Microsoft identity platform: Developer Blog

Microsoft identity platform Azure AD

New Microsoft Graph endpoints in US Government cloud

We are happy to announce new Microsoft Graph endpoints for Microsoft Cloud for US Government. These new endpoints are specific to the US Government cloud and are segregated from the Microsoft worldwide cloud. They are fully compliant with US Government data classification levels such as DoD information impact level 4 and level 5.

When you should use the new Microsoft Graph endpoints

The US Government cloud is comprised of regions that cater to the special regulations needed by agencies like the Department of Defense, based on data classification. Microsoft Graph handles data that falls under the category of Level 4 and Level 5, which is subject to audit and compliance certifications.

You should use the new endpoints if you build an application that maintains or deals with US Government data. The endpoints provide a secure and compliant way for your application to manage data from government agencies and their end customers using Microsoft Graph.

What are the new Microsoft Graph endpoints?

  • Endpoint for Impact Level 4 (L4) or below: L4 covers data such as Controlled Unclassified Information (CUI) and/or other mission critical data that is used in direct support of military or contingency operations. It may also include data such as designated as For Official Use Only, Law Enforcement Sensitive, or Sensitive Security Information. Applications using data qualifying under L4 should use: https://graph.microsoft.us.
  • Endpoint for Impact Level 5 (L5): L5 accommodates data that is Controlled Unclassified Information (CUI) that may require a higher level of protection than afforded by L4 data. Severity of impact of data is considered by the information owner, law, or other government regulation. It can also be considered by the agency that owns the information and needing a higher level of protection than L4 provides. L5 data also covers unclassified National Security Systems. Applications using data qualifying under L5 should use: https://dod-graph.microsoft.us.

Learn more about Information Impact Levels.

Next steps

  • To build an application using Microsoft Graph in a US Government environment, please follow this sample.
  • To switch from the existing worldwide endpoint to the new endpoints, please follow these steps.
  • For more details, see Microsoft Graph in National Clouds.

We welcome your comments and suggestions to help us improve your Microsoft Graph experience in the Azure Government environment.

filter-icon