missing keys in graph explorer output

[paulfedyk-phg]

Hello,

My Graph Explorer output is missing 'SyncAgentCompitabilityKey' and 'SyncAgentADContainer' when I run GET. Should I leave them out when posting "SkipOutOfScopeDeletions"?

Also, would this cover all out of scope accounts including guest access?

Thanks, Paul

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: 5ed55ea3-4271-367f-4cdb-2a8f7a38823a
• Version Independent ID: a795bdbb-ae07-87a6-71e4-681370f51d1a
• Content: Skip deletion of out of scope users in Azure Active Directory Application Provisioning - Microsoft Entra
• Content Source: articles/active-directory/app-provisioning/skip-out-of-scope-deletions.md
• Service: active-directory
• Sub-service: app-provisioning
• GitHub Login: @kenwith
• Microsoft Alias: kenwith

[SaibabaBalapur-MSFT]

@paulfedyk-phg Thanks for your feedback! We will investigate and update as appropriate.

[RamanathanChinnappan-MSFT]

@paulfedyk-phg

Thank you for bringing this to our attention!! 1, if the output of your GET request is missing 'SyncAgentCompitabilityKey' and 'SyncAgentADContainer', you can leave them out when posting "SkipOutOfScopeDeletions".

2, the "SkipOutOfScopeDeletions" flag is used to override the default behavior of de-provisioning out of scope users in Azure Active Directory. By default, the Azure AD provisioning engine soft deletes or disables users that go out of scope. However, for certain scenarios like Workday to AD User Inbound Provisioning, this behavior may not be the expected and you may want to override this default behavior1.

This flag is set at the Provisioning App level and can be configured using the Graph API1. It is not related to guest access.

[RamanathanChinnappan-MSFT]

@paulfedyk-phg We are going to close this thread.if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.