond to specific governance or compliance policies applied to a resource (such as a shared mailbox, equipment mailbox, room mail box or distribution list). Not all policy types are necessarily applicable to every resource — their availability depends on the configuration, policy scope, and the type of resource in question.
Not all escalation types are applicable to all resources. Availability depends on the resource type and configured policies in the system.
- Mailbox Escalation Types
- Distribution List EscalationType
| escalationType | Policy Type | Description |
|---|---|---|
| 0 | Confirmation | The resource requires periodic confirmation of its continued relevance. |
| 1 | Minimum Owners | The number of owners is below the defined minimum threshold. |
| 2 | No Owners | The resource has no assigned owners. |
| 3 | Access Review | An access review policy requires verification of user access or permissions. |
| 4 | Mailbox Deleted On Premise | The resource was deleted on Premise server. |
| 6 | Template | The resource lacks mandatory template metadata. |
| escalationType | Policy Type | Description |
|---|---|---|
| 0 | Confirmation | The resource requires periodic confirmation of its continued relevance. |
| 1 | Minimum Owners | The number of owners is below the defined minimum threshold. |
| 3 | No Owners | The resource has no assigned owners. |
| 4 | Access Review | An access review policy requires verification of user access or permissions. |
| 5 | Template | The resource lacks mandatory template metadata. |
| 6 | Guest | The resource has been found to have guest accounts as members when it should not have. |
Response
A status 200 OK is expected with no body.