Actualizar unifiedRoleManagementPolicy
- Artículo
Espacio de nombres: microsoft.graph
Importante
Las API de la versión /beta de Microsoft Graph están sujetas a cambios. No se admite el uso de estas API en aplicaciones de producción. Para determinar si una API está disponible en la versión 1.0, use el selector de Versión.
Actualice los detalles de un objeto unifiedRoleManagementPolicy de una directiva de administración de roles.
Esta API está disponible en las siguientes implementaciones nacionales de nube.
| Servicio global | Gobierno de EE. UU. L4 | Us Government L5 (DOD) | China operada por 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
Permisos
Se requiere uno de los siguientes permisos para llamar a esta API. Para obtener más información, incluido cómo elegir permisos, vea Permisos.
Para PIM para roles de Microsoft Entra
| Tipo de permiso | Permisos (de menos a más privilegiados) |
|---|---|
| Delegado (cuenta profesional o educativa) | RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
| Delegado (cuenta personal de Microsoft) | No admitida. |
| Aplicación | RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
Importante
En escenarios delegados con cuentas profesionales o educativas, al usuario que ha iniciado sesión se le debe asignar un rol de Microsoft Entra compatible o un rol personalizado con un permiso de rol admitido. Se admiten los siguientes roles con privilegios mínimos para esta operación.
- Para operaciones de lectura: Lector global, Operador de seguridad, Lector de seguridad, Administrador de seguridad o Administrador de roles con privilegios
- Para operaciones de escritura: Administrador de roles con privilegios
Para PIM para grupos
| Tipo de permiso | Permisos (de menos a más privilegiados) |
|---|---|
| Delegado (cuenta profesional o educativa) | RoleManagementPolicy.ReadWrite.AzureADGroup |
| Delegado (cuenta personal de Microsoft) | No admitida. |
| Aplicación | RoleManagementPolicy.ReadWrite.AzureADGroup |
Solicitud HTTP
Para actualizar los detalles de una directiva de administración de roles para Microsoft Entra roles o grupos:
PATCH /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}
Encabezados de solicitud
| Nombre | Descripción |
|---|---|
| Authorization | {token} de portador. Obligatorio. Obtenga más información sobre la autenticación y la autorización. |
| Content-Type | application/json. Obligatorio. |
Cuerpo de la solicitud
En el cuerpo de la solicitud, proporcione solo los valores de las propiedades que se van a actualizar. Las propiedades existentes que no se incluyen en el cuerpo de la solicitud mantienen sus valores anteriores o se recalculan en función de los cambios realizados en otros valores de propiedad.
En la tabla siguiente se especifican las propiedades que se pueden actualizar.
| Propiedad | Tipo | Descripción |
|---|---|---|
| reglas | colección unifiedRoleManagementPolicyRule | Lista de reglas de directiva que se van a actualizar. |
Respuesta
Si se ejecuta correctamente, este método devuelve un 200 OK código de respuesta y un objeto unifiedRoleManagementPolicy en el cuerpo de la respuesta.
Ejemplos
Ejemplo 1: Actualización de los detalles de una directiva definida en PIM para roles de Microsoft Entra
Solicitud
En el ejemplo siguiente se muestra la solicitud.
PATCH https://graph.microsoft.com/beta/policies/roleManagementPolicies/DirectoryRole_2132228a-d66e-401c-ab8a-a8ae31254a36_0f8c4bbc-4f1a-421c-b63d-a68f571b7fab
Content-Type: application/json
{
"rules": [
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
"id": "Approval_EndUser_Assignment",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"inheritableSettings": [],
"enforcedSettings": []
},
"setting": {
"isApprovalRequired": false,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": true,
"approvalMode": "SingleStage",
"approvalStages": [
{
"approvalStageTimeOutInDays": 1,
"isApproverJustificationRequired": true,
"escalationTimeInMinutes": 0,
"isEscalationEnabled": false,
"primaryApprovers": [],
"escalationApprovers": []
}
]
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
"id": "AuthenticationContext_EndUser_Assignment",
"isEnabled": false,
"claimValue": "",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"inheritableSettings": [],
"enforcedSettings": []
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
"id": "Enablement_Admin_Eligibility",
"enabledRules": [],
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"inheritableSettings": [],
"enforcedSettings": []
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
"id": "Expiration_Admin_Eligibility",
"isExpirationRequired": false,
"maximumDuration": "P365D",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"inheritableSettings": [],
"enforcedSettings": []
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
"id": "Notification_Admin_Admin_Eligibility",
"notificationType": "Email",
"recipientType": "Admin",
"notificationLevel": "All",
"isDefaultRecipientsEnabled": true,
"notificationRecipients": [],
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"inheritableSettings": [],
"enforcedSettings": []
}
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new UnifiedRoleManagementPolicy
{
Rules = new List<UnifiedRoleManagementPolicyRule>
{
new UnifiedRoleManagementPolicyApprovalRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
Id = "Approval_EndUser_Assignment",
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "EndUser",
Operations = new List<string>
{
"All",
},
Level = "Assignment",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
Setting = new ApprovalSettings
{
IsApprovalRequired = false,
IsApprovalRequiredForExtension = false,
IsRequestorJustificationRequired = true,
ApprovalMode = "SingleStage",
ApprovalStages = new List<ApprovalStage>
{
new ApprovalStage
{
ApprovalStageTimeOutInDays = 1,
IsApproverJustificationRequired = true,
EscalationTimeInMinutes = 0,
IsEscalationEnabled = false,
PrimaryApprovers = new List<UserSet>
{
},
EscalationApprovers = new List<UserSet>
{
},
},
},
},
},
new UnifiedRoleManagementPolicyAuthenticationContextRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
Id = "AuthenticationContext_EndUser_Assignment",
IsEnabled = false,
ClaimValue = "",
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "EndUser",
Operations = new List<string>
{
"All",
},
Level = "Assignment",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
new UnifiedRoleManagementPolicyEnablementRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
Id = "Enablement_Admin_Eligibility",
EnabledRules = new List<string>
{
},
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "Admin",
Operations = new List<string>
{
"All",
},
Level = "Eligibility",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
new UnifiedRoleManagementPolicyExpirationRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
Id = "Expiration_Admin_Eligibility",
IsExpirationRequired = false,
MaximumDuration = TimeSpan.Parse("P365D"),
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "Admin",
Operations = new List<string>
{
"All",
},
Level = "Eligibility",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
new UnifiedRoleManagementPolicyNotificationRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
Id = "Notification_Admin_Admin_Eligibility",
NotificationType = "Email",
RecipientType = "Admin",
NotificationLevel = "All",
IsDefaultRecipientsEnabled = true,
NotificationRecipients = new List<string>
{
},
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "Admin",
Operations = new List<string>
{
"All",
},
Level = "Eligibility",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.RoleManagementPolicies["{unifiedRoleManagementPolicy-id}"].PatchAsync(requestBody);
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
mgc-beta policies role-management-policies patch --unified-role-management-policy-id {unifiedRoleManagementPolicy-id} --body '{\
"rules": [\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",\
"id": "Approval_EndUser_Assignment",\
"target": {\
"caller": "EndUser",\
"operations": [\
"All"\
],\
"level": "Assignment",\
"inheritableSettings": [],\
"enforcedSettings": []\
},\
"setting": {\
"isApprovalRequired": false,\
"isApprovalRequiredForExtension": false,\
"isRequestorJustificationRequired": true,\
"approvalMode": "SingleStage",\
"approvalStages": [\
{\
"approvalStageTimeOutInDays": 1,\
"isApproverJustificationRequired": true,\
"escalationTimeInMinutes": 0,\
"isEscalationEnabled": false,\
"primaryApprovers": [],\
"escalationApprovers": []\
}\
]\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",\
"id": "AuthenticationContext_EndUser_Assignment",\
"isEnabled": false,\
"claimValue": "",\
"target": {\
"caller": "EndUser",\
"operations": [\
"All"\
],\
"level": "Assignment",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",\
"id": "Enablement_Admin_Eligibility",\
"enabledRules": [],\
"target": {\
"caller": "Admin",\
"operations": [\
"All"\
],\
"level": "Eligibility",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",\
"id": "Expiration_Admin_Eligibility",\
"isExpirationRequired": false,\
"maximumDuration": "P365D",\
"target": {\
"caller": "Admin",\
"operations": [\
"All"\
],\
"level": "Eligibility",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",\
"id": "Notification_Admin_Admin_Eligibility",\
"notificationType": "Email",\
"recipientType": "Admin",\
"notificationLevel": "All",\
"isDefaultRecipientsEnabled": true,\
"notificationRecipients": [],\
"target": {\
"caller": "Admin",\
"operations": [\
"All"\
],\
"level": "Eligibility",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
}\
]\
}\
'
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUnifiedRoleManagementPolicy()
unifiedRoleManagementPolicyRule := graphmodels.NewUnifiedRoleManagementPolicyApprovalRule()
id := "Approval_EndUser_Assignment"
unifiedRoleManagementPolicyRule.SetId(&id)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "EndUser"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Assignment"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule.SetTarget(target)
setting := graphmodels.NewApprovalSettings()
isApprovalRequired := false
setting.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
setting.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := true
setting.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "SingleStage"
setting.SetApprovalMode(&approvalMode)
approvalStage := graphmodels.NewApprovalStage()
approvalStageTimeOutInDays := int32(1)
approvalStage.SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
approvalStage.SetIsApproverJustificationRequired(&isApproverJustificationRequired)
escalationTimeInMinutes := int32(0)
approvalStage.SetEscalationTimeInMinutes(&escalationTimeInMinutes)
isEscalationEnabled := false
approvalStage.SetIsEscalationEnabled(&isEscalationEnabled)
primaryApprovers := []graphmodels.UserSetable {
}
approvalStage.SetPrimaryApprovers(primaryApprovers)
escalationApprovers := []graphmodels.UserSetable {
}
approvalStage.SetEscalationApprovers(escalationApprovers)
approvalStages := []graphmodels.ApprovalStageable {
approvalStage,
}
setting.SetApprovalStages(approvalStages)
unifiedRoleManagementPolicyRule.SetSetting(setting)
unifiedRoleManagementPolicyRule1 := graphmodels.NewUnifiedRoleManagementPolicyAuthenticationContextRule()
id := "AuthenticationContext_EndUser_Assignment"
unifiedRoleManagementPolicyRule1.SetId(&id)
isEnabled := false
unifiedRoleManagementPolicyRule1.SetIsEnabled(&isEnabled)
claimValue := ""
unifiedRoleManagementPolicyRule1.SetClaimValue(&claimValue)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "EndUser"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Assignment"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule1.SetTarget(target)
unifiedRoleManagementPolicyRule2 := graphmodels.NewUnifiedRoleManagementPolicyEnablementRule()
id := "Enablement_Admin_Eligibility"
unifiedRoleManagementPolicyRule2.SetId(&id)
enabledRules := []string {
}
unifiedRoleManagementPolicyRule2.SetEnabledRules(enabledRules)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "Admin"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Eligibility"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule2.SetTarget(target)
unifiedRoleManagementPolicyRule3 := graphmodels.NewUnifiedRoleManagementPolicyExpirationRule()
id := "Expiration_Admin_Eligibility"
unifiedRoleManagementPolicyRule3.SetId(&id)
isExpirationRequired := false
unifiedRoleManagementPolicyRule3.SetIsExpirationRequired(&isExpirationRequired)
maximumDuration , err := abstractions.ParseISODuration("P365D")
unifiedRoleManagementPolicyRule3.SetMaximumDuration(&maximumDuration)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "Admin"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Eligibility"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule3.SetTarget(target)
unifiedRoleManagementPolicyRule4 := graphmodels.NewUnifiedRoleManagementPolicyNotificationRule()
id := "Notification_Admin_Admin_Eligibility"
unifiedRoleManagementPolicyRule4.SetId(&id)
notificationType := "Email"
unifiedRoleManagementPolicyRule4.SetNotificationType(¬ificationType)
recipientType := "Admin"
unifiedRoleManagementPolicyRule4.SetRecipientType(&recipientType)
notificationLevel := "All"
unifiedRoleManagementPolicyRule4.SetNotificationLevel(¬ificationLevel)
isDefaultRecipientsEnabled := true
unifiedRoleManagementPolicyRule4.SetIsDefaultRecipientsEnabled(&isDefaultRecipientsEnabled)
notificationRecipients := []string {
}
unifiedRoleManagementPolicyRule4.SetNotificationRecipients(notificationRecipients)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "Admin"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Eligibility"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule4.SetTarget(target)
rules := []graphmodels.UnifiedRoleManagementPolicyRuleable {
unifiedRoleManagementPolicyRule,
unifiedRoleManagementPolicyRule1,
unifiedRoleManagementPolicyRule2,
unifiedRoleManagementPolicyRule3,
unifiedRoleManagementPolicyRule4,
}
requestBody.SetRules(rules)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
roleManagementPolicies, err := graphClient.Policies().RoleManagementPolicies().ByUnifiedRoleManagementPolicyId("unifiedRoleManagementPolicy-id").Patch(context.Background(), requestBody, nil)
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
UnifiedRoleManagementPolicy unifiedRoleManagementPolicy = new UnifiedRoleManagementPolicy();
LinkedList<UnifiedRoleManagementPolicyRule> rules = new LinkedList<UnifiedRoleManagementPolicyRule>();
UnifiedRoleManagementPolicyApprovalRule unifiedRoleManagementPolicyRule = new UnifiedRoleManagementPolicyApprovalRule();
unifiedRoleManagementPolicyRule.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyApprovalRule");
unifiedRoleManagementPolicyRule.setId("Approval_EndUser_Assignment");
UnifiedRoleManagementPolicyRuleTarget target = new UnifiedRoleManagementPolicyRuleTarget();
target.setCaller("EndUser");
LinkedList<String> operations = new LinkedList<String>();
operations.add("All");
target.setOperations(operations);
target.setLevel("Assignment");
LinkedList<String> inheritableSettings = new LinkedList<String>();
target.setInheritableSettings(inheritableSettings);
LinkedList<String> enforcedSettings = new LinkedList<String>();
target.setEnforcedSettings(enforcedSettings);
unifiedRoleManagementPolicyRule.setTarget(target);
ApprovalSettings setting = new ApprovalSettings();
setting.setIsApprovalRequired(false);
setting.setIsApprovalRequiredForExtension(false);
setting.setIsRequestorJustificationRequired(true);
setting.setApprovalMode("SingleStage");
LinkedList<ApprovalStage> approvalStages = new LinkedList<ApprovalStage>();
ApprovalStage approvalStage = new ApprovalStage();
approvalStage.setApprovalStageTimeOutInDays(1);
approvalStage.setIsApproverJustificationRequired(true);
approvalStage.setEscalationTimeInMinutes(0);
approvalStage.setIsEscalationEnabled(false);
LinkedList<UserSet> primaryApprovers = new LinkedList<UserSet>();
approvalStage.setPrimaryApprovers(primaryApprovers);
LinkedList<UserSet> escalationApprovers = new LinkedList<UserSet>();
approvalStage.setEscalationApprovers(escalationApprovers);
approvalStages.add(approvalStage);
setting.setApprovalStages(approvalStages);
unifiedRoleManagementPolicyRule.setSetting(setting);
rules.add(unifiedRoleManagementPolicyRule);
UnifiedRoleManagementPolicyAuthenticationContextRule unifiedRoleManagementPolicyRule1 = new UnifiedRoleManagementPolicyAuthenticationContextRule();
unifiedRoleManagementPolicyRule1.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule");
unifiedRoleManagementPolicyRule1.setId("AuthenticationContext_EndUser_Assignment");
unifiedRoleManagementPolicyRule1.setIsEnabled(false);
unifiedRoleManagementPolicyRule1.setClaimValue("");
UnifiedRoleManagementPolicyRuleTarget target1 = new UnifiedRoleManagementPolicyRuleTarget();
target1.setCaller("EndUser");
LinkedList<String> operations1 = new LinkedList<String>();
operations1.add("All");
target1.setOperations(operations1);
target1.setLevel("Assignment");
LinkedList<String> inheritableSettings1 = new LinkedList<String>();
target1.setInheritableSettings(inheritableSettings1);
LinkedList<String> enforcedSettings1 = new LinkedList<String>();
target1.setEnforcedSettings(enforcedSettings1);
unifiedRoleManagementPolicyRule1.setTarget(target1);
rules.add(unifiedRoleManagementPolicyRule1);
UnifiedRoleManagementPolicyEnablementRule unifiedRoleManagementPolicyRule2 = new UnifiedRoleManagementPolicyEnablementRule();
unifiedRoleManagementPolicyRule2.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyEnablementRule");
unifiedRoleManagementPolicyRule2.setId("Enablement_Admin_Eligibility");
LinkedList<String> enabledRules = new LinkedList<String>();
unifiedRoleManagementPolicyRule2.setEnabledRules(enabledRules);
UnifiedRoleManagementPolicyRuleTarget target2 = new UnifiedRoleManagementPolicyRuleTarget();
target2.setCaller("Admin");
LinkedList<String> operations2 = new LinkedList<String>();
operations2.add("All");
target2.setOperations(operations2);
target2.setLevel("Eligibility");
LinkedList<String> inheritableSettings2 = new LinkedList<String>();
target2.setInheritableSettings(inheritableSettings2);
LinkedList<String> enforcedSettings2 = new LinkedList<String>();
target2.setEnforcedSettings(enforcedSettings2);
unifiedRoleManagementPolicyRule2.setTarget(target2);
rules.add(unifiedRoleManagementPolicyRule2);
UnifiedRoleManagementPolicyExpirationRule unifiedRoleManagementPolicyRule3 = new UnifiedRoleManagementPolicyExpirationRule();
unifiedRoleManagementPolicyRule3.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyExpirationRule");
unifiedRoleManagementPolicyRule3.setId("Expiration_Admin_Eligibility");
unifiedRoleManagementPolicyRule3.setIsExpirationRequired(false);
PeriodAndDuration maximumDuration = PeriodAndDuration.ofDuration(Duration.parse("P365D"));
unifiedRoleManagementPolicyRule3.setMaximumDuration(maximumDuration);
UnifiedRoleManagementPolicyRuleTarget target3 = new UnifiedRoleManagementPolicyRuleTarget();
target3.setCaller("Admin");
LinkedList<String> operations3 = new LinkedList<String>();
operations3.add("All");
target3.setOperations(operations3);
target3.setLevel("Eligibility");
LinkedList<String> inheritableSettings3 = new LinkedList<String>();
target3.setInheritableSettings(inheritableSettings3);
LinkedList<String> enforcedSettings3 = new LinkedList<String>();
target3.setEnforcedSettings(enforcedSettings3);
unifiedRoleManagementPolicyRule3.setTarget(target3);
rules.add(unifiedRoleManagementPolicyRule3);
UnifiedRoleManagementPolicyNotificationRule unifiedRoleManagementPolicyRule4 = new UnifiedRoleManagementPolicyNotificationRule();
unifiedRoleManagementPolicyRule4.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyNotificationRule");
unifiedRoleManagementPolicyRule4.setId("Notification_Admin_Admin_Eligibility");
unifiedRoleManagementPolicyRule4.setNotificationType("Email");
unifiedRoleManagementPolicyRule4.setRecipientType("Admin");
unifiedRoleManagementPolicyRule4.setNotificationLevel("All");
unifiedRoleManagementPolicyRule4.setIsDefaultRecipientsEnabled(true);
LinkedList<String> notificationRecipients = new LinkedList<String>();
unifiedRoleManagementPolicyRule4.setNotificationRecipients(notificationRecipients);
UnifiedRoleManagementPolicyRuleTarget target4 = new UnifiedRoleManagementPolicyRuleTarget();
target4.setCaller("Admin");
LinkedList<String> operations4 = new LinkedList<String>();
operations4.add("All");
target4.setOperations(operations4);
target4.setLevel("Eligibility");
LinkedList<String> inheritableSettings4 = new LinkedList<String>();
target4.setInheritableSettings(inheritableSettings4);
LinkedList<String> enforcedSettings4 = new LinkedList<String>();
target4.setEnforcedSettings(enforcedSettings4);
unifiedRoleManagementPolicyRule4.setTarget(target4);
rules.add(unifiedRoleManagementPolicyRule4);
unifiedRoleManagementPolicy.setRules(rules);
UnifiedRoleManagementPolicy result = graphClient.policies().roleManagementPolicies().byUnifiedRoleManagementPolicyId("{unifiedRoleManagementPolicy-id}").patch(unifiedRoleManagementPolicy);
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
const options = {
authProvider,
};
const client = Client.init(options);
const unifiedRoleManagementPolicy = {
rules: [
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyApprovalRule',
id: 'Approval_EndUser_Assignment',
target: {
caller: 'EndUser',
operations: [
'All'
],
level: 'Assignment',
inheritableSettings: [],
enforcedSettings: []
},
setting: {
isApprovalRequired: false,
isApprovalRequiredForExtension: false,
isRequestorJustificationRequired: true,
approvalMode: 'SingleStage',
approvalStages: [
{
approvalStageTimeOutInDays: 1,
isApproverJustificationRequired: true,
escalationTimeInMinutes: 0,
isEscalationEnabled: false,
primaryApprovers: [],
escalationApprovers: []
}
]
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule',
id: 'AuthenticationContext_EndUser_Assignment',
isEnabled: false,
claimValue: '',
target: {
caller: 'EndUser',
operations: [
'All'
],
level: 'Assignment',
inheritableSettings: [],
enforcedSettings: []
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyEnablementRule',
id: 'Enablement_Admin_Eligibility',
enabledRules: [],
target: {
caller: 'Admin',
operations: [
'All'
],
level: 'Eligibility',
inheritableSettings: [],
enforcedSettings: []
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyExpirationRule',
id: 'Expiration_Admin_Eligibility',
isExpirationRequired: false,
maximumDuration: 'P365D',
target: {
caller: 'Admin',
operations: [
'All'
],
level: 'Eligibility',
inheritableSettings: [],
enforcedSettings: []
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyNotificationRule',
id: 'Notification_Admin_Admin_Eligibility',
notificationType: 'Email',
recipientType: 'Admin',
notificationLevel: 'All',
isDefaultRecipientsEnabled: true,
notificationRecipients: [],
target: {
caller: 'Admin',
operations: [
'All'
],
level: 'Eligibility',
inheritableSettings: [],
enforcedSettings: []
}
}
]
};
await client.api('/policies/roleManagementPolicies/DirectoryRole_2132228a-d66e-401c-ab8a-a8ae31254a36_0f8c4bbc-4f1a-421c-b63d-a68f571b7fab')
.version('beta')
.update(unifiedRoleManagementPolicy);
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicy;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyApprovalRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyRuleTarget;
use Microsoft\Graph\Beta\Generated\Models\ApprovalSettings;
use Microsoft\Graph\Beta\Generated\Models\ApprovalStage;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyAuthenticationContextRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyEnablementRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyExpirationRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyNotificationRule;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UnifiedRoleManagementPolicy();
$rulesUnifiedRoleManagementPolicyRule1 = new UnifiedRoleManagementPolicyApprovalRule();
$rulesUnifiedRoleManagementPolicyRule1->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyApprovalRule');
$rulesUnifiedRoleManagementPolicyRule1->setId('Approval_EndUser_Assignment');
$rulesUnifiedRoleManagementPolicyRule1Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule1Target->setCaller('EndUser');
$rulesUnifiedRoleManagementPolicyRule1Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule1Target->setLevel('Assignment');
$rulesUnifiedRoleManagementPolicyRule1Target->setInheritableSettings([ ]);
$rulesUnifiedRoleManagementPolicyRule1Target->setEnforcedSettings([ ]);
$rulesUnifiedRoleManagementPolicyRule1->setTarget($rulesUnifiedRoleManagementPolicyRule1Target);
$rulesUnifiedRoleManagementPolicyRule1Setting = new ApprovalSettings();
$rulesUnifiedRoleManagementPolicyRule1Setting->setIsApprovalRequired(false);
$rulesUnifiedRoleManagementPolicyRule1Setting->setIsApprovalRequiredForExtension(false);
$rulesUnifiedRoleManagementPolicyRule1Setting->setIsRequestorJustificationRequired(true);
$rulesUnifiedRoleManagementPolicyRule1Setting->setApprovalMode('SingleStage');
$approvalStagesApprovalStage1 = new ApprovalStage();
$approvalStagesApprovalStage1->setApprovalStageTimeOutInDays(1);
$approvalStagesApprovalStage1->setIsApproverJustificationRequired(true);
$approvalStagesApprovalStage1->setEscalationTimeInMinutes(0);
$approvalStagesApprovalStage1->setIsEscalationEnabled(false);
$approvalStagesApprovalStage1->setPrimaryApprovers([ ]);
$approvalStagesApprovalStage1->setEscalationApprovers([ ]);
$approvalStagesArray []= $approvalStagesApprovalStage1;
$rulesUnifiedRoleManagementPolicyRule1Setting->setApprovalStages($approvalStagesArray);
$rulesUnifiedRoleManagementPolicyRule1->setSetting($rulesUnifiedRoleManagementPolicyRule1Setting);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule1;
$rulesUnifiedRoleManagementPolicyRule2 = new UnifiedRoleManagementPolicyAuthenticationContextRule();
$rulesUnifiedRoleManagementPolicyRule2->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule');
$rulesUnifiedRoleManagementPolicyRule2->setId('AuthenticationContext_EndUser_Assignment');
$rulesUnifiedRoleManagementPolicyRule2->setIsEnabled(false);
$rulesUnifiedRoleManagementPolicyRule2->setClaimValue('');
$rulesUnifiedRoleManagementPolicyRule2Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule2Target->setCaller('EndUser');
$rulesUnifiedRoleManagementPolicyRule2Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule2Target->setLevel('Assignment');
$rulesUnifiedRoleManagementPolicyRule2Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule2Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule2->setTarget($rulesUnifiedRoleManagementPolicyRule2Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule2;
$rulesUnifiedRoleManagementPolicyRule3 = new UnifiedRoleManagementPolicyEnablementRule();
$rulesUnifiedRoleManagementPolicyRule3->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyEnablementRule');
$rulesUnifiedRoleManagementPolicyRule3->setId('Enablement_Admin_Eligibility');
$rulesUnifiedRoleManagementPolicyRule3->setEnabledRules([]);
$rulesUnifiedRoleManagementPolicyRule3Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule3Target->setCaller('Admin');
$rulesUnifiedRoleManagementPolicyRule3Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule3Target->setLevel('Eligibility');
$rulesUnifiedRoleManagementPolicyRule3Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule3Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule3->setTarget($rulesUnifiedRoleManagementPolicyRule3Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule3;
$rulesUnifiedRoleManagementPolicyRule4 = new UnifiedRoleManagementPolicyExpirationRule();
$rulesUnifiedRoleManagementPolicyRule4->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyExpirationRule');
$rulesUnifiedRoleManagementPolicyRule4->setId('Expiration_Admin_Eligibility');
$rulesUnifiedRoleManagementPolicyRule4->setIsExpirationRequired(false);
$rulesUnifiedRoleManagementPolicyRule4->setMaximumDuration(new \DateInterval('P365D'));
$rulesUnifiedRoleManagementPolicyRule4Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule4Target->setCaller('Admin');
$rulesUnifiedRoleManagementPolicyRule4Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule4Target->setLevel('Eligibility');
$rulesUnifiedRoleManagementPolicyRule4Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule4Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule4->setTarget($rulesUnifiedRoleManagementPolicyRule4Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule4;
$rulesUnifiedRoleManagementPolicyRule5 = new UnifiedRoleManagementPolicyNotificationRule();
$rulesUnifiedRoleManagementPolicyRule5->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyNotificationRule');
$rulesUnifiedRoleManagementPolicyRule5->setId('Notification_Admin_Admin_Eligibility');
$rulesUnifiedRoleManagementPolicyRule5->setNotificationType('Email');
$rulesUnifiedRoleManagementPolicyRule5->setRecipientType('Admin');
$rulesUnifiedRoleManagementPolicyRule5->setNotificationLevel('All');
$rulesUnifiedRoleManagementPolicyRule5->setIsDefaultRecipientsEnabled(true);
$rulesUnifiedRoleManagementPolicyRule5->setNotificationRecipients([]);
$rulesUnifiedRoleManagementPolicyRule5Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule5Target->setCaller('Admin');
$rulesUnifiedRoleManagementPolicyRule5Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule5Target->setLevel('Eligibility');
$rulesUnifiedRoleManagementPolicyRule5Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule5Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule5->setTarget($rulesUnifiedRoleManagementPolicyRule5Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule5;
$requestBody->setRules($rulesArray);
$result = $graphServiceClient->policies()->roleManagementPolicies()->byUnifiedRoleManagementPolicyId('unifiedRoleManagementPolicy-id')->patch($requestBody)->wait();
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
rules = @(
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule"
id = "Approval_EndUser_Assignment"
target = @{
caller = "EndUser"
operations = @(
"All"
)
level = "Assignment"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
setting = @{
isApprovalRequired = $false
isApprovalRequiredForExtension = $false
isRequestorJustificationRequired = $true
approvalMode = "SingleStage"
approvalStages = @(
@{
approvalStageTimeOutInDays =
isApproverJustificationRequired = $true
escalationTimeInMinutes =
isEscalationEnabled = $false
primaryApprovers = @(
)
escalationApprovers = @(
)
}
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule"
id = "AuthenticationContext_EndUser_Assignment"
isEnabled = $false
claimValue = ""
target = @{
caller = "EndUser"
operations = @(
"All"
)
level = "Assignment"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule"
id = "Enablement_Admin_Eligibility"
enabledRules = @(
)
target = @{
caller = "Admin"
operations = @(
"All"
)
level = "Eligibility"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule"
id = "Expiration_Admin_Eligibility"
isExpirationRequired = $false
maximumDuration = "P365D"
target = @{
caller = "Admin"
operations = @(
"All"
)
level = "Eligibility"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule"
id = "Notification_Admin_Admin_Eligibility"
notificationType = "Email"
recipientType = "Admin"
notificationLevel = "All"
isDefaultRecipientsEnabled = $true
notificationRecipients = @(
)
target = @{
caller = "Admin"
operations = @(
"All"
)
level = "Eligibility"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
)
}
Update-MgBetaPolicyRoleManagementPolicy -UnifiedRoleManagementPolicyId $unifiedRoleManagementPolicyId -BodyParameter $params
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.unified_role_management_policy import UnifiedRoleManagementPolicy
from msgraph_beta.generated.models.unified_role_management_policy_rule import UnifiedRoleManagementPolicyRule
from msgraph_beta.generated.models.unified_role_management_policy_approval_rule import UnifiedRoleManagementPolicyApprovalRule
from msgraph_beta.generated.models.unified_role_management_policy_rule_target import UnifiedRoleManagementPolicyRuleTarget
from msgraph_beta.generated.models.approval_settings import ApprovalSettings
from msgraph_beta.generated.models.approval_stage import ApprovalStage
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.unified_role_management_policy_authentication_context_rule import UnifiedRoleManagementPolicyAuthenticationContextRule
from msgraph_beta.generated.models.unified_role_management_policy_enablement_rule import UnifiedRoleManagementPolicyEnablementRule
from msgraph_beta.generated.models.unified_role_management_policy_expiration_rule import UnifiedRoleManagementPolicyExpirationRule
from msgraph_beta.generated.models.unified_role_management_policy_notification_rule import UnifiedRoleManagementPolicyNotificationRule
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UnifiedRoleManagementPolicy(
rules = [
UnifiedRoleManagementPolicyApprovalRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
id = "Approval_EndUser_Assignment",
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "EndUser",
operations = [
"All",
],
level = "Assignment",
inheritable_settings = [
],
enforced_settings = [
],
),
setting = ApprovalSettings(
is_approval_required = False,
is_approval_required_for_extension = False,
is_requestor_justification_required = True,
approval_mode = "SingleStage",
approval_stages = [
ApprovalStage(
approval_stage_time_out_in_days = 1,
is_approver_justification_required = True,
escalation_time_in_minutes = 0,
is_escalation_enabled = False,
primary_approvers = [
],
escalation_approvers = [
],
),
],
),
),
UnifiedRoleManagementPolicyAuthenticationContextRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
id = "AuthenticationContext_EndUser_Assignment",
is_enabled = False,
claim_value = "",
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "EndUser",
operations = [
"All",
],
level = "Assignment",
inheritable_settings = [
],
enforced_settings = [
],
),
),
UnifiedRoleManagementPolicyEnablementRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
id = "Enablement_Admin_Eligibility",
enabled_rules = [
],
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "Admin",
operations = [
"All",
],
level = "Eligibility",
inheritable_settings = [
],
enforced_settings = [
],
),
),
UnifiedRoleManagementPolicyExpirationRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
id = "Expiration_Admin_Eligibility",
is_expiration_required = False,
maximum_duration = "P365D",
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "Admin",
operations = [
"All",
],
level = "Eligibility",
inheritable_settings = [
],
enforced_settings = [
],
),
),
UnifiedRoleManagementPolicyNotificationRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
id = "Notification_Admin_Admin_Eligibility",
notification_type = "Email",
recipient_type = "Admin",
notification_level = "All",
is_default_recipients_enabled = True,
notification_recipients = [
],
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "Admin",
operations = [
"All",
],
level = "Eligibility",
inheritable_settings = [
],
enforced_settings = [
],
),
),
],
)
result = await graph_client.policies.role_management_policies.by_unified_role_management_policy_id('unifiedRoleManagementPolicy-id').patch(request_body)
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
Respuesta
En el ejemplo siguiente se muestra la respuesta.
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/roleManagementPolicies/$entity",
"id": "DirectoryRole_2132228a-d66e-401c-ab8a-a8ae31254a36_0f8c4bbc-4f1a-421c-b63d-a68f571b7fab",
"displayName": "DirectoryRole",
"description": "DirectoryRole",
"isOrganizationDefault": false,
"scopeId": "/",
"scopeType": "DirectoryRole",
"lastModifiedDateTime": "2023-10-01T19:27:32.663Z",
"lastModifiedBy": {
"displayName": "Test User 1",
"id": null
}
}
Ejemplo 2: Actualización de los detalles de una directiva definida en PIM para grupos
Solicitud
En el ejemplo siguiente se muestra la solicitud.
PATCH https://graph.microsoft.com/beta/policies/roleManagementPolicies/Group_60bba733-f09d-49b7-8445-32369aa066b3_f21b26d9-9ff9-4af1-b1d4-bddf28591369
Content-Type: application/json
{
"rules": [
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
"id": "Approval_EndUser_Assignment",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"inheritableSettings": [],
"enforcedSettings": []
},
"setting": {
"isApprovalRequired": true,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": true,
"approvalMode": "SingleStage",
"approvalStages": [
{
"approvalStageTimeOutInDays": 1,
"isApproverJustificationRequired": true,
"escalationTimeInMinutes": 0,
"isEscalationEnabled": false,
"primaryApprovers": [
{
"@odata.type": "#microsoft.graph.singleUser",
"isBackup": false,
"id": "c277c8cb-6bb7-42e5-a17f-0add9a718151",
"description": null
}
],
"escalationApprovers": []
}
]
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
"id": "AuthenticationContext_EndUser_Assignment",
"isEnabled": false,
"claimValue": "",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"inheritableSettings": [],
"enforcedSettings": []
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
"id": "Enablement_Admin_Eligibility",
"enabledRules": [],
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"inheritableSettings": [],
"enforcedSettings": []
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
"id": "Expiration_Admin_Eligibility",
"isExpirationRequired": true,
"maximumDuration": "P365D",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"inheritableSettings": [],
"enforcedSettings": []
}
},
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
"id": "Notification_Admin_Admin_Eligibility",
"notificationType": "Email",
"recipientType": "Admin",
"notificationLevel": "All",
"isDefaultRecipientsEnabled": true,
"notificationRecipients": [],
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"inheritableSettings": [],
"enforcedSettings": []
}
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new UnifiedRoleManagementPolicy
{
Rules = new List<UnifiedRoleManagementPolicyRule>
{
new UnifiedRoleManagementPolicyApprovalRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
Id = "Approval_EndUser_Assignment",
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "EndUser",
Operations = new List<string>
{
"All",
},
Level = "Assignment",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
Setting = new ApprovalSettings
{
IsApprovalRequired = true,
IsApprovalRequiredForExtension = false,
IsRequestorJustificationRequired = true,
ApprovalMode = "SingleStage",
ApprovalStages = new List<ApprovalStage>
{
new ApprovalStage
{
ApprovalStageTimeOutInDays = 1,
IsApproverJustificationRequired = true,
EscalationTimeInMinutes = 0,
IsEscalationEnabled = false,
PrimaryApprovers = new List<UserSet>
{
new SingleUser
{
OdataType = "#microsoft.graph.singleUser",
IsBackup = false,
Id = "c277c8cb-6bb7-42e5-a17f-0add9a718151",
Description = null,
},
},
EscalationApprovers = new List<UserSet>
{
},
},
},
},
},
new UnifiedRoleManagementPolicyAuthenticationContextRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
Id = "AuthenticationContext_EndUser_Assignment",
IsEnabled = false,
ClaimValue = "",
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "EndUser",
Operations = new List<string>
{
"All",
},
Level = "Assignment",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
new UnifiedRoleManagementPolicyEnablementRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
Id = "Enablement_Admin_Eligibility",
EnabledRules = new List<string>
{
},
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "Admin",
Operations = new List<string>
{
"All",
},
Level = "Eligibility",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
new UnifiedRoleManagementPolicyExpirationRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
Id = "Expiration_Admin_Eligibility",
IsExpirationRequired = true,
MaximumDuration = TimeSpan.Parse("P365D"),
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "Admin",
Operations = new List<string>
{
"All",
},
Level = "Eligibility",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
new UnifiedRoleManagementPolicyNotificationRule
{
OdataType = "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
Id = "Notification_Admin_Admin_Eligibility",
NotificationType = "Email",
RecipientType = "Admin",
NotificationLevel = "All",
IsDefaultRecipientsEnabled = true,
NotificationRecipients = new List<string>
{
},
Target = new UnifiedRoleManagementPolicyRuleTarget
{
Caller = "Admin",
Operations = new List<string>
{
"All",
},
Level = "Eligibility",
InheritableSettings = new List<string>
{
},
EnforcedSettings = new List<string>
{
},
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.RoleManagementPolicies["{unifiedRoleManagementPolicy-id}"].PatchAsync(requestBody);
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
mgc-beta policies role-management-policies patch --unified-role-management-policy-id {unifiedRoleManagementPolicy-id} --body '{\
"rules": [\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",\
"id": "Approval_EndUser_Assignment",\
"target": {\
"caller": "EndUser",\
"operations": [\
"All"\
],\
"level": "Assignment",\
"inheritableSettings": [],\
"enforcedSettings": []\
},\
"setting": {\
"isApprovalRequired": true,\
"isApprovalRequiredForExtension": false,\
"isRequestorJustificationRequired": true,\
"approvalMode": "SingleStage",\
"approvalStages": [\
{\
"approvalStageTimeOutInDays": 1,\
"isApproverJustificationRequired": true,\
"escalationTimeInMinutes": 0,\
"isEscalationEnabled": false,\
"primaryApprovers": [\
{\
"@odata.type": "#microsoft.graph.singleUser",\
"isBackup": false,\
"id": "c277c8cb-6bb7-42e5-a17f-0add9a718151",\
"description": null\
}\
],\
"escalationApprovers": []\
}\
]\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",\
"id": "AuthenticationContext_EndUser_Assignment",\
"isEnabled": false,\
"claimValue": "",\
"target": {\
"caller": "EndUser",\
"operations": [\
"All"\
],\
"level": "Assignment",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",\
"id": "Enablement_Admin_Eligibility",\
"enabledRules": [],\
"target": {\
"caller": "Admin",\
"operations": [\
"All"\
],\
"level": "Eligibility",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",\
"id": "Expiration_Admin_Eligibility",\
"isExpirationRequired": true,\
"maximumDuration": "P365D",\
"target": {\
"caller": "Admin",\
"operations": [\
"All"\
],\
"level": "Eligibility",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
},\
{\
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",\
"id": "Notification_Admin_Admin_Eligibility",\
"notificationType": "Email",\
"recipientType": "Admin",\
"notificationLevel": "All",\
"isDefaultRecipientsEnabled": true,\
"notificationRecipients": [],\
"target": {\
"caller": "Admin",\
"operations": [\
"All"\
],\
"level": "Eligibility",\
"inheritableSettings": [],\
"enforcedSettings": []\
}\
}\
]\
}\
'
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUnifiedRoleManagementPolicy()
unifiedRoleManagementPolicyRule := graphmodels.NewUnifiedRoleManagementPolicyApprovalRule()
id := "Approval_EndUser_Assignment"
unifiedRoleManagementPolicyRule.SetId(&id)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "EndUser"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Assignment"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule.SetTarget(target)
setting := graphmodels.NewApprovalSettings()
isApprovalRequired := true
setting.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
setting.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := true
setting.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "SingleStage"
setting.SetApprovalMode(&approvalMode)
approvalStage := graphmodels.NewApprovalStage()
approvalStageTimeOutInDays := int32(1)
approvalStage.SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
approvalStage.SetIsApproverJustificationRequired(&isApproverJustificationRequired)
escalationTimeInMinutes := int32(0)
approvalStage.SetEscalationTimeInMinutes(&escalationTimeInMinutes)
isEscalationEnabled := false
approvalStage.SetIsEscalationEnabled(&isEscalationEnabled)
userSet := graphmodels.NewSingleUser()
isBackup := false
userSet.SetIsBackup(&isBackup)
id := "c277c8cb-6bb7-42e5-a17f-0add9a718151"
userSet.SetId(&id)
description := null
userSet.SetDescription(&description)
primaryApprovers := []graphmodels.UserSetable {
userSet,
}
approvalStage.SetPrimaryApprovers(primaryApprovers)
escalationApprovers := []graphmodels.UserSetable {
}
approvalStage.SetEscalationApprovers(escalationApprovers)
approvalStages := []graphmodels.ApprovalStageable {
approvalStage,
}
setting.SetApprovalStages(approvalStages)
unifiedRoleManagementPolicyRule.SetSetting(setting)
unifiedRoleManagementPolicyRule1 := graphmodels.NewUnifiedRoleManagementPolicyAuthenticationContextRule()
id := "AuthenticationContext_EndUser_Assignment"
unifiedRoleManagementPolicyRule1.SetId(&id)
isEnabled := false
unifiedRoleManagementPolicyRule1.SetIsEnabled(&isEnabled)
claimValue := ""
unifiedRoleManagementPolicyRule1.SetClaimValue(&claimValue)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "EndUser"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Assignment"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule1.SetTarget(target)
unifiedRoleManagementPolicyRule2 := graphmodels.NewUnifiedRoleManagementPolicyEnablementRule()
id := "Enablement_Admin_Eligibility"
unifiedRoleManagementPolicyRule2.SetId(&id)
enabledRules := []string {
}
unifiedRoleManagementPolicyRule2.SetEnabledRules(enabledRules)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "Admin"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Eligibility"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule2.SetTarget(target)
unifiedRoleManagementPolicyRule3 := graphmodels.NewUnifiedRoleManagementPolicyExpirationRule()
id := "Expiration_Admin_Eligibility"
unifiedRoleManagementPolicyRule3.SetId(&id)
isExpirationRequired := true
unifiedRoleManagementPolicyRule3.SetIsExpirationRequired(&isExpirationRequired)
maximumDuration , err := abstractions.ParseISODuration("P365D")
unifiedRoleManagementPolicyRule3.SetMaximumDuration(&maximumDuration)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "Admin"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Eligibility"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule3.SetTarget(target)
unifiedRoleManagementPolicyRule4 := graphmodels.NewUnifiedRoleManagementPolicyNotificationRule()
id := "Notification_Admin_Admin_Eligibility"
unifiedRoleManagementPolicyRule4.SetId(&id)
notificationType := "Email"
unifiedRoleManagementPolicyRule4.SetNotificationType(¬ificationType)
recipientType := "Admin"
unifiedRoleManagementPolicyRule4.SetRecipientType(&recipientType)
notificationLevel := "All"
unifiedRoleManagementPolicyRule4.SetNotificationLevel(¬ificationLevel)
isDefaultRecipientsEnabled := true
unifiedRoleManagementPolicyRule4.SetIsDefaultRecipientsEnabled(&isDefaultRecipientsEnabled)
notificationRecipients := []string {
}
unifiedRoleManagementPolicyRule4.SetNotificationRecipients(notificationRecipients)
target := graphmodels.NewUnifiedRoleManagementPolicyRuleTarget()
caller := "Admin"
target.SetCaller(&caller)
operations := []string {
"All",
}
target.SetOperations(operations)
level := "Eligibility"
target.SetLevel(&level)
inheritableSettings := []string {
}
target.SetInheritableSettings(inheritableSettings)
enforcedSettings := []string {
}
target.SetEnforcedSettings(enforcedSettings)
unifiedRoleManagementPolicyRule4.SetTarget(target)
rules := []graphmodels.UnifiedRoleManagementPolicyRuleable {
unifiedRoleManagementPolicyRule,
unifiedRoleManagementPolicyRule1,
unifiedRoleManagementPolicyRule2,
unifiedRoleManagementPolicyRule3,
unifiedRoleManagementPolicyRule4,
}
requestBody.SetRules(rules)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
roleManagementPolicies, err := graphClient.Policies().RoleManagementPolicies().ByUnifiedRoleManagementPolicyId("unifiedRoleManagementPolicy-id").Patch(context.Background(), requestBody, nil)
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
UnifiedRoleManagementPolicy unifiedRoleManagementPolicy = new UnifiedRoleManagementPolicy();
LinkedList<UnifiedRoleManagementPolicyRule> rules = new LinkedList<UnifiedRoleManagementPolicyRule>();
UnifiedRoleManagementPolicyApprovalRule unifiedRoleManagementPolicyRule = new UnifiedRoleManagementPolicyApprovalRule();
unifiedRoleManagementPolicyRule.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyApprovalRule");
unifiedRoleManagementPolicyRule.setId("Approval_EndUser_Assignment");
UnifiedRoleManagementPolicyRuleTarget target = new UnifiedRoleManagementPolicyRuleTarget();
target.setCaller("EndUser");
LinkedList<String> operations = new LinkedList<String>();
operations.add("All");
target.setOperations(operations);
target.setLevel("Assignment");
LinkedList<String> inheritableSettings = new LinkedList<String>();
target.setInheritableSettings(inheritableSettings);
LinkedList<String> enforcedSettings = new LinkedList<String>();
target.setEnforcedSettings(enforcedSettings);
unifiedRoleManagementPolicyRule.setTarget(target);
ApprovalSettings setting = new ApprovalSettings();
setting.setIsApprovalRequired(true);
setting.setIsApprovalRequiredForExtension(false);
setting.setIsRequestorJustificationRequired(true);
setting.setApprovalMode("SingleStage");
LinkedList<ApprovalStage> approvalStages = new LinkedList<ApprovalStage>();
ApprovalStage approvalStage = new ApprovalStage();
approvalStage.setApprovalStageTimeOutInDays(1);
approvalStage.setIsApproverJustificationRequired(true);
approvalStage.setEscalationTimeInMinutes(0);
approvalStage.setIsEscalationEnabled(false);
LinkedList<UserSet> primaryApprovers = new LinkedList<UserSet>();
SingleUser userSet = new SingleUser();
userSet.setOdataType("#microsoft.graph.singleUser");
userSet.setIsBackup(false);
userSet.setId("c277c8cb-6bb7-42e5-a17f-0add9a718151");
userSet.setDescription(null);
primaryApprovers.add(userSet);
approvalStage.setPrimaryApprovers(primaryApprovers);
LinkedList<UserSet> escalationApprovers = new LinkedList<UserSet>();
approvalStage.setEscalationApprovers(escalationApprovers);
approvalStages.add(approvalStage);
setting.setApprovalStages(approvalStages);
unifiedRoleManagementPolicyRule.setSetting(setting);
rules.add(unifiedRoleManagementPolicyRule);
UnifiedRoleManagementPolicyAuthenticationContextRule unifiedRoleManagementPolicyRule1 = new UnifiedRoleManagementPolicyAuthenticationContextRule();
unifiedRoleManagementPolicyRule1.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule");
unifiedRoleManagementPolicyRule1.setId("AuthenticationContext_EndUser_Assignment");
unifiedRoleManagementPolicyRule1.setIsEnabled(false);
unifiedRoleManagementPolicyRule1.setClaimValue("");
UnifiedRoleManagementPolicyRuleTarget target1 = new UnifiedRoleManagementPolicyRuleTarget();
target1.setCaller("EndUser");
LinkedList<String> operations1 = new LinkedList<String>();
operations1.add("All");
target1.setOperations(operations1);
target1.setLevel("Assignment");
LinkedList<String> inheritableSettings1 = new LinkedList<String>();
target1.setInheritableSettings(inheritableSettings1);
LinkedList<String> enforcedSettings1 = new LinkedList<String>();
target1.setEnforcedSettings(enforcedSettings1);
unifiedRoleManagementPolicyRule1.setTarget(target1);
rules.add(unifiedRoleManagementPolicyRule1);
UnifiedRoleManagementPolicyEnablementRule unifiedRoleManagementPolicyRule2 = new UnifiedRoleManagementPolicyEnablementRule();
unifiedRoleManagementPolicyRule2.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyEnablementRule");
unifiedRoleManagementPolicyRule2.setId("Enablement_Admin_Eligibility");
LinkedList<String> enabledRules = new LinkedList<String>();
unifiedRoleManagementPolicyRule2.setEnabledRules(enabledRules);
UnifiedRoleManagementPolicyRuleTarget target2 = new UnifiedRoleManagementPolicyRuleTarget();
target2.setCaller("Admin");
LinkedList<String> operations2 = new LinkedList<String>();
operations2.add("All");
target2.setOperations(operations2);
target2.setLevel("Eligibility");
LinkedList<String> inheritableSettings2 = new LinkedList<String>();
target2.setInheritableSettings(inheritableSettings2);
LinkedList<String> enforcedSettings2 = new LinkedList<String>();
target2.setEnforcedSettings(enforcedSettings2);
unifiedRoleManagementPolicyRule2.setTarget(target2);
rules.add(unifiedRoleManagementPolicyRule2);
UnifiedRoleManagementPolicyExpirationRule unifiedRoleManagementPolicyRule3 = new UnifiedRoleManagementPolicyExpirationRule();
unifiedRoleManagementPolicyRule3.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyExpirationRule");
unifiedRoleManagementPolicyRule3.setId("Expiration_Admin_Eligibility");
unifiedRoleManagementPolicyRule3.setIsExpirationRequired(true);
PeriodAndDuration maximumDuration = PeriodAndDuration.ofDuration(Duration.parse("P365D"));
unifiedRoleManagementPolicyRule3.setMaximumDuration(maximumDuration);
UnifiedRoleManagementPolicyRuleTarget target3 = new UnifiedRoleManagementPolicyRuleTarget();
target3.setCaller("Admin");
LinkedList<String> operations3 = new LinkedList<String>();
operations3.add("All");
target3.setOperations(operations3);
target3.setLevel("Eligibility");
LinkedList<String> inheritableSettings3 = new LinkedList<String>();
target3.setInheritableSettings(inheritableSettings3);
LinkedList<String> enforcedSettings3 = new LinkedList<String>();
target3.setEnforcedSettings(enforcedSettings3);
unifiedRoleManagementPolicyRule3.setTarget(target3);
rules.add(unifiedRoleManagementPolicyRule3);
UnifiedRoleManagementPolicyNotificationRule unifiedRoleManagementPolicyRule4 = new UnifiedRoleManagementPolicyNotificationRule();
unifiedRoleManagementPolicyRule4.setOdataType("#microsoft.graph.unifiedRoleManagementPolicyNotificationRule");
unifiedRoleManagementPolicyRule4.setId("Notification_Admin_Admin_Eligibility");
unifiedRoleManagementPolicyRule4.setNotificationType("Email");
unifiedRoleManagementPolicyRule4.setRecipientType("Admin");
unifiedRoleManagementPolicyRule4.setNotificationLevel("All");
unifiedRoleManagementPolicyRule4.setIsDefaultRecipientsEnabled(true);
LinkedList<String> notificationRecipients = new LinkedList<String>();
unifiedRoleManagementPolicyRule4.setNotificationRecipients(notificationRecipients);
UnifiedRoleManagementPolicyRuleTarget target4 = new UnifiedRoleManagementPolicyRuleTarget();
target4.setCaller("Admin");
LinkedList<String> operations4 = new LinkedList<String>();
operations4.add("All");
target4.setOperations(operations4);
target4.setLevel("Eligibility");
LinkedList<String> inheritableSettings4 = new LinkedList<String>();
target4.setInheritableSettings(inheritableSettings4);
LinkedList<String> enforcedSettings4 = new LinkedList<String>();
target4.setEnforcedSettings(enforcedSettings4);
unifiedRoleManagementPolicyRule4.setTarget(target4);
rules.add(unifiedRoleManagementPolicyRule4);
unifiedRoleManagementPolicy.setRules(rules);
UnifiedRoleManagementPolicy result = graphClient.policies().roleManagementPolicies().byUnifiedRoleManagementPolicyId("{unifiedRoleManagementPolicy-id}").patch(unifiedRoleManagementPolicy);
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
const options = {
authProvider,
};
const client = Client.init(options);
const unifiedRoleManagementPolicy = {
rules: [
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyApprovalRule',
id: 'Approval_EndUser_Assignment',
target: {
caller: 'EndUser',
operations: [
'All'
],
level: 'Assignment',
inheritableSettings: [],
enforcedSettings: []
},
setting: {
isApprovalRequired: true,
isApprovalRequiredForExtension: false,
isRequestorJustificationRequired: true,
approvalMode: 'SingleStage',
approvalStages: [
{
approvalStageTimeOutInDays: 1,
isApproverJustificationRequired: true,
escalationTimeInMinutes: 0,
isEscalationEnabled: false,
primaryApprovers: [
{
'@odata.type': '#microsoft.graph.singleUser',
isBackup: false,
id: 'c277c8cb-6bb7-42e5-a17f-0add9a718151',
description: null
}
],
escalationApprovers: []
}
]
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule',
id: 'AuthenticationContext_EndUser_Assignment',
isEnabled: false,
claimValue: '',
target: {
caller: 'EndUser',
operations: [
'All'
],
level: 'Assignment',
inheritableSettings: [],
enforcedSettings: []
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyEnablementRule',
id: 'Enablement_Admin_Eligibility',
enabledRules: [],
target: {
caller: 'Admin',
operations: [
'All'
],
level: 'Eligibility',
inheritableSettings: [],
enforcedSettings: []
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyExpirationRule',
id: 'Expiration_Admin_Eligibility',
isExpirationRequired: true,
maximumDuration: 'P365D',
target: {
caller: 'Admin',
operations: [
'All'
],
level: 'Eligibility',
inheritableSettings: [],
enforcedSettings: []
}
},
{
'@odata.type': '#microsoft.graph.unifiedRoleManagementPolicyNotificationRule',
id: 'Notification_Admin_Admin_Eligibility',
notificationType: 'Email',
recipientType: 'Admin',
notificationLevel: 'All',
isDefaultRecipientsEnabled: true,
notificationRecipients: [],
target: {
caller: 'Admin',
operations: [
'All'
],
level: 'Eligibility',
inheritableSettings: [],
enforcedSettings: []
}
}
]
};
await client.api('/policies/roleManagementPolicies/Group_60bba733-f09d-49b7-8445-32369aa066b3_f21b26d9-9ff9-4af1-b1d4-bddf28591369')
.version('beta')
.update(unifiedRoleManagementPolicy);
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicy;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyApprovalRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyRuleTarget;
use Microsoft\Graph\Beta\Generated\Models\ApprovalSettings;
use Microsoft\Graph\Beta\Generated\Models\ApprovalStage;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\SingleUser;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyAuthenticationContextRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyEnablementRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyExpirationRule;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleManagementPolicyNotificationRule;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UnifiedRoleManagementPolicy();
$rulesUnifiedRoleManagementPolicyRule1 = new UnifiedRoleManagementPolicyApprovalRule();
$rulesUnifiedRoleManagementPolicyRule1->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyApprovalRule');
$rulesUnifiedRoleManagementPolicyRule1->setId('Approval_EndUser_Assignment');
$rulesUnifiedRoleManagementPolicyRule1Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule1Target->setCaller('EndUser');
$rulesUnifiedRoleManagementPolicyRule1Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule1Target->setLevel('Assignment');
$rulesUnifiedRoleManagementPolicyRule1Target->setInheritableSettings([ ]);
$rulesUnifiedRoleManagementPolicyRule1Target->setEnforcedSettings([ ]);
$rulesUnifiedRoleManagementPolicyRule1->setTarget($rulesUnifiedRoleManagementPolicyRule1Target);
$rulesUnifiedRoleManagementPolicyRule1Setting = new ApprovalSettings();
$rulesUnifiedRoleManagementPolicyRule1Setting->setIsApprovalRequired(true);
$rulesUnifiedRoleManagementPolicyRule1Setting->setIsApprovalRequiredForExtension(false);
$rulesUnifiedRoleManagementPolicyRule1Setting->setIsRequestorJustificationRequired(true);
$rulesUnifiedRoleManagementPolicyRule1Setting->setApprovalMode('SingleStage');
$approvalStagesApprovalStage1 = new ApprovalStage();
$approvalStagesApprovalStage1->setApprovalStageTimeOutInDays(1);
$approvalStagesApprovalStage1->setIsApproverJustificationRequired(true);
$approvalStagesApprovalStage1->setEscalationTimeInMinutes(0);
$approvalStagesApprovalStage1->setIsEscalationEnabled(false);
$primaryApproversUserSet1 = new SingleUser();
$primaryApproversUserSet1->setOdataType('#microsoft.graph.singleUser');
$primaryApproversUserSet1->setIsBackup(false);
$primaryApproversUserSet1->setId('c277c8cb-6bb7-42e5-a17f-0add9a718151');
$primaryApproversUserSet1->setDescription(null);
$primaryApproversArray []= $primaryApproversUserSet1;
$approvalStagesApprovalStage1->setPrimaryApprovers($primaryApproversArray);
$approvalStagesApprovalStage1->setEscalationApprovers([]);
$approvalStagesArray []= $approvalStagesApprovalStage1;
$rulesUnifiedRoleManagementPolicyRule1Setting->setApprovalStages($approvalStagesArray);
$rulesUnifiedRoleManagementPolicyRule1->setSetting($rulesUnifiedRoleManagementPolicyRule1Setting);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule1;
$rulesUnifiedRoleManagementPolicyRule2 = new UnifiedRoleManagementPolicyAuthenticationContextRule();
$rulesUnifiedRoleManagementPolicyRule2->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule');
$rulesUnifiedRoleManagementPolicyRule2->setId('AuthenticationContext_EndUser_Assignment');
$rulesUnifiedRoleManagementPolicyRule2->setIsEnabled(false);
$rulesUnifiedRoleManagementPolicyRule2->setClaimValue('');
$rulesUnifiedRoleManagementPolicyRule2Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule2Target->setCaller('EndUser');
$rulesUnifiedRoleManagementPolicyRule2Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule2Target->setLevel('Assignment');
$rulesUnifiedRoleManagementPolicyRule2Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule2Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule2->setTarget($rulesUnifiedRoleManagementPolicyRule2Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule2;
$rulesUnifiedRoleManagementPolicyRule3 = new UnifiedRoleManagementPolicyEnablementRule();
$rulesUnifiedRoleManagementPolicyRule3->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyEnablementRule');
$rulesUnifiedRoleManagementPolicyRule3->setId('Enablement_Admin_Eligibility');
$rulesUnifiedRoleManagementPolicyRule3->setEnabledRules([]);
$rulesUnifiedRoleManagementPolicyRule3Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule3Target->setCaller('Admin');
$rulesUnifiedRoleManagementPolicyRule3Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule3Target->setLevel('Eligibility');
$rulesUnifiedRoleManagementPolicyRule3Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule3Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule3->setTarget($rulesUnifiedRoleManagementPolicyRule3Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule3;
$rulesUnifiedRoleManagementPolicyRule4 = new UnifiedRoleManagementPolicyExpirationRule();
$rulesUnifiedRoleManagementPolicyRule4->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyExpirationRule');
$rulesUnifiedRoleManagementPolicyRule4->setId('Expiration_Admin_Eligibility');
$rulesUnifiedRoleManagementPolicyRule4->setIsExpirationRequired(true);
$rulesUnifiedRoleManagementPolicyRule4->setMaximumDuration(new \DateInterval('P365D'));
$rulesUnifiedRoleManagementPolicyRule4Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule4Target->setCaller('Admin');
$rulesUnifiedRoleManagementPolicyRule4Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule4Target->setLevel('Eligibility');
$rulesUnifiedRoleManagementPolicyRule4Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule4Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule4->setTarget($rulesUnifiedRoleManagementPolicyRule4Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule4;
$rulesUnifiedRoleManagementPolicyRule5 = new UnifiedRoleManagementPolicyNotificationRule();
$rulesUnifiedRoleManagementPolicyRule5->setOdataType('#microsoft.graph.unifiedRoleManagementPolicyNotificationRule');
$rulesUnifiedRoleManagementPolicyRule5->setId('Notification_Admin_Admin_Eligibility');
$rulesUnifiedRoleManagementPolicyRule5->setNotificationType('Email');
$rulesUnifiedRoleManagementPolicyRule5->setRecipientType('Admin');
$rulesUnifiedRoleManagementPolicyRule5->setNotificationLevel('All');
$rulesUnifiedRoleManagementPolicyRule5->setIsDefaultRecipientsEnabled(true);
$rulesUnifiedRoleManagementPolicyRule5->setNotificationRecipients([]);
$rulesUnifiedRoleManagementPolicyRule5Target = new UnifiedRoleManagementPolicyRuleTarget();
$rulesUnifiedRoleManagementPolicyRule5Target->setCaller('Admin');
$rulesUnifiedRoleManagementPolicyRule5Target->setOperations(['All', ]);
$rulesUnifiedRoleManagementPolicyRule5Target->setLevel('Eligibility');
$rulesUnifiedRoleManagementPolicyRule5Target->setInheritableSettings([]);
$rulesUnifiedRoleManagementPolicyRule5Target->setEnforcedSettings([]);
$rulesUnifiedRoleManagementPolicyRule5->setTarget($rulesUnifiedRoleManagementPolicyRule5Target);
$rulesArray []= $rulesUnifiedRoleManagementPolicyRule5;
$requestBody->setRules($rulesArray);
$result = $graphServiceClient->policies()->roleManagementPolicies()->byUnifiedRoleManagementPolicyId('unifiedRoleManagementPolicy-id')->patch($requestBody)->wait();
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
rules = @(
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule"
id = "Approval_EndUser_Assignment"
target = @{
caller = "EndUser"
operations = @(
"All"
)
level = "Assignment"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
setting = @{
isApprovalRequired = $true
isApprovalRequiredForExtension = $false
isRequestorJustificationRequired = $true
approvalMode = "SingleStage"
approvalStages = @(
@{
approvalStageTimeOutInDays =
isApproverJustificationRequired = $true
escalationTimeInMinutes =
isEscalationEnabled = $false
primaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.singleUser"
isBackup = $false
id = "c277c8cb-6bb7-42e5-a17f-0add9a718151"
description = $null
}
)
escalationApprovers = @(
)
}
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule"
id = "AuthenticationContext_EndUser_Assignment"
isEnabled = $false
claimValue = ""
target = @{
caller = "EndUser"
operations = @(
"All"
)
level = "Assignment"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule"
id = "Enablement_Admin_Eligibility"
enabledRules = @(
)
target = @{
caller = "Admin"
operations = @(
"All"
)
level = "Eligibility"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule"
id = "Expiration_Admin_Eligibility"
isExpirationRequired = $true
maximumDuration = "P365D"
target = @{
caller = "Admin"
operations = @(
"All"
)
level = "Eligibility"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
@{
"@odata.type" = "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule"
id = "Notification_Admin_Admin_Eligibility"
notificationType = "Email"
recipientType = "Admin"
notificationLevel = "All"
isDefaultRecipientsEnabled = $true
notificationRecipients = @(
)
target = @{
caller = "Admin"
operations = @(
"All"
)
level = "Eligibility"
inheritableSettings = @(
)
enforcedSettings = @(
)
}
}
)
}
Update-MgBetaPolicyRoleManagementPolicy -UnifiedRoleManagementPolicyId $unifiedRoleManagementPolicyId -BodyParameter $params
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.unified_role_management_policy import UnifiedRoleManagementPolicy
from msgraph_beta.generated.models.unified_role_management_policy_rule import UnifiedRoleManagementPolicyRule
from msgraph_beta.generated.models.unified_role_management_policy_approval_rule import UnifiedRoleManagementPolicyApprovalRule
from msgraph_beta.generated.models.unified_role_management_policy_rule_target import UnifiedRoleManagementPolicyRuleTarget
from msgraph_beta.generated.models.approval_settings import ApprovalSettings
from msgraph_beta.generated.models.approval_stage import ApprovalStage
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.single_user import SingleUser
from msgraph_beta.generated.models.unified_role_management_policy_authentication_context_rule import UnifiedRoleManagementPolicyAuthenticationContextRule
from msgraph_beta.generated.models.unified_role_management_policy_enablement_rule import UnifiedRoleManagementPolicyEnablementRule
from msgraph_beta.generated.models.unified_role_management_policy_expiration_rule import UnifiedRoleManagementPolicyExpirationRule
from msgraph_beta.generated.models.unified_role_management_policy_notification_rule import UnifiedRoleManagementPolicyNotificationRule
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UnifiedRoleManagementPolicy(
rules = [
UnifiedRoleManagementPolicyApprovalRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
id = "Approval_EndUser_Assignment",
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "EndUser",
operations = [
"All",
],
level = "Assignment",
inheritable_settings = [
],
enforced_settings = [
],
),
setting = ApprovalSettings(
is_approval_required = True,
is_approval_required_for_extension = False,
is_requestor_justification_required = True,
approval_mode = "SingleStage",
approval_stages = [
ApprovalStage(
approval_stage_time_out_in_days = 1,
is_approver_justification_required = True,
escalation_time_in_minutes = 0,
is_escalation_enabled = False,
primary_approvers = [
SingleUser(
odata_type = "#microsoft.graph.singleUser",
is_backup = False,
id = "c277c8cb-6bb7-42e5-a17f-0add9a718151",
description = None,
),
],
escalation_approvers = [
],
),
],
),
),
UnifiedRoleManagementPolicyAuthenticationContextRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
id = "AuthenticationContext_EndUser_Assignment",
is_enabled = False,
claim_value = "",
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "EndUser",
operations = [
"All",
],
level = "Assignment",
inheritable_settings = [
],
enforced_settings = [
],
),
),
UnifiedRoleManagementPolicyEnablementRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
id = "Enablement_Admin_Eligibility",
enabled_rules = [
],
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "Admin",
operations = [
"All",
],
level = "Eligibility",
inheritable_settings = [
],
enforced_settings = [
],
),
),
UnifiedRoleManagementPolicyExpirationRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
id = "Expiration_Admin_Eligibility",
is_expiration_required = True,
maximum_duration = "P365D",
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "Admin",
operations = [
"All",
],
level = "Eligibility",
inheritable_settings = [
],
enforced_settings = [
],
),
),
UnifiedRoleManagementPolicyNotificationRule(
odata_type = "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
id = "Notification_Admin_Admin_Eligibility",
notification_type = "Email",
recipient_type = "Admin",
notification_level = "All",
is_default_recipients_enabled = True,
notification_recipients = [
],
target = UnifiedRoleManagementPolicyRuleTarget(
caller = "Admin",
operations = [
"All",
],
level = "Eligibility",
inheritable_settings = [
],
enforced_settings = [
],
),
),
],
)
result = await graph_client.policies.role_management_policies.by_unified_role_management_policy_id('unifiedRoleManagementPolicy-id').patch(request_body)
Importante
Los SDK de Microsoft Graph usan la versión v1.0 de la API de manera predeterminada y no admiten todos los tipos, propiedades y API disponibles en la versión beta. Para obtener más información sobre cómo acceder a la API beta con el SDK, consulte Uso de los SDK de Microsoft Graph con la API beta.
Para obtener más información sobre cómo agregar el SDK al proyecto y crear una instancia de authProvider, consulte la documentación del SDK.
Respuesta
En el ejemplo siguiente se muestra la respuesta.
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/roleManagementPolicies/$entity",
"id": "Group_60bba733-f09d-49b7-8445-32369aa066b3_f21b26d9-9ff9-4af1-b1d4-bddf28591369",
"displayName": "Group",
"description": "Group",
"isOrganizationDefault": false,
"scopeId": "60bba733-f09d-49b7-8445-32369aa066b3",
"scopeType": "Group",
"lastModifiedDateTime": "2023-10-01T23:29:43.687Z",
"lastModifiedBy": {
"displayName": "Test User 1",
"id": null
}
}
Comentarios
¿Le ha resultado útil esta página?