Die APIs unter der /beta Version in Microsoft Graph können sich ändern. Die Verwendung dieser APIs in Produktionsanwendungen wird nicht unterstützt. Um festzustellen, ob eine API in v1.0 verfügbar ist, verwenden Sie die Version Selektor.
Wählen Sie die Berechtigungen aus, die für diese API als am wenigsten privilegiert markiert sind. Verwenden Sie eine höhere Berechtigung oder Berechtigungen nur, wenn Ihre App dies erfordert. Ausführliche Informationen zu delegierten Berechtigungen und Anwendungsberechtigungen finden Sie unter Berechtigungstypen. Weitere Informationen zu diesen Berechtigungen finden Sie in der Berechtigungsreferenz.
Berechtigungstyp
Berechtigungen mit den geringsten Berechtigungen
Berechtigungen mit höheren Berechtigungen
Delegiert (Geschäfts-, Schul- oder Unikonto)
AccessReview.ReadWrite.All
Nicht verfügbar.
Delegiert (persönliches Microsoft-Konto)
Nicht unterstützt
Nicht unterstützt
Anwendung
AccessReview.ReadWrite.All
Nicht verfügbar.
Wichtig
In delegierten Szenarien mit Geschäfts-, Schul- oder Unikonten muss dem angemeldeten Benutzer eine unterstützte Microsoft Entra Rolle oder eine benutzerdefinierte Rolle mit einer unterstützten Rollenberechtigung zugewiesen werden. Die folgenden Rollen mit den geringsten Berechtigungen werden für diesen Vorgang unterstützt.
So schreiben Sie Zugriffsüberprüfungen für eine Gruppe oder App: Benutzeradministrator, Identity Governance-Administrator
So schreiben Sie Zugriffsüberprüfungen für eine Microsoft Entra Rolle: Identity Governance-Administrator, Administrator für privilegierte Rollen
HTTP-Anforderung
POST /identityGovernance/accessReviews/definitions
Definiert die Liste der zusätzlichen Benutzer oder Gruppenmitglieder, die über den Fortschritt der Zugriffsüberprüfung benachrichtigt werden sollen.
descriptionForAdmins
String
Kontext der Überprüfung, die Administratoren zur Verfügung gestellt wird. Erforderlich.
descriptionForReviewers
String
Kontext der Überprüfung, die Prüfern in E-Mail-Benachrichtigungen zur Verfügung gestellt wird. Email Benachrichtigungen unterstützen bis zu 256 Zeichen. Erforderlich.
Falls angegeben, werden die Fallbackprüfer aufgefordert, eine Überprüfung abzuschließen, wenn die primären Prüfer nicht vorhanden sind. Wenn z. B. Manager als reviewers ausgewählt werden und ein zu überprüfener Prinzipal keinen Vorgesetzten in Microsoft Entra ID hat, werden die Fallbackprüfer aufgefordert, diesen Prinzipal zu überprüfen.
ANMERKUNG: Der Wert dieser Eigenschaft wird ignoriert, wenn Fallbackprüfer über die stageSettings-Eigenschaft zugewiesen werden.
Definiert, wie viele Phasen jede instance einer Zugriffsüberprüfungsreihe haben wird. Phasen werden sequenziell basierend auf der dependsOn-Eigenschaft erstellt. Jede Phase kann einen anderen Satz von Prüfern, Fallbackprüfern und Einstellungen aufweisen.
Wenn diese Eigenschaft definiert ist, werden ihre Werte anstelle der entsprechenden Werte im accessReviewScheduleDefinition-Objekt und dessen settings-Eigenschaft verwendet. Optional.
Die Einstellungen für eine Zugriffsüberprüfungsreihe. Die Wiederholung wird hier bestimmt. Weitere Informationen finden Sie unter accessReviewScheduleSettings.
Diese Eigenschaft wurde durch fallbackReviewers ersetzt. Wenn Sie jedoch entweder backupReviewers oder fallbackReviewers angeben, werden die gleichen Werte automatisch für die andere Eigenschaft aufgefüllt.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessReviewScheduleDefinition
{
DisplayName = "Test create",
DescriptionForAdmins = "New scheduled access review",
DescriptionForReviewers = "If you have any questions, contact jerry@contoso.com",
Scope = new AccessReviewQueryScope
{
OdataType = "#microsoft.graph.accessReviewQueryScope",
Query = "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers",
QueryType = "MicrosoftGraph",
},
Reviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/users/398164b1-5196-49dd-ada2-364b49f99b27",
QueryType = "MicrosoftGraph",
},
},
Settings = new AccessReviewScheduleSettings
{
MailNotificationsEnabled = true,
ReminderNotificationsEnabled = true,
JustificationRequiredOnApproval = true,
DefaultDecisionEnabled = false,
DefaultDecision = "None",
InstanceDurationInDays = 1,
RecommendationsEnabled = true,
Recurrence = new PatternedRecurrence
{
Pattern = new RecurrencePattern
{
Type = RecurrencePatternType.Weekly,
Interval = 1,
},
Range = new RecurrenceRange
{
Type = RecurrenceRangeType.NoEnd,
StartDate = new Date(DateTime.Parse("2020-09-08T12:02:30.667Z")),
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.AccessReviews.Definitions.PostAsync(requestBody);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessReviewScheduleDefinition()
displayName := "Test create"
requestBody.SetDisplayName(&displayName)
descriptionForAdmins := "New scheduled access review"
requestBody.SetDescriptionForAdmins(&descriptionForAdmins)
descriptionForReviewers := "If you have any questions, contact jerry@contoso.com"
requestBody.SetDescriptionForReviewers(&descriptionForReviewers)
scope := graphmodels.NewAccessReviewQueryScope()
query := "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers"
scope.SetQuery(&query)
queryType := "MicrosoftGraph"
scope.SetQueryType(&queryType)
requestBody.SetScope(scope)
accessReviewReviewerScope := graphmodels.NewAccessReviewReviewerScope()
query := "/users/398164b1-5196-49dd-ada2-364b49f99b27"
accessReviewReviewerScope.SetQuery(&query)
queryType := "MicrosoftGraph"
accessReviewReviewerScope.SetQueryType(&queryType)
reviewers := []graphmodels.AccessReviewReviewerScopeable {
accessReviewReviewerScope,
}
requestBody.SetReviewers(reviewers)
settings := graphmodels.NewAccessReviewScheduleSettings()
mailNotificationsEnabled := true
settings.SetMailNotificationsEnabled(&mailNotificationsEnabled)
reminderNotificationsEnabled := true
settings.SetReminderNotificationsEnabled(&reminderNotificationsEnabled)
justificationRequiredOnApproval := true
settings.SetJustificationRequiredOnApproval(&justificationRequiredOnApproval)
defaultDecisionEnabled := false
settings.SetDefaultDecisionEnabled(&defaultDecisionEnabled)
defaultDecision := "None"
settings.SetDefaultDecision(&defaultDecision)
instanceDurationInDays := int32(1)
settings.SetInstanceDurationInDays(&instanceDurationInDays)
recommendationsEnabled := true
settings.SetRecommendationsEnabled(&recommendationsEnabled)
recurrence := graphmodels.NewPatternedRecurrence()
pattern := graphmodels.NewRecurrencePattern()
type := graphmodels.WEEKLY_RECURRENCEPATTERNTYPE
pattern.SetType(&type)
interval := int32(1)
pattern.SetInterval(&interval)
recurrence.SetPattern(pattern)
range := graphmodels.NewRecurrenceRange()
type := graphmodels.NOEND_RECURRENCERANGETYPE
range.SetType(&type)
startDate := 2020-09-08T12:02:30.667Z
range.SetStartDate(&startDate)
recurrence.SetRange(range)
settings.SetRecurrence(recurrence)
requestBody.SetSettings(settings)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
definitions, err := graphClient.IdentityGovernance().AccessReviews().Definitions().Post(context.Background(), requestBody, nil)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessReviewScheduleDefinition accessReviewScheduleDefinition = new AccessReviewScheduleDefinition();
accessReviewScheduleDefinition.setDisplayName("Test create");
accessReviewScheduleDefinition.setDescriptionForAdmins("New scheduled access review");
accessReviewScheduleDefinition.setDescriptionForReviewers("If you have any questions, contact jerry@contoso.com");
AccessReviewQueryScope scope = new AccessReviewQueryScope();
scope.setOdataType("#microsoft.graph.accessReviewQueryScope");
scope.setQuery("/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers");
scope.setQueryType("MicrosoftGraph");
accessReviewScheduleDefinition.setScope(scope);
LinkedList<AccessReviewReviewerScope> reviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope = new AccessReviewReviewerScope();
accessReviewReviewerScope.setQuery("/users/398164b1-5196-49dd-ada2-364b49f99b27");
accessReviewReviewerScope.setQueryType("MicrosoftGraph");
reviewers.add(accessReviewReviewerScope);
accessReviewScheduleDefinition.setReviewers(reviewers);
AccessReviewScheduleSettings settings = new AccessReviewScheduleSettings();
settings.setMailNotificationsEnabled(true);
settings.setReminderNotificationsEnabled(true);
settings.setJustificationRequiredOnApproval(true);
settings.setDefaultDecisionEnabled(false);
settings.setDefaultDecision("None");
settings.setInstanceDurationInDays(1);
settings.setRecommendationsEnabled(true);
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.setType(RecurrencePatternType.Weekly);
pattern.setInterval(1);
recurrence.setPattern(pattern);
RecurrenceRange range = new RecurrenceRange();
range.setType(RecurrenceRangeType.NoEnd);
LocalDate startDate = LocalDate.parse("2020-09-08T12:02:30.667Z");
range.setStartDate(startDate);
recurrence.setRange(range);
settings.setRecurrence(recurrence);
accessReviewScheduleDefinition.setSettings(settings);
AccessReviewScheduleDefinition result = graphClient.identityGovernance().accessReviews().definitions().post(accessReviewScheduleDefinition);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleDefinition;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewQueryScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewReviewerScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleSettings;
use Microsoft\Graph\Beta\Generated\Models\PatternedRecurrence;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePattern;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePatternType;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRange;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRangeType;
use Microsoft\Kiota\Abstractions\Types\Date;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessReviewScheduleDefinition();
$requestBody->setDisplayName('Test create');
$requestBody->setDescriptionForAdmins('New scheduled access review');
$requestBody->setDescriptionForReviewers('If you have any questions, contact jerry@contoso.com');
$scope = new AccessReviewQueryScope();
$scope->setOdataType('#microsoft.graph.accessReviewQueryScope');
$scope->setQuery('/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers');
$scope->setQueryType('MicrosoftGraph');
$requestBody->setScope($scope);
$reviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$reviewersAccessReviewReviewerScope1->setQuery('/users/398164b1-5196-49dd-ada2-364b49f99b27');
$reviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$reviewersArray []= $reviewersAccessReviewReviewerScope1;
$requestBody->setReviewers($reviewersArray);
$settings = new AccessReviewScheduleSettings();
$settings->setMailNotificationsEnabled(true);
$settings->setReminderNotificationsEnabled(true);
$settings->setJustificationRequiredOnApproval(true);
$settings->setDefaultDecisionEnabled(false);
$settings->setDefaultDecision('None');
$settings->setInstanceDurationInDays(1);
$settings->setRecommendationsEnabled(true);
$settingsRecurrence = new PatternedRecurrence();
$settingsRecurrencePattern = new RecurrencePattern();
$settingsRecurrencePattern->setType(new RecurrencePatternType('weekly'));
$settingsRecurrencePattern->setInterval(1);
$settingsRecurrence->setPattern($settingsRecurrencePattern);
$settingsRecurrenceRange = new RecurrenceRange();
$settingsRecurrenceRange->setType(new RecurrenceRangeType('noEnd'));
$settingsRecurrenceRange->setStartDate(new Date('2020-09-08T12:02:30.667Z'));
$settingsRecurrence->setRange($settingsRecurrenceRange);
$settings->setRecurrence($settingsRecurrence);
$requestBody->setSettings($settings);
$result = $graphServiceClient->identityGovernance()->accessReviews()->definitions()->post($requestBody)->wait();
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_review_schedule_definition import AccessReviewScheduleDefinition
from msgraph_beta.generated.models.access_review_query_scope import AccessReviewQueryScope
from msgraph_beta.generated.models.access_review_reviewer_scope import AccessReviewReviewerScope
from msgraph_beta.generated.models.access_review_schedule_settings import AccessReviewScheduleSettings
from msgraph_beta.generated.models.patterned_recurrence import PatternedRecurrence
from msgraph_beta.generated.models.recurrence_pattern import RecurrencePattern
from msgraph_beta.generated.models.recurrence_pattern_type import RecurrencePatternType
from msgraph_beta.generated.models.recurrence_range import RecurrenceRange
from msgraph_beta.generated.models.recurrence_range_type import RecurrenceRangeType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessReviewScheduleDefinition(
display_name = "Test create",
description_for_admins = "New scheduled access review",
description_for_reviewers = "If you have any questions, contact jerry@contoso.com",
scope = AccessReviewQueryScope(
odata_type = "#microsoft.graph.accessReviewQueryScope",
query = "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers",
query_type = "MicrosoftGraph",
),
reviewers = [
AccessReviewReviewerScope(
query = "/users/398164b1-5196-49dd-ada2-364b49f99b27",
query_type = "MicrosoftGraph",
),
],
settings = AccessReviewScheduleSettings(
mail_notifications_enabled = True,
reminder_notifications_enabled = True,
justification_required_on_approval = True,
default_decision_enabled = False,
default_decision = "None",
instance_duration_in_days = 1,
recommendations_enabled = True,
recurrence = PatternedRecurrence(
pattern = RecurrencePattern(
type = RecurrencePatternType.Weekly,
interval = 1,
),
range = RecurrenceRange(
type = RecurrenceRangeType.NoEnd,
start_date = "2020-09-08T12:02:30.667Z",
),
),
),
)
result = await graph_client.identity_governance.access_reviews.definitions.post(request_body)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Beispiel 2: Erstellen einer Zugriffsüberprüfung für alle Teams mit inaktiven Gastbenutzern
Im folgenden Beispiel wird eine Zugriffsüberprüfung mit den folgenden Einstellungen erstellt:
Die Überprüfung überprüft alle Teams mit inaktiven Gastbenutzern. Der Zeitraum der Inaktivität beträgt 30 Tage ab dem Startdatum der Zugriffsüberprüfung.
Die Gruppenbesitzer sind die Prüfer, und Fallbackprüfer sind zugewiesen.
Es wird am dritten Tag jedes Quartals wiederholt und auf unbestimmte Zeit fortgesetzt.
autoApplyDecisionsEnabled ist auf true festgelegt, wobei defaultDecision auf Denyfestgelegt ist.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessReviewScheduleDefinition
{
DisplayName = "Review inactive guests on teams",
DescriptionForAdmins = "Control guest user access to our teams.",
DescriptionForReviewers = "Information security is everyone's responsibility. Review our access policy for more.",
InstanceEnumerationScope = new AccessReviewQueryScope
{
OdataType = "#microsoft.graph.accessReviewQueryScope",
Query = "/groups?$filter=(groupTypes/any(c:c+eq+'Unified') and resourceProvisioningOptions/Any(x:x eq 'Team')')",
QueryType = "MicrosoftGraph",
},
Scope = new AccessReviewInactiveUsersQueryScope
{
OdataType = "#microsoft.graph.accessReviewInactiveUsersQueryScope",
Query = "./members/microsoft.graph.user/?$filter=(userType eq 'Guest')",
QueryType = "MicrosoftGraph",
InactiveDuration = TimeSpan.Parse("P30D"),
},
Reviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "./owners",
QueryType = "MicrosoftGraph",
},
},
FallbackReviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/users/fc9a2c2b-1ddc-486d-a211-5fe8ca77fa1f",
QueryType = "MicrosoftGraph",
},
},
Settings = new AccessReviewScheduleSettings
{
MailNotificationsEnabled = true,
ReminderNotificationsEnabled = true,
JustificationRequiredOnApproval = true,
RecommendationsEnabled = true,
InstanceDurationInDays = 3,
Recurrence = new PatternedRecurrence
{
Pattern = new RecurrencePattern
{
Type = RecurrencePatternType.AbsoluteMonthly,
DayOfMonth = 5,
Interval = 3,
},
Range = new RecurrenceRange
{
Type = RecurrenceRangeType.NoEnd,
StartDate = new Date(DateTime.Parse("2020-05-04T00:00:00.000Z")),
},
},
DefaultDecisionEnabled = true,
DefaultDecision = "Deny",
AutoApplyDecisionsEnabled = true,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.AccessReviews.Definitions.PostAsync(requestBody);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessReviewScheduleDefinition()
displayName := "Review inactive guests on teams"
requestBody.SetDisplayName(&displayName)
descriptionForAdmins := "Control guest user access to our teams."
requestBody.SetDescriptionForAdmins(&descriptionForAdmins)
descriptionForReviewers := "Information security is everyone's responsibility. Review our access policy for more."
requestBody.SetDescriptionForReviewers(&descriptionForReviewers)
instanceEnumerationScope := graphmodels.NewAccessReviewQueryScope()
query := "/groups?$filter=(groupTypes/any(c:c+eq+'Unified') and resourceProvisioningOptions/Any(x:x eq 'Team')')"
instanceEnumerationScope.SetQuery(&query)
queryType := "MicrosoftGraph"
instanceEnumerationScope.SetQueryType(&queryType)
requestBody.SetInstanceEnumerationScope(instanceEnumerationScope)
scope := graphmodels.NewAccessReviewInactiveUsersQueryScope()
query := "./members/microsoft.graph.user/?$filter=(userType eq 'Guest')"
scope.SetQuery(&query)
queryType := "MicrosoftGraph"
scope.SetQueryType(&queryType)
inactiveDuration , err := abstractions.ParseISODuration("P30D")
scope.SetInactiveDuration(&inactiveDuration)
requestBody.SetScope(scope)
accessReviewReviewerScope := graphmodels.NewAccessReviewReviewerScope()
query := "./owners"
accessReviewReviewerScope.SetQuery(&query)
queryType := "MicrosoftGraph"
accessReviewReviewerScope.SetQueryType(&queryType)
reviewers := []graphmodels.AccessReviewReviewerScopeable {
accessReviewReviewerScope,
}
requestBody.SetReviewers(reviewers)
accessReviewReviewerScope := graphmodels.NewAccessReviewReviewerScope()
query := "/users/fc9a2c2b-1ddc-486d-a211-5fe8ca77fa1f"
accessReviewReviewerScope.SetQuery(&query)
queryType := "MicrosoftGraph"
accessReviewReviewerScope.SetQueryType(&queryType)
fallbackReviewers := []graphmodels.AccessReviewReviewerScopeable {
accessReviewReviewerScope,
}
requestBody.SetFallbackReviewers(fallbackReviewers)
settings := graphmodels.NewAccessReviewScheduleSettings()
mailNotificationsEnabled := true
settings.SetMailNotificationsEnabled(&mailNotificationsEnabled)
reminderNotificationsEnabled := true
settings.SetReminderNotificationsEnabled(&reminderNotificationsEnabled)
justificationRequiredOnApproval := true
settings.SetJustificationRequiredOnApproval(&justificationRequiredOnApproval)
recommendationsEnabled := true
settings.SetRecommendationsEnabled(&recommendationsEnabled)
instanceDurationInDays := int32(3)
settings.SetInstanceDurationInDays(&instanceDurationInDays)
recurrence := graphmodels.NewPatternedRecurrence()
pattern := graphmodels.NewRecurrencePattern()
type := graphmodels.ABSOLUTEMONTHLY_RECURRENCEPATTERNTYPE
pattern.SetType(&type)
dayOfMonth := int32(5)
pattern.SetDayOfMonth(&dayOfMonth)
interval := int32(3)
pattern.SetInterval(&interval)
recurrence.SetPattern(pattern)
range := graphmodels.NewRecurrenceRange()
type := graphmodels.NOEND_RECURRENCERANGETYPE
range.SetType(&type)
startDate := 2020-05-04T00:00:00.000Z
range.SetStartDate(&startDate)
recurrence.SetRange(range)
settings.SetRecurrence(recurrence)
defaultDecisionEnabled := true
settings.SetDefaultDecisionEnabled(&defaultDecisionEnabled)
defaultDecision := "Deny"
settings.SetDefaultDecision(&defaultDecision)
autoApplyDecisionsEnabled := true
settings.SetAutoApplyDecisionsEnabled(&autoApplyDecisionsEnabled)
requestBody.SetSettings(settings)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
definitions, err := graphClient.IdentityGovernance().AccessReviews().Definitions().Post(context.Background(), requestBody, nil)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessReviewScheduleDefinition accessReviewScheduleDefinition = new AccessReviewScheduleDefinition();
accessReviewScheduleDefinition.setDisplayName("Review inactive guests on teams");
accessReviewScheduleDefinition.setDescriptionForAdmins("Control guest user access to our teams.");
accessReviewScheduleDefinition.setDescriptionForReviewers("Information security is everyone's responsibility. Review our access policy for more.");
AccessReviewQueryScope instanceEnumerationScope = new AccessReviewQueryScope();
instanceEnumerationScope.setOdataType("#microsoft.graph.accessReviewQueryScope");
instanceEnumerationScope.setQuery("/groups?$filter=(groupTypes/any(c:c+eq+'Unified') and resourceProvisioningOptions/Any(x:x eq 'Team')')");
instanceEnumerationScope.setQueryType("MicrosoftGraph");
accessReviewScheduleDefinition.setInstanceEnumerationScope(instanceEnumerationScope);
AccessReviewInactiveUsersQueryScope scope = new AccessReviewInactiveUsersQueryScope();
scope.setOdataType("#microsoft.graph.accessReviewInactiveUsersQueryScope");
scope.setQuery("./members/microsoft.graph.user/?$filter=(userType eq 'Guest')");
scope.setQueryType("MicrosoftGraph");
PeriodAndDuration inactiveDuration = PeriodAndDuration.ofDuration(Duration.parse("P30D"));
scope.setInactiveDuration(inactiveDuration);
accessReviewScheduleDefinition.setScope(scope);
LinkedList<AccessReviewReviewerScope> reviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope = new AccessReviewReviewerScope();
accessReviewReviewerScope.setQuery("./owners");
accessReviewReviewerScope.setQueryType("MicrosoftGraph");
reviewers.add(accessReviewReviewerScope);
accessReviewScheduleDefinition.setReviewers(reviewers);
LinkedList<AccessReviewReviewerScope> fallbackReviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope1 = new AccessReviewReviewerScope();
accessReviewReviewerScope1.setQuery("/users/fc9a2c2b-1ddc-486d-a211-5fe8ca77fa1f");
accessReviewReviewerScope1.setQueryType("MicrosoftGraph");
fallbackReviewers.add(accessReviewReviewerScope1);
accessReviewScheduleDefinition.setFallbackReviewers(fallbackReviewers);
AccessReviewScheduleSettings settings = new AccessReviewScheduleSettings();
settings.setMailNotificationsEnabled(true);
settings.setReminderNotificationsEnabled(true);
settings.setJustificationRequiredOnApproval(true);
settings.setRecommendationsEnabled(true);
settings.setInstanceDurationInDays(3);
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.setType(RecurrencePatternType.AbsoluteMonthly);
pattern.setDayOfMonth(5);
pattern.setInterval(3);
recurrence.setPattern(pattern);
RecurrenceRange range = new RecurrenceRange();
range.setType(RecurrenceRangeType.NoEnd);
LocalDate startDate = LocalDate.parse("2020-05-04T00:00:00.000Z");
range.setStartDate(startDate);
recurrence.setRange(range);
settings.setRecurrence(recurrence);
settings.setDefaultDecisionEnabled(true);
settings.setDefaultDecision("Deny");
settings.setAutoApplyDecisionsEnabled(true);
accessReviewScheduleDefinition.setSettings(settings);
AccessReviewScheduleDefinition result = graphClient.identityGovernance().accessReviews().definitions().post(accessReviewScheduleDefinition);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleDefinition;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewQueryScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewInactiveUsersQueryScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewReviewerScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleSettings;
use Microsoft\Graph\Beta\Generated\Models\PatternedRecurrence;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePattern;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePatternType;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRange;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRangeType;
use Microsoft\Kiota\Abstractions\Types\Date;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessReviewScheduleDefinition();
$requestBody->setDisplayName('Review inactive guests on teams');
$requestBody->setDescriptionForAdmins('Control guest user access to our teams.');
$requestBody->setDescriptionForReviewers('Information security is everyone\'s responsibility. Review our access policy for more.');
$instanceEnumerationScope = new AccessReviewQueryScope();
$instanceEnumerationScope->setOdataType('#microsoft.graph.accessReviewQueryScope');
$instanceEnumerationScope->setQuery('/groups?$filter=(groupTypes/any(c:c+eq+\'Unified\') and resourceProvisioningOptions/Any(x:x eq \'Team\')\')');
$instanceEnumerationScope->setQueryType('MicrosoftGraph');
$requestBody->setInstanceEnumerationScope($instanceEnumerationScope);
$scope = new AccessReviewInactiveUsersQueryScope();
$scope->setOdataType('#microsoft.graph.accessReviewInactiveUsersQueryScope');
$scope->setQuery('./members/microsoft.graph.user/?$filter=(userType eq \'Guest\')');
$scope->setQueryType('MicrosoftGraph');
$scope->setInactiveDuration(new \DateInterval('P30D'));
$requestBody->setScope($scope);
$reviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$reviewersAccessReviewReviewerScope1->setQuery('./owners');
$reviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$reviewersArray []= $reviewersAccessReviewReviewerScope1;
$requestBody->setReviewers($reviewersArray);
$fallbackReviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$fallbackReviewersAccessReviewReviewerScope1->setQuery('/users/fc9a2c2b-1ddc-486d-a211-5fe8ca77fa1f');
$fallbackReviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$fallbackReviewersArray []= $fallbackReviewersAccessReviewReviewerScope1;
$requestBody->setFallbackReviewers($fallbackReviewersArray);
$settings = new AccessReviewScheduleSettings();
$settings->setMailNotificationsEnabled(true);
$settings->setReminderNotificationsEnabled(true);
$settings->setJustificationRequiredOnApproval(true);
$settings->setRecommendationsEnabled(true);
$settings->setInstanceDurationInDays(3);
$settingsRecurrence = new PatternedRecurrence();
$settingsRecurrencePattern = new RecurrencePattern();
$settingsRecurrencePattern->setType(new RecurrencePatternType('absoluteMonthly'));
$settingsRecurrencePattern->setDayOfMonth(5);
$settingsRecurrencePattern->setInterval(3);
$settingsRecurrence->setPattern($settingsRecurrencePattern);
$settingsRecurrenceRange = new RecurrenceRange();
$settingsRecurrenceRange->setType(new RecurrenceRangeType('noEnd'));
$settingsRecurrenceRange->setStartDate(new Date('2020-05-04T00:00:00.000Z'));
$settingsRecurrence->setRange($settingsRecurrenceRange);
$settings->setRecurrence($settingsRecurrence);
$settings->setDefaultDecisionEnabled(true);
$settings->setDefaultDecision('Deny');
$settings->setAutoApplyDecisionsEnabled(true);
$requestBody->setSettings($settings);
$result = $graphServiceClient->identityGovernance()->accessReviews()->definitions()->post($requestBody)->wait();
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_review_schedule_definition import AccessReviewScheduleDefinition
from msgraph_beta.generated.models.access_review_query_scope import AccessReviewQueryScope
from msgraph_beta.generated.models.access_review_inactive_users_query_scope import AccessReviewInactiveUsersQueryScope
from msgraph_beta.generated.models.access_review_reviewer_scope import AccessReviewReviewerScope
from msgraph_beta.generated.models.access_review_schedule_settings import AccessReviewScheduleSettings
from msgraph_beta.generated.models.patterned_recurrence import PatternedRecurrence
from msgraph_beta.generated.models.recurrence_pattern import RecurrencePattern
from msgraph_beta.generated.models.recurrence_pattern_type import RecurrencePatternType
from msgraph_beta.generated.models.recurrence_range import RecurrenceRange
from msgraph_beta.generated.models.recurrence_range_type import RecurrenceRangeType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessReviewScheduleDefinition(
display_name = "Review inactive guests on teams",
description_for_admins = "Control guest user access to our teams.",
description_for_reviewers = "Information security is everyone's responsibility. Review our access policy for more.",
instance_enumeration_scope = AccessReviewQueryScope(
odata_type = "#microsoft.graph.accessReviewQueryScope",
query = "/groups?$filter=(groupTypes/any(c:c+eq+'Unified') and resourceProvisioningOptions/Any(x:x eq 'Team')')",
query_type = "MicrosoftGraph",
),
scope = AccessReviewInactiveUsersQueryScope(
odata_type = "#microsoft.graph.accessReviewInactiveUsersQueryScope",
query = "./members/microsoft.graph.user/?$filter=(userType eq 'Guest')",
query_type = "MicrosoftGraph",
inactive_duration = "P30D",
),
reviewers = [
AccessReviewReviewerScope(
query = "./owners",
query_type = "MicrosoftGraph",
),
],
fallback_reviewers = [
AccessReviewReviewerScope(
query = "/users/fc9a2c2b-1ddc-486d-a211-5fe8ca77fa1f",
query_type = "MicrosoftGraph",
),
],
settings = AccessReviewScheduleSettings(
mail_notifications_enabled = True,
reminder_notifications_enabled = True,
justification_required_on_approval = True,
recommendations_enabled = True,
instance_duration_in_days = 3,
recurrence = PatternedRecurrence(
pattern = RecurrencePattern(
type = RecurrencePatternType.AbsoluteMonthly,
day_of_month = 5,
interval = 3,
),
range = RecurrenceRange(
type = RecurrenceRangeType.NoEnd,
start_date = "2020-05-04T00:00:00.000Z",
),
),
default_decision_enabled = True,
default_decision = "Deny",
auto_apply_decisions_enabled = True,
),
)
result = await graph_client.identity_governance.access_reviews.definitions.post(request_body)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessReviewScheduleDefinition
{
DisplayName = "Review employee access to LinkedIn",
DescriptionForAdmins = "Review employee access to LinkedIn",
Scope = new PrincipalResourceMembershipsScope
{
OdataType = "#microsoft.graph.principalResourceMembershipsScope",
PrincipalScopes = new List<AccessReviewScope>
{
new AccessReviewQueryScope
{
OdataType = "#microsoft.graph.accessReviewQueryScope",
Query = "/users",
QueryType = "MicrosoftGraph",
},
},
ResourceScopes = new List<AccessReviewScope>
{
new AccessReviewQueryScope
{
OdataType = "#microsoft.graph.accessReviewQueryScope",
Query = "/servicePrincipals/bae11f90-7d5d-46ba-9f55-8112b59d92ae",
QueryType = "MicrosoftGraph",
},
},
},
Reviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "./manager",
QueryType = "MicrosoftGraph",
QueryRoot = "decisions",
},
},
BackupReviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers",
QueryType = "MicrosoftGraph",
},
},
FallbackReviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers",
QueryType = "MicrosoftGraph",
},
},
Settings = new AccessReviewScheduleSettings
{
MailNotificationsEnabled = true,
ReminderNotificationsEnabled = true,
JustificationRequiredOnApproval = true,
DefaultDecisionEnabled = true,
DefaultDecision = "Recommendation",
InstanceDurationInDays = 180,
AutoApplyDecisionsEnabled = true,
RecommendationsEnabled = true,
Recurrence = new PatternedRecurrence
{
Pattern = new RecurrencePattern
{
Type = RecurrencePatternType.AbsoluteMonthly,
Interval = 6,
DayOfMonth = 0,
},
Range = new RecurrenceRange
{
Type = RecurrenceRangeType.Numbered,
StartDate = new Date(DateTime.Parse("2021-05-05")),
EndDate = new Date(DateTime.Parse("2022-05-05")),
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.AccessReviews.Definitions.PostAsync(requestBody);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessReviewScheduleDefinition accessReviewScheduleDefinition = new AccessReviewScheduleDefinition();
accessReviewScheduleDefinition.setDisplayName("Review employee access to LinkedIn");
accessReviewScheduleDefinition.setDescriptionForAdmins("Review employee access to LinkedIn");
PrincipalResourceMembershipsScope scope = new PrincipalResourceMembershipsScope();
scope.setOdataType("#microsoft.graph.principalResourceMembershipsScope");
LinkedList<AccessReviewScope> principalScopes = new LinkedList<AccessReviewScope>();
AccessReviewQueryScope accessReviewScope = new AccessReviewQueryScope();
accessReviewScope.setOdataType("#microsoft.graph.accessReviewQueryScope");
accessReviewScope.setQuery("/users");
accessReviewScope.setQueryType("MicrosoftGraph");
principalScopes.add(accessReviewScope);
scope.setPrincipalScopes(principalScopes);
LinkedList<AccessReviewScope> resourceScopes = new LinkedList<AccessReviewScope>();
AccessReviewQueryScope accessReviewScope1 = new AccessReviewQueryScope();
accessReviewScope1.setOdataType("#microsoft.graph.accessReviewQueryScope");
accessReviewScope1.setQuery("/servicePrincipals/bae11f90-7d5d-46ba-9f55-8112b59d92ae");
accessReviewScope1.setQueryType("MicrosoftGraph");
resourceScopes.add(accessReviewScope1);
scope.setResourceScopes(resourceScopes);
accessReviewScheduleDefinition.setScope(scope);
LinkedList<AccessReviewReviewerScope> reviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope = new AccessReviewReviewerScope();
accessReviewReviewerScope.setQuery("./manager");
accessReviewReviewerScope.setQueryType("MicrosoftGraph");
accessReviewReviewerScope.setQueryRoot("decisions");
reviewers.add(accessReviewReviewerScope);
accessReviewScheduleDefinition.setReviewers(reviewers);
LinkedList<AccessReviewReviewerScope> backupReviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope1 = new AccessReviewReviewerScope();
accessReviewReviewerScope1.setQuery("/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers");
accessReviewReviewerScope1.setQueryType("MicrosoftGraph");
backupReviewers.add(accessReviewReviewerScope1);
accessReviewScheduleDefinition.setBackupReviewers(backupReviewers);
LinkedList<AccessReviewReviewerScope> fallbackReviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope2 = new AccessReviewReviewerScope();
accessReviewReviewerScope2.setQuery("/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers");
accessReviewReviewerScope2.setQueryType("MicrosoftGraph");
fallbackReviewers.add(accessReviewReviewerScope2);
accessReviewScheduleDefinition.setFallbackReviewers(fallbackReviewers);
AccessReviewScheduleSettings settings = new AccessReviewScheduleSettings();
settings.setMailNotificationsEnabled(true);
settings.setReminderNotificationsEnabled(true);
settings.setJustificationRequiredOnApproval(true);
settings.setDefaultDecisionEnabled(true);
settings.setDefaultDecision("Recommendation");
settings.setInstanceDurationInDays(180);
settings.setAutoApplyDecisionsEnabled(true);
settings.setRecommendationsEnabled(true);
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.setType(RecurrencePatternType.AbsoluteMonthly);
pattern.setInterval(6);
pattern.setDayOfMonth(0);
recurrence.setPattern(pattern);
RecurrenceRange range = new RecurrenceRange();
range.setType(RecurrenceRangeType.Numbered);
LocalDate startDate = LocalDate.parse("2021-05-05");
range.setStartDate(startDate);
LocalDate endDate = LocalDate.parse("2022-05-05");
range.setEndDate(endDate);
recurrence.setRange(range);
settings.setRecurrence(recurrence);
accessReviewScheduleDefinition.setSettings(settings);
AccessReviewScheduleDefinition result = graphClient.identityGovernance().accessReviews().definitions().post(accessReviewScheduleDefinition);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleDefinition;
use Microsoft\Graph\Beta\Generated\Models\PrincipalResourceMembershipsScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewQueryScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewReviewerScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleSettings;
use Microsoft\Graph\Beta\Generated\Models\PatternedRecurrence;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePattern;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePatternType;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRange;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRangeType;
use Microsoft\Kiota\Abstractions\Types\Date;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessReviewScheduleDefinition();
$requestBody->setDisplayName('Review employee access to LinkedIn');
$requestBody->setDescriptionForAdmins('Review employee access to LinkedIn');
$scope = new PrincipalResourceMembershipsScope();
$scope->setOdataType('#microsoft.graph.principalResourceMembershipsScope');
$principalScopesAccessReviewScope1 = new AccessReviewQueryScope();
$principalScopesAccessReviewScope1->setOdataType('#microsoft.graph.accessReviewQueryScope');
$principalScopesAccessReviewScope1->setQuery('/users');
$principalScopesAccessReviewScope1->setQueryType('MicrosoftGraph');
$principalScopesArray []= $principalScopesAccessReviewScope1;
$scope->setPrincipalScopes($principalScopesArray);
$resourceScopesAccessReviewScope1 = new AccessReviewQueryScope();
$resourceScopesAccessReviewScope1->setOdataType('#microsoft.graph.accessReviewQueryScope');
$resourceScopesAccessReviewScope1->setQuery('/servicePrincipals/bae11f90-7d5d-46ba-9f55-8112b59d92ae');
$resourceScopesAccessReviewScope1->setQueryType('MicrosoftGraph');
$resourceScopesArray []= $resourceScopesAccessReviewScope1;
$scope->setResourceScopes($resourceScopesArray);
$requestBody->setScope($scope);
$reviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$reviewersAccessReviewReviewerScope1->setQuery('./manager');
$reviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$reviewersAccessReviewReviewerScope1->setQueryRoot('decisions');
$reviewersArray []= $reviewersAccessReviewReviewerScope1;
$requestBody->setReviewers($reviewersArray);
$backupReviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$backupReviewersAccessReviewReviewerScope1->setQuery('/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers');
$backupReviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$backupReviewersArray []= $backupReviewersAccessReviewReviewerScope1;
$requestBody->setBackupReviewers($backupReviewersArray);
$fallbackReviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$fallbackReviewersAccessReviewReviewerScope1->setQuery('/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers');
$fallbackReviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$fallbackReviewersArray []= $fallbackReviewersAccessReviewReviewerScope1;
$requestBody->setFallbackReviewers($fallbackReviewersArray);
$settings = new AccessReviewScheduleSettings();
$settings->setMailNotificationsEnabled(true);
$settings->setReminderNotificationsEnabled(true);
$settings->setJustificationRequiredOnApproval(true);
$settings->setDefaultDecisionEnabled(true);
$settings->setDefaultDecision('Recommendation');
$settings->setInstanceDurationInDays(180);
$settings->setAutoApplyDecisionsEnabled(true);
$settings->setRecommendationsEnabled(true);
$settingsRecurrence = new PatternedRecurrence();
$settingsRecurrencePattern = new RecurrencePattern();
$settingsRecurrencePattern->setType(new RecurrencePatternType('absoluteMonthly'));
$settingsRecurrencePattern->setInterval(6);
$settingsRecurrencePattern->setDayOfMonth(0);
$settingsRecurrence->setPattern($settingsRecurrencePattern);
$settingsRecurrenceRange = new RecurrenceRange();
$settingsRecurrenceRange->setType(new RecurrenceRangeType('numbered'));
$settingsRecurrenceRange->setStartDate(new Date('2021-05-05'));
$settingsRecurrenceRange->setEndDate(new Date('2022-05-05'));
$settingsRecurrence->setRange($settingsRecurrenceRange);
$settings->setRecurrence($settingsRecurrence);
$requestBody->setSettings($settings);
$result = $graphServiceClient->identityGovernance()->accessReviews()->definitions()->post($requestBody)->wait();
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_review_schedule_definition import AccessReviewScheduleDefinition
from msgraph_beta.generated.models.principal_resource_memberships_scope import PrincipalResourceMembershipsScope
from msgraph_beta.generated.models.access_review_scope import AccessReviewScope
from msgraph_beta.generated.models.access_review_query_scope import AccessReviewQueryScope
from msgraph_beta.generated.models.access_review_reviewer_scope import AccessReviewReviewerScope
from msgraph_beta.generated.models.access_review_schedule_settings import AccessReviewScheduleSettings
from msgraph_beta.generated.models.patterned_recurrence import PatternedRecurrence
from msgraph_beta.generated.models.recurrence_pattern import RecurrencePattern
from msgraph_beta.generated.models.recurrence_pattern_type import RecurrencePatternType
from msgraph_beta.generated.models.recurrence_range import RecurrenceRange
from msgraph_beta.generated.models.recurrence_range_type import RecurrenceRangeType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessReviewScheduleDefinition(
display_name = "Review employee access to LinkedIn",
description_for_admins = "Review employee access to LinkedIn",
scope = PrincipalResourceMembershipsScope(
odata_type = "#microsoft.graph.principalResourceMembershipsScope",
principal_scopes = [
AccessReviewQueryScope(
odata_type = "#microsoft.graph.accessReviewQueryScope",
query = "/users",
query_type = "MicrosoftGraph",
),
],
resource_scopes = [
AccessReviewQueryScope(
odata_type = "#microsoft.graph.accessReviewQueryScope",
query = "/servicePrincipals/bae11f90-7d5d-46ba-9f55-8112b59d92ae",
query_type = "MicrosoftGraph",
),
],
),
reviewers = [
AccessReviewReviewerScope(
query = "./manager",
query_type = "MicrosoftGraph",
query_root = "decisions",
),
],
backup_reviewers = [
AccessReviewReviewerScope(
query = "/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers",
query_type = "MicrosoftGraph",
),
],
fallback_reviewers = [
AccessReviewReviewerScope(
query = "/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers",
query_type = "MicrosoftGraph",
),
],
settings = AccessReviewScheduleSettings(
mail_notifications_enabled = True,
reminder_notifications_enabled = True,
justification_required_on_approval = True,
default_decision_enabled = True,
default_decision = "Recommendation",
instance_duration_in_days = 180,
auto_apply_decisions_enabled = True,
recommendations_enabled = True,
recurrence = PatternedRecurrence(
pattern = RecurrencePattern(
type = RecurrencePatternType.AbsoluteMonthly,
interval = 6,
day_of_month = 0,
),
range = RecurrenceRange(
type = RecurrenceRangeType.Numbered,
start_date = "2021-05-05",
end_date = "2022-05-05",
),
),
),
)
result = await graph_client.identity_governance.access_reviews.definitions.post(request_body)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessReviewScheduleDefinition
{
DisplayName = "Group Multi-stage Access Review",
DescriptionForAdmins = "New scheduled access review",
DescriptionForReviewers = "If you have any questions, contact jerry@contoso.com",
Scope = new AccessReviewQueryScope
{
OdataType = "#microsoft.graph.accessReviewQueryScope",
Query = "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers",
QueryType = "MicrosoftGraph",
},
StageSettings = new List<AccessReviewStageSettings>
{
new AccessReviewStageSettings
{
StageId = "1",
DurationInDays = 2,
RecommendationsEnabled = false,
DecisionsThatWillMoveToNextStage = new List<string>
{
"NotReviewed",
"Approve",
},
Reviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/users/398164b1-5196-49dd-ada2-364b49f99b27",
QueryType = "MicrosoftGraph",
},
},
},
new AccessReviewStageSettings
{
StageId = "2",
DependsOn = new List<string>
{
"1",
},
DurationInDays = 2,
RecommendationsEnabled = true,
Reviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "./manager",
QueryType = "MicrosoftGraph",
QueryRoot = "decisions",
},
},
FallbackReviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers",
QueryType = "MicrosoftGraph",
},
},
},
},
Settings = new AccessReviewScheduleSettings
{
InstanceDurationInDays = 4,
Recurrence = new PatternedRecurrence
{
Pattern = new RecurrencePattern
{
Type = RecurrencePatternType.Weekly,
Interval = 1,
},
Range = new RecurrenceRange
{
Type = RecurrenceRangeType.NoEnd,
StartDate = new Date(DateTime.Parse("2020-09-08T12:02:30.667Z")),
},
},
DecisionHistoriesForReviewersEnabled = true,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.AccessReviews.Definitions.PostAsync(requestBody);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessReviewScheduleDefinition accessReviewScheduleDefinition = new AccessReviewScheduleDefinition();
accessReviewScheduleDefinition.setDisplayName("Group Multi-stage Access Review");
accessReviewScheduleDefinition.setDescriptionForAdmins("New scheduled access review");
accessReviewScheduleDefinition.setDescriptionForReviewers("If you have any questions, contact jerry@contoso.com");
AccessReviewQueryScope scope = new AccessReviewQueryScope();
scope.setOdataType("#microsoft.graph.accessReviewQueryScope");
scope.setQuery("/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers");
scope.setQueryType("MicrosoftGraph");
accessReviewScheduleDefinition.setScope(scope);
LinkedList<AccessReviewStageSettings> stageSettings = new LinkedList<AccessReviewStageSettings>();
AccessReviewStageSettings accessReviewStageSettings = new AccessReviewStageSettings();
accessReviewStageSettings.setStageId("1");
accessReviewStageSettings.setDurationInDays(2);
accessReviewStageSettings.setRecommendationsEnabled(false);
LinkedList<String> decisionsThatWillMoveToNextStage = new LinkedList<String>();
decisionsThatWillMoveToNextStage.add("NotReviewed");
decisionsThatWillMoveToNextStage.add("Approve");
accessReviewStageSettings.setDecisionsThatWillMoveToNextStage(decisionsThatWillMoveToNextStage);
LinkedList<AccessReviewReviewerScope> reviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope = new AccessReviewReviewerScope();
accessReviewReviewerScope.setQuery("/users/398164b1-5196-49dd-ada2-364b49f99b27");
accessReviewReviewerScope.setQueryType("MicrosoftGraph");
reviewers.add(accessReviewReviewerScope);
accessReviewStageSettings.setReviewers(reviewers);
stageSettings.add(accessReviewStageSettings);
AccessReviewStageSettings accessReviewStageSettings1 = new AccessReviewStageSettings();
accessReviewStageSettings1.setStageId("2");
LinkedList<String> dependsOn = new LinkedList<String>();
dependsOn.add("1");
accessReviewStageSettings1.setDependsOn(dependsOn);
accessReviewStageSettings1.setDurationInDays(2);
accessReviewStageSettings1.setRecommendationsEnabled(true);
LinkedList<AccessReviewReviewerScope> reviewers1 = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope1 = new AccessReviewReviewerScope();
accessReviewReviewerScope1.setQuery("./manager");
accessReviewReviewerScope1.setQueryType("MicrosoftGraph");
accessReviewReviewerScope1.setQueryRoot("decisions");
reviewers1.add(accessReviewReviewerScope1);
accessReviewStageSettings1.setReviewers(reviewers1);
LinkedList<AccessReviewReviewerScope> fallbackReviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope2 = new AccessReviewReviewerScope();
accessReviewReviewerScope2.setQuery("/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers");
accessReviewReviewerScope2.setQueryType("MicrosoftGraph");
fallbackReviewers.add(accessReviewReviewerScope2);
accessReviewStageSettings1.setFallbackReviewers(fallbackReviewers);
stageSettings.add(accessReviewStageSettings1);
accessReviewScheduleDefinition.setStageSettings(stageSettings);
AccessReviewScheduleSettings settings = new AccessReviewScheduleSettings();
settings.setInstanceDurationInDays(4);
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.setType(RecurrencePatternType.Weekly);
pattern.setInterval(1);
recurrence.setPattern(pattern);
RecurrenceRange range = new RecurrenceRange();
range.setType(RecurrenceRangeType.NoEnd);
LocalDate startDate = LocalDate.parse("2020-09-08T12:02:30.667Z");
range.setStartDate(startDate);
recurrence.setRange(range);
settings.setRecurrence(recurrence);
settings.setDecisionHistoriesForReviewersEnabled(true);
accessReviewScheduleDefinition.setSettings(settings);
AccessReviewScheduleDefinition result = graphClient.identityGovernance().accessReviews().definitions().post(accessReviewScheduleDefinition);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleDefinition;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewQueryScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewStageSettings;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewReviewerScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleSettings;
use Microsoft\Graph\Beta\Generated\Models\PatternedRecurrence;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePattern;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePatternType;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRange;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRangeType;
use Microsoft\Kiota\Abstractions\Types\Date;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessReviewScheduleDefinition();
$requestBody->setDisplayName('Group Multi-stage Access Review');
$requestBody->setDescriptionForAdmins('New scheduled access review');
$requestBody->setDescriptionForReviewers('If you have any questions, contact jerry@contoso.com');
$scope = new AccessReviewQueryScope();
$scope->setOdataType('#microsoft.graph.accessReviewQueryScope');
$scope->setQuery('/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers');
$scope->setQueryType('MicrosoftGraph');
$requestBody->setScope($scope);
$stageSettingsAccessReviewStageSettings1 = new AccessReviewStageSettings();
$stageSettingsAccessReviewStageSettings1->setStageId('1');
$stageSettingsAccessReviewStageSettings1->setDurationInDays(2);
$stageSettingsAccessReviewStageSettings1->setRecommendationsEnabled(false);
$stageSettingsAccessReviewStageSettings1->setDecisionsThatWillMoveToNextStage(['NotReviewed', 'Approve', ]);
$reviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$reviewersAccessReviewReviewerScope1->setQuery('/users/398164b1-5196-49dd-ada2-364b49f99b27');
$reviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$reviewersArray []= $reviewersAccessReviewReviewerScope1;
$stageSettingsAccessReviewStageSettings1->setReviewers($reviewersArray);
$stageSettingsArray []= $stageSettingsAccessReviewStageSettings1;
$stageSettingsAccessReviewStageSettings2 = new AccessReviewStageSettings();
$stageSettingsAccessReviewStageSettings2->setStageId('2');
$stageSettingsAccessReviewStageSettings2->setDependsOn(['1', ]);
$stageSettingsAccessReviewStageSettings2->setDurationInDays(2);
$stageSettingsAccessReviewStageSettings2->setRecommendationsEnabled(true);
$reviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$reviewersAccessReviewReviewerScope1->setQuery('./manager');
$reviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$reviewersAccessReviewReviewerScope1->setQueryRoot('decisions');
$reviewersArray []= $reviewersAccessReviewReviewerScope1;
$stageSettingsAccessReviewStageSettings2->setReviewers($reviewersArray);
$fallbackReviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$fallbackReviewersAccessReviewReviewerScope1->setQuery('/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers');
$fallbackReviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$fallbackReviewersArray []= $fallbackReviewersAccessReviewReviewerScope1;
$stageSettingsAccessReviewStageSettings2->setFallbackReviewers($fallbackReviewersArray);
$stageSettingsArray []= $stageSettingsAccessReviewStageSettings2;
$requestBody->setStageSettings($stageSettingsArray);
$settings = new AccessReviewScheduleSettings();
$settings->setInstanceDurationInDays(4);
$settingsRecurrence = new PatternedRecurrence();
$settingsRecurrencePattern = new RecurrencePattern();
$settingsRecurrencePattern->setType(new RecurrencePatternType('weekly'));
$settingsRecurrencePattern->setInterval(1);
$settingsRecurrence->setPattern($settingsRecurrencePattern);
$settingsRecurrenceRange = new RecurrenceRange();
$settingsRecurrenceRange->setType(new RecurrenceRangeType('noEnd'));
$settingsRecurrenceRange->setStartDate(new Date('2020-09-08T12:02:30.667Z'));
$settingsRecurrence->setRange($settingsRecurrenceRange);
$settings->setRecurrence($settingsRecurrence);
$settings->setDecisionHistoriesForReviewersEnabled(true);
$requestBody->setSettings($settings);
$result = $graphServiceClient->identityGovernance()->accessReviews()->definitions()->post($requestBody)->wait();
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_review_schedule_definition import AccessReviewScheduleDefinition
from msgraph_beta.generated.models.access_review_query_scope import AccessReviewQueryScope
from msgraph_beta.generated.models.access_review_stage_settings import AccessReviewStageSettings
from msgraph_beta.generated.models.access_review_reviewer_scope import AccessReviewReviewerScope
from msgraph_beta.generated.models.access_review_schedule_settings import AccessReviewScheduleSettings
from msgraph_beta.generated.models.patterned_recurrence import PatternedRecurrence
from msgraph_beta.generated.models.recurrence_pattern import RecurrencePattern
from msgraph_beta.generated.models.recurrence_pattern_type import RecurrencePatternType
from msgraph_beta.generated.models.recurrence_range import RecurrenceRange
from msgraph_beta.generated.models.recurrence_range_type import RecurrenceRangeType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessReviewScheduleDefinition(
display_name = "Group Multi-stage Access Review",
description_for_admins = "New scheduled access review",
description_for_reviewers = "If you have any questions, contact jerry@contoso.com",
scope = AccessReviewQueryScope(
odata_type = "#microsoft.graph.accessReviewQueryScope",
query = "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers",
query_type = "MicrosoftGraph",
),
stage_settings = [
AccessReviewStageSettings(
stage_id = "1",
duration_in_days = 2,
recommendations_enabled = False,
decisions_that_will_move_to_next_stage = [
"NotReviewed",
"Approve",
],
reviewers = [
AccessReviewReviewerScope(
query = "/users/398164b1-5196-49dd-ada2-364b49f99b27",
query_type = "MicrosoftGraph",
),
],
),
AccessReviewStageSettings(
stage_id = "2",
depends_on = [
"1",
],
duration_in_days = 2,
recommendations_enabled = True,
reviewers = [
AccessReviewReviewerScope(
query = "./manager",
query_type = "MicrosoftGraph",
query_root = "decisions",
),
],
fallback_reviewers = [
AccessReviewReviewerScope(
query = "/groups/072ac5f4-3f13-4088-ab30-0a276f3e6322/transitiveMembers",
query_type = "MicrosoftGraph",
),
],
),
],
settings = AccessReviewScheduleSettings(
instance_duration_in_days = 4,
recurrence = PatternedRecurrence(
pattern = RecurrencePattern(
type = RecurrencePatternType.Weekly,
interval = 1,
),
range = RecurrenceRange(
type = RecurrenceRangeType.NoEnd,
start_date = "2020-09-08T12:02:30.667Z",
),
),
decision_histories_for_reviewers_enabled = True,
),
)
result = await graph_client.identity_governance.access_reviews.definitions.post(request_body)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Beispiel 5: Erstellen einer Zugriffsüberprüfung für eine Gruppe mit Erkenntnissen zur Benutzer-zu-Gruppen-Zugehörigkeit und Benutzeranmeldung für Empfehlungen
Im folgenden Beispiel wird eine Zugriffsüberprüfung mit den folgenden Einstellungen erstellt:
Die Überprüfung überprüft alle Mitglieder einer Gruppe mit der ID02f3bafb-448c-487c-88c2-5fd65ce49a41.
Ein bestimmter Benutzer mit der Benutzer-ID398164b1-5196-49dd-ada2-364b49f99b27 ist der Prüfer.
Es wird wöchentlich reaktiviert und auf unbestimmte Zeit fortgesetzt.
Sowohl die Benutzer-zu-Gruppen-Zugehörigkeit als auch die Benutzeranmeldung sind Erkenntnisse für Prüfer.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessReviewScheduleDefinition
{
DisplayName = "Test create",
DescriptionForAdmins = "New scheduled access review",
DescriptionForReviewers = "If you have any questions, contact jerry@contoso.com",
Scope = new AccessReviewQueryScope
{
OdataType = "#microsoft.graph.accessReviewQueryScope",
Query = "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers",
QueryType = "MicrosoftGraph",
},
Reviewers = new List<AccessReviewReviewerScope>
{
new AccessReviewReviewerScope
{
Query = "/users/398164b1-5196-49dd-ada2-364b49f99b27",
QueryType = "MicrosoftGraph",
},
},
Settings = new AccessReviewScheduleSettings
{
InstanceDurationInDays = 1,
Recurrence = new PatternedRecurrence
{
Pattern = new RecurrencePattern
{
Type = RecurrencePatternType.Weekly,
Interval = 1,
},
Range = new RecurrenceRange
{
Type = RecurrenceRangeType.NoEnd,
StartDate = new Date(DateTime.Parse("2020-09-08T12:02:30.667Z")),
},
},
RecommendationInsightSettings = new List<AccessReviewRecommendationInsightSetting>
{
new UserLastSignInRecommendationInsightSetting
{
OdataType = "#microsoft.graph.userLastSignInRecommendationInsightSetting",
RecommendationLookBackDuration = TimeSpan.Parse("P30D"),
SignInScope = UserSignInRecommendationScope.Tenant,
},
new GroupPeerOutlierRecommendationInsightSettings
{
OdataType = "#microsoft.graph.groupPeerOutlierRecommendationInsightSettings",
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.AccessReviews.Definitions.PostAsync(requestBody);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessReviewScheduleDefinition()
displayName := "Test create"
requestBody.SetDisplayName(&displayName)
descriptionForAdmins := "New scheduled access review"
requestBody.SetDescriptionForAdmins(&descriptionForAdmins)
descriptionForReviewers := "If you have any questions, contact jerry@contoso.com"
requestBody.SetDescriptionForReviewers(&descriptionForReviewers)
scope := graphmodels.NewAccessReviewQueryScope()
query := "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers"
scope.SetQuery(&query)
queryType := "MicrosoftGraph"
scope.SetQueryType(&queryType)
requestBody.SetScope(scope)
accessReviewReviewerScope := graphmodels.NewAccessReviewReviewerScope()
query := "/users/398164b1-5196-49dd-ada2-364b49f99b27"
accessReviewReviewerScope.SetQuery(&query)
queryType := "MicrosoftGraph"
accessReviewReviewerScope.SetQueryType(&queryType)
reviewers := []graphmodels.AccessReviewReviewerScopeable {
accessReviewReviewerScope,
}
requestBody.SetReviewers(reviewers)
settings := graphmodels.NewAccessReviewScheduleSettings()
instanceDurationInDays := int32(1)
settings.SetInstanceDurationInDays(&instanceDurationInDays)
recurrence := graphmodels.NewPatternedRecurrence()
pattern := graphmodels.NewRecurrencePattern()
type := graphmodels.WEEKLY_RECURRENCEPATTERNTYPE
pattern.SetType(&type)
interval := int32(1)
pattern.SetInterval(&interval)
recurrence.SetPattern(pattern)
range := graphmodels.NewRecurrenceRange()
type := graphmodels.NOEND_RECURRENCERANGETYPE
range.SetType(&type)
startDate := 2020-09-08T12:02:30.667Z
range.SetStartDate(&startDate)
recurrence.SetRange(range)
settings.SetRecurrence(recurrence)
accessReviewRecommendationInsightSetting := graphmodels.NewUserLastSignInRecommendationInsightSetting()
recommendationLookBackDuration , err := abstractions.ParseISODuration("P30D")
accessReviewRecommendationInsightSetting.SetRecommendationLookBackDuration(&recommendationLookBackDuration)
signInScope := graphmodels.TENANT_USERSIGNINRECOMMENDATIONSCOPE
accessReviewRecommendationInsightSetting.SetSignInScope(&signInScope)
accessReviewRecommendationInsightSetting1 := graphmodels.NewGroupPeerOutlierRecommendationInsightSettings()
recommendationInsightSettings := []graphmodels.AccessReviewRecommendationInsightSettingable {
accessReviewRecommendationInsightSetting,
accessReviewRecommendationInsightSetting1,
}
settings.SetRecommendationInsightSettings(recommendationInsightSettings)
requestBody.SetSettings(settings)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
definitions, err := graphClient.IdentityGovernance().AccessReviews().Definitions().Post(context.Background(), requestBody, nil)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessReviewScheduleDefinition accessReviewScheduleDefinition = new AccessReviewScheduleDefinition();
accessReviewScheduleDefinition.setDisplayName("Test create");
accessReviewScheduleDefinition.setDescriptionForAdmins("New scheduled access review");
accessReviewScheduleDefinition.setDescriptionForReviewers("If you have any questions, contact jerry@contoso.com");
AccessReviewQueryScope scope = new AccessReviewQueryScope();
scope.setOdataType("#microsoft.graph.accessReviewQueryScope");
scope.setQuery("/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers");
scope.setQueryType("MicrosoftGraph");
accessReviewScheduleDefinition.setScope(scope);
LinkedList<AccessReviewReviewerScope> reviewers = new LinkedList<AccessReviewReviewerScope>();
AccessReviewReviewerScope accessReviewReviewerScope = new AccessReviewReviewerScope();
accessReviewReviewerScope.setQuery("/users/398164b1-5196-49dd-ada2-364b49f99b27");
accessReviewReviewerScope.setQueryType("MicrosoftGraph");
reviewers.add(accessReviewReviewerScope);
accessReviewScheduleDefinition.setReviewers(reviewers);
AccessReviewScheduleSettings settings = new AccessReviewScheduleSettings();
settings.setInstanceDurationInDays(1);
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.setType(RecurrencePatternType.Weekly);
pattern.setInterval(1);
recurrence.setPattern(pattern);
RecurrenceRange range = new RecurrenceRange();
range.setType(RecurrenceRangeType.NoEnd);
LocalDate startDate = LocalDate.parse("2020-09-08T12:02:30.667Z");
range.setStartDate(startDate);
recurrence.setRange(range);
settings.setRecurrence(recurrence);
LinkedList<AccessReviewRecommendationInsightSetting> recommendationInsightSettings = new LinkedList<AccessReviewRecommendationInsightSetting>();
UserLastSignInRecommendationInsightSetting accessReviewRecommendationInsightSetting = new UserLastSignInRecommendationInsightSetting();
accessReviewRecommendationInsightSetting.setOdataType("#microsoft.graph.userLastSignInRecommendationInsightSetting");
PeriodAndDuration recommendationLookBackDuration = PeriodAndDuration.ofDuration(Duration.parse("P30D"));
accessReviewRecommendationInsightSetting.setRecommendationLookBackDuration(recommendationLookBackDuration);
accessReviewRecommendationInsightSetting.setSignInScope(UserSignInRecommendationScope.Tenant);
recommendationInsightSettings.add(accessReviewRecommendationInsightSetting);
GroupPeerOutlierRecommendationInsightSettings accessReviewRecommendationInsightSetting1 = new GroupPeerOutlierRecommendationInsightSettings();
accessReviewRecommendationInsightSetting1.setOdataType("#microsoft.graph.groupPeerOutlierRecommendationInsightSettings");
recommendationInsightSettings.add(accessReviewRecommendationInsightSetting1);
settings.setRecommendationInsightSettings(recommendationInsightSettings);
accessReviewScheduleDefinition.setSettings(settings);
AccessReviewScheduleDefinition result = graphClient.identityGovernance().accessReviews().definitions().post(accessReviewScheduleDefinition);
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleDefinition;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewQueryScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewReviewerScope;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewScheduleSettings;
use Microsoft\Graph\Beta\Generated\Models\PatternedRecurrence;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePattern;
use Microsoft\Graph\Beta\Generated\Models\RecurrencePatternType;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRange;
use Microsoft\Graph\Beta\Generated\Models\RecurrenceRangeType;
use Microsoft\Kiota\Abstractions\Types\Date;
use Microsoft\Graph\Beta\Generated\Models\AccessReviewRecommendationInsightSetting;
use Microsoft\Graph\Beta\Generated\Models\UserLastSignInRecommendationInsightSetting;
use Microsoft\Graph\Beta\Generated\Models\UserSignInRecommendationScope;
use Microsoft\Graph\Beta\Generated\Models\GroupPeerOutlierRecommendationInsightSettings;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessReviewScheduleDefinition();
$requestBody->setDisplayName('Test create');
$requestBody->setDescriptionForAdmins('New scheduled access review');
$requestBody->setDescriptionForReviewers('If you have any questions, contact jerry@contoso.com');
$scope = new AccessReviewQueryScope();
$scope->setOdataType('#microsoft.graph.accessReviewQueryScope');
$scope->setQuery('/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers');
$scope->setQueryType('MicrosoftGraph');
$requestBody->setScope($scope);
$reviewersAccessReviewReviewerScope1 = new AccessReviewReviewerScope();
$reviewersAccessReviewReviewerScope1->setQuery('/users/398164b1-5196-49dd-ada2-364b49f99b27');
$reviewersAccessReviewReviewerScope1->setQueryType('MicrosoftGraph');
$reviewersArray []= $reviewersAccessReviewReviewerScope1;
$requestBody->setReviewers($reviewersArray);
$settings = new AccessReviewScheduleSettings();
$settings->setInstanceDurationInDays(1);
$settingsRecurrence = new PatternedRecurrence();
$settingsRecurrencePattern = new RecurrencePattern();
$settingsRecurrencePattern->setType(new RecurrencePatternType('weekly'));
$settingsRecurrencePattern->setInterval(1);
$settingsRecurrence->setPattern($settingsRecurrencePattern);
$settingsRecurrenceRange = new RecurrenceRange();
$settingsRecurrenceRange->setType(new RecurrenceRangeType('noEnd'));
$settingsRecurrenceRange->setStartDate(new Date('2020-09-08T12:02:30.667Z'));
$settingsRecurrence->setRange($settingsRecurrenceRange);
$settings->setRecurrence($settingsRecurrence);
$recommendationInsightSettingsAccessReviewRecommendationInsightSetting1 = new UserLastSignInRecommendationInsightSetting();
$recommendationInsightSettingsAccessReviewRecommendationInsightSetting1->setOdataType('#microsoft.graph.userLastSignInRecommendationInsightSetting');
$recommendationInsightSettingsAccessReviewRecommendationInsightSetting1->setRecommendationLookBackDuration(new \DateInterval('P30D'));
$recommendationInsightSettingsAccessReviewRecommendationInsightSetting1->setSignInScope(new UserSignInRecommendationScope('tenant'));
$recommendationInsightSettingsArray []= $recommendationInsightSettingsAccessReviewRecommendationInsightSetting1;
$recommendationInsightSettingsAccessReviewRecommendationInsightSetting2 = new GroupPeerOutlierRecommendationInsightSettings();
$recommendationInsightSettingsAccessReviewRecommendationInsightSetting2->setOdataType('#microsoft.graph.groupPeerOutlierRecommendationInsightSettings');
$recommendationInsightSettingsArray []= $recommendationInsightSettingsAccessReviewRecommendationInsightSetting2;
$settings->setRecommendationInsightSettings($recommendationInsightSettingsArray);
$requestBody->setSettings($settings);
$result = $graphServiceClient->identityGovernance()->accessReviews()->definitions()->post($requestBody)->wait();
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_review_schedule_definition import AccessReviewScheduleDefinition
from msgraph_beta.generated.models.access_review_query_scope import AccessReviewQueryScope
from msgraph_beta.generated.models.access_review_reviewer_scope import AccessReviewReviewerScope
from msgraph_beta.generated.models.access_review_schedule_settings import AccessReviewScheduleSettings
from msgraph_beta.generated.models.patterned_recurrence import PatternedRecurrence
from msgraph_beta.generated.models.recurrence_pattern import RecurrencePattern
from msgraph_beta.generated.models.recurrence_pattern_type import RecurrencePatternType
from msgraph_beta.generated.models.recurrence_range import RecurrenceRange
from msgraph_beta.generated.models.recurrence_range_type import RecurrenceRangeType
from msgraph_beta.generated.models.access_review_recommendation_insight_setting import AccessReviewRecommendationInsightSetting
from msgraph_beta.generated.models.user_last_sign_in_recommendation_insight_setting import UserLastSignInRecommendationInsightSetting
from msgraph_beta.generated.models.user_sign_in_recommendation_scope import UserSignInRecommendationScope
from msgraph_beta.generated.models.group_peer_outlier_recommendation_insight_settings import GroupPeerOutlierRecommendationInsightSettings
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessReviewScheduleDefinition(
display_name = "Test create",
description_for_admins = "New scheduled access review",
description_for_reviewers = "If you have any questions, contact jerry@contoso.com",
scope = AccessReviewQueryScope(
odata_type = "#microsoft.graph.accessReviewQueryScope",
query = "/groups/02f3bafb-448c-487c-88c2-5fd65ce49a41/transitiveMembers",
query_type = "MicrosoftGraph",
),
reviewers = [
AccessReviewReviewerScope(
query = "/users/398164b1-5196-49dd-ada2-364b49f99b27",
query_type = "MicrosoftGraph",
),
],
settings = AccessReviewScheduleSettings(
instance_duration_in_days = 1,
recurrence = PatternedRecurrence(
pattern = RecurrencePattern(
type = RecurrencePatternType.Weekly,
interval = 1,
),
range = RecurrenceRange(
type = RecurrenceRangeType.NoEnd,
start_date = "2020-09-08T12:02:30.667Z",
),
),
recommendation_insight_settings = [
UserLastSignInRecommendationInsightSetting(
odata_type = "#microsoft.graph.userLastSignInRecommendationInsightSetting",
recommendation_look_back_duration = "P30D",
sign_in_scope = UserSignInRecommendationScope.Tenant,
),
GroupPeerOutlierRecommendationInsightSettings(
odata_type = "#microsoft.graph.groupPeerOutlierRecommendationInsightSettings",
),
],
),
)
result = await graph_client.identity_governance.access_reviews.definitions.post(request_body)
Wichtig
Die Microsoft Graph SDKs verwenden standardmäßig die Version v1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Beta-Version verfügbar sind. Einzelheiten zum Zugriff auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph SDKs mit der Beta-API.