创建 accessPackageAssignmentPolicy
- 项目
命名空间:microsoft.graph
重要
Microsoft Graph /beta
版本下的 API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
在权利管理Microsoft Entra创建新的 accessPackageAssignmentPolicy 对象。
此 API 可用于以下国家级云部署。
全局服务 | 美国政府 L4 | 美国政府 L5 (DOD) | 由世纪互联运营的中国 |
---|---|---|---|
✅ | ✅ | ✅ | ❌ |
权限
为此 API 选择标记为最低特权的权限。 只有在应用需要它时,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型。 要了解有关这些权限的详细信息,请参阅 权限参考。
权限类型 | 最低特权权限 | 更高特权权限 |
---|---|---|
委派(工作或学校帐户) | EntitlementManagement.ReadWrite.All | 不可用。 |
委派(个人 Microsoft 帐户) | 不支持。 | 不支持。 |
应用程序 | EntitlementManagement.ReadWrite.All | 不可用。 |
提示
在具有工作或学校帐户的委托方案中,还必须通过以下选项之一为已登录用户分配具有支持的角色权限的管理员角色:
-
权利管理系统中具有最低特权角色的角色:
- 访问包管理器。 这是最低特权选项
- 目录所有者
- 此操作支持的更多特权Microsoft Entra角色:
- 标识治理管理员
在仅限应用的情况下,可为调用应用分配上述受支持的角色之一,而不是 EntitlementManagement.ReadWrite.All
应用程序权限。
访问包管理员角色的特权低于EntitlementManagement.ReadWrite.All
应用程序权限。
有关详细信息,请参阅 权利管理中的委派和角色 以及如何 在权利管理中将访问管理委托给访问包管理员。
HTTP 请求
POST /identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
请求标头
名称 | 说明 |
---|---|
Authorization | 持有者 {token}。 必填。 详细了解 身份验证和授权。 |
Content-Type | application/json. 必需。 |
请求正文
在请求正文中,提供 accessPackageAssignmentPolicy 对象的 JSON 表示形式。
响应
如果成功,此方法在响应正文中返回 200 系列响应代码和新的 accessPackageAssignmentPolicy 对象。
示例
示例 1:创建直接分配策略
当访问包分配请求仅由管理员而不是用户自己创建时,直接分配策略很有用。
请求
以下示例显示了创建访问包分配策略的请求。 在此策略中,用户无法请求,无需审批,也没有访问评审。
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json
{
"accessPackageId": "56ff43fd-6b05-48df-9634-956a777fce6d",
"displayName": "direct",
"description": "direct assignments by administrator",
"accessReviewSettings": null,
"requestorSettings": {
"scopeType": "NoSubjects",
"acceptRequests": true,
"allowedRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequired": false,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": false,
"approvalMode": "NoApproval",
"approvalStages": []
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessPackageAssignmentPolicy
{
AccessPackageId = "56ff43fd-6b05-48df-9634-956a777fce6d",
DisplayName = "direct",
Description = "direct assignments by administrator",
AccessReviewSettings = null,
RequestorSettings = new RequestorSettings
{
ScopeType = "NoSubjects",
AcceptRequests = true,
AllowedRequestors = new List<UserSet>
{
},
},
RequestApprovalSettings = new ApprovalSettings
{
IsApprovalRequired = false,
IsApprovalRequiredForExtension = false,
IsRequestorJustificationRequired = false,
ApprovalMode = "NoApproval",
ApprovalStages = new List<ApprovalStage>
{
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies.PostAsync(requestBody);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
mgc-beta identity-governance entitlement-management access-package-assignment-policies create --body '{\
"accessPackageId": "56ff43fd-6b05-48df-9634-956a777fce6d",\
"displayName": "direct",\
"description": "direct assignments by administrator",\
"accessReviewSettings": null,\
"requestorSettings": {\
"scopeType": "NoSubjects",\
"acceptRequests": true,\
"allowedRequestors": []\
},\
"requestApprovalSettings": {\
"isApprovalRequired": false,\
"isApprovalRequiredForExtension": false,\
"isRequestorJustificationRequired": false,\
"approvalMode": "NoApproval",\
"approvalStages": []\
}\
}\
'
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentPolicy()
accessPackageId := "56ff43fd-6b05-48df-9634-956a777fce6d"
requestBody.SetAccessPackageId(&accessPackageId)
displayName := "direct"
requestBody.SetDisplayName(&displayName)
description := "direct assignments by administrator"
requestBody.SetDescription(&description)
accessReviewSettings := null
requestBody.SetAccessReviewSettings(&accessReviewSettings)
requestorSettings := graphmodels.NewRequestorSettings()
scopeType := "NoSubjects"
requestorSettings.SetScopeType(&scopeType)
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
allowedRequestors := []graphmodels.UserSetable {
}
requestorSettings.SetAllowedRequestors(allowedRequestors)
requestBody.SetRequestorSettings(requestorSettings)
requestApprovalSettings := graphmodels.NewApprovalSettings()
isApprovalRequired := false
requestApprovalSettings.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
requestApprovalSettings.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := false
requestApprovalSettings.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "NoApproval"
requestApprovalSettings.SetApprovalMode(&approvalMode)
approvalStages := []graphmodels.ApprovalStageable {
}
requestApprovalSettings.SetApprovalStages(approvalStages)
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessPackageAssignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(context.Background(), requestBody, nil)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.setAccessPackageId("56ff43fd-6b05-48df-9634-956a777fce6d");
accessPackageAssignmentPolicy.setDisplayName("direct");
accessPackageAssignmentPolicy.setDescription("direct assignments by administrator");
accessPackageAssignmentPolicy.setAccessReviewSettings(null);
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.setScopeType("NoSubjects");
requestorSettings.setAcceptRequests(true);
LinkedList<UserSet> allowedRequestors = new LinkedList<UserSet>();
requestorSettings.setAllowedRequestors(allowedRequestors);
accessPackageAssignmentPolicy.setRequestorSettings(requestorSettings);
ApprovalSettings requestApprovalSettings = new ApprovalSettings();
requestApprovalSettings.setIsApprovalRequired(false);
requestApprovalSettings.setIsApprovalRequiredForExtension(false);
requestApprovalSettings.setIsRequestorJustificationRequired(false);
requestApprovalSettings.setApprovalMode("NoApproval");
LinkedList<ApprovalStage> approvalStages = new LinkedList<ApprovalStage>();
requestApprovalSettings.setApprovalStages(approvalStages);
accessPackageAssignmentPolicy.setRequestApprovalSettings(requestApprovalSettings);
AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies().post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
accessPackageId: '56ff43fd-6b05-48df-9634-956a777fce6d',
displayName: 'direct',
description: 'direct assignments by administrator',
accessReviewSettings: null,
requestorSettings: {
scopeType: 'NoSubjects',
acceptRequests: true,
allowedRequestors: []
},
requestApprovalSettings: {
isApprovalRequired: false,
isApprovalRequiredForExtension: false,
isRequestorJustificationRequired: false,
approvalMode: 'NoApproval',
approvalStages: []
}
};
await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
.version('beta')
.post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAssignmentPolicy;
use Microsoft\Graph\Beta\Generated\Models\RequestorSettings;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\ApprovalSettings;
use Microsoft\Graph\Beta\Generated\Models\ApprovalStage;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentPolicy();
$requestBody->setAccessPackageId('56ff43fd-6b05-48df-9634-956a777fce6d');
$requestBody->setDisplayName('direct');
$requestBody->setDescription('direct assignments by administrator');
$requestBody->setAccessReviewSettings(null);
$requestorSettings = new RequestorSettings();
$requestorSettings->setScopeType('NoSubjects');
$requestorSettings->setAcceptRequests(true);
$requestorSettings->setAllowedRequestors([ ]);
$requestBody->setRequestorSettings($requestorSettings);
$requestApprovalSettings = new ApprovalSettings();
$requestApprovalSettings->setIsApprovalRequired(false);
$requestApprovalSettings->setIsApprovalRequiredForExtension(false);
$requestApprovalSettings->setIsRequestorJustificationRequired(false);
$requestApprovalSettings->setApprovalMode('NoApproval');
$requestApprovalSettings->setApprovalStages([ ]);
$requestBody->setRequestApprovalSettings($requestApprovalSettings);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackageAssignmentPolicies()->post($requestBody)->wait();
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
accessPackageId = "56ff43fd-6b05-48df-9634-956a777fce6d"
displayName = "direct"
description = "direct assignments by administrator"
accessReviewSettings = $null
requestorSettings = @{
scopeType = "NoSubjects"
acceptRequests = $true
allowedRequestors = @(
)
}
requestApprovalSettings = @{
isApprovalRequired = $false
isApprovalRequiredForExtension = $false
isRequestorJustificationRequired = $false
approvalMode = "NoApproval"
approvalStages = @(
)
}
}
New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_package_assignment_policy import AccessPackageAssignmentPolicy
from msgraph_beta.generated.models.requestor_settings import RequestorSettings
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.approval_settings import ApprovalSettings
from msgraph_beta.generated.models.approval_stage import ApprovalStage
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentPolicy(
access_package_id = "56ff43fd-6b05-48df-9634-956a777fce6d",
display_name = "direct",
description = "direct assignments by administrator",
access_review_settings = None,
requestor_settings = RequestorSettings(
scope_type = "NoSubjects",
accept_requests = True,
allowed_requestors = [
],
),
request_approval_settings = ApprovalSettings(
is_approval_required = False,
is_approval_required_for_extension = False,
is_requestor_justification_required = False,
approval_mode = "NoApproval",
approval_stages = [
],
),
)
result = await graph_client.identity_governance.entitlement_management.access_package_assignment_policies.post(request_body)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "4c02f928-7752-49aa-8fc8-e286d973a965",
"accessPackageId": "56ff43fd-6b05-48df-9634-956a777fce6d",
"displayName": "direct",
"description": "direct assignments by administrator"
}
示例 2:为其他组织中的用户创建策略以请求
以下示例演示了一个更复杂的策略,其中包含两阶段审批和访问评审。
请求
以下示例显示了创建访问包分配策略的请求。
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json
{
"accessPackageId": "string (identifier)",
"displayName": "Users from connected organizations can request",
"description": "Allow users from configured connected organizations to request and be approved by their sponsors",
"canExtend": false,
"durationInDays": 365,
"expirationDateTime": null,
"requestorSettings": {
"scopeType": "AllExistingConnectedOrganizationSubjects",
"acceptRequests": true,
"allowedRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequired": true,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": true,
"approvalMode": "Serial",
"approvalStages": [
{
"approvalStageTimeOutInDays": 14,
"isApproverJustificationRequired": true,
"isEscalationEnabled": true,
"escalationTimeInMinutes": 11520,
"primaryApprovers": [
{
"@odata.type": "#microsoft.graph.groupMembers",
"isBackup": true,
"id": "string (identifier)",
"description": "group for users from connected organizations which have no external sponsor"
},
{
"@odata.type": "#microsoft.graph.externalSponsors",
"isBackup": false
}
],
"escalationApprovers": [
{
"@odata.type": "#microsoft.graph.singleUser",
"isBackup": true,
"id": "string (identifier)",
"description": "user if the external sponsor does not respond"
}
]
},
{
"approvalStageTimeOutInDays": 14,
"isApproverJustificationRequired": true,
"isEscalationEnabled": true,
"escalationTimeInMinutes": 11520,
"primaryApprovers": [
{
"@odata.type": "#microsoft.graph.groupMembers",
"isBackup": true,
"id": "string (identifier)",
"description": "group for users from connected organizations which have no internal sponsor"
},
{
"@odata.type": "#microsoft.graph.internalSponsors",
"isBackup": false
}
],
"escalationApprovers": [
{
"@odata.type": "#microsoft.graph.singleUser",
"isBackup": true,
"id": "string (identifier)",
"description": "user if the internal sponsor does not respond"
}
]
}
]
},
"accessReviewSettings": {
"isEnabled": true,
"recurrenceType": "quarterly",
"reviewerType": "Self",
"startDateTime": "2020-04-01T07:59:59.998Z",
"durationInDays": 25,
"reviewers": []
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessPackageAssignmentPolicy
{
AccessPackageId = "string (identifier)",
DisplayName = "Users from connected organizations can request",
Description = "Allow users from configured connected organizations to request and be approved by their sponsors",
CanExtend = false,
DurationInDays = 365,
ExpirationDateTime = null,
RequestorSettings = new RequestorSettings
{
ScopeType = "AllExistingConnectedOrganizationSubjects",
AcceptRequests = true,
AllowedRequestors = new List<UserSet>
{
},
},
RequestApprovalSettings = new ApprovalSettings
{
IsApprovalRequired = true,
IsApprovalRequiredForExtension = false,
IsRequestorJustificationRequired = true,
ApprovalMode = "Serial",
ApprovalStages = new List<ApprovalStage>
{
new ApprovalStage
{
ApprovalStageTimeOutInDays = 14,
IsApproverJustificationRequired = true,
IsEscalationEnabled = true,
EscalationTimeInMinutes = 11520,
PrimaryApprovers = new List<UserSet>
{
new GroupMembers
{
OdataType = "#microsoft.graph.groupMembers",
IsBackup = true,
Id = "string (identifier)",
Description = "group for users from connected organizations which have no external sponsor",
},
new ExternalSponsors
{
OdataType = "#microsoft.graph.externalSponsors",
IsBackup = false,
},
},
EscalationApprovers = new List<UserSet>
{
new SingleUser
{
OdataType = "#microsoft.graph.singleUser",
IsBackup = true,
Id = "string (identifier)",
Description = "user if the external sponsor does not respond",
},
},
},
new ApprovalStage
{
ApprovalStageTimeOutInDays = 14,
IsApproverJustificationRequired = true,
IsEscalationEnabled = true,
EscalationTimeInMinutes = 11520,
PrimaryApprovers = new List<UserSet>
{
new GroupMembers
{
OdataType = "#microsoft.graph.groupMembers",
IsBackup = true,
Id = "string (identifier)",
Description = "group for users from connected organizations which have no internal sponsor",
},
new InternalSponsors
{
OdataType = "#microsoft.graph.internalSponsors",
IsBackup = false,
},
},
EscalationApprovers = new List<UserSet>
{
new SingleUser
{
OdataType = "#microsoft.graph.singleUser",
IsBackup = true,
Id = "string (identifier)",
Description = "user if the internal sponsor does not respond",
},
},
},
},
},
AccessReviewSettings = new AssignmentReviewSettings
{
IsEnabled = true,
RecurrenceType = "quarterly",
ReviewerType = "Self",
StartDateTime = DateTimeOffset.Parse("2020-04-01T07:59:59.998Z"),
DurationInDays = 25,
Reviewers = new List<UserSet>
{
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies.PostAsync(requestBody);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
mgc-beta identity-governance entitlement-management access-package-assignment-policies create --body '{\
"accessPackageId": "string (identifier)",\
"displayName": "Users from connected organizations can request",\
"description": "Allow users from configured connected organizations to request and be approved by their sponsors",\
"canExtend": false,\
"durationInDays": 365,\
"expirationDateTime": null,\
"requestorSettings": {\
"scopeType": "AllExistingConnectedOrganizationSubjects",\
"acceptRequests": true,\
"allowedRequestors": []\
},\
"requestApprovalSettings": {\
"isApprovalRequired": true,\
"isApprovalRequiredForExtension": false,\
"isRequestorJustificationRequired": true,\
"approvalMode": "Serial",\
"approvalStages": [\
{\
"approvalStageTimeOutInDays": 14,\
"isApproverJustificationRequired": true,\
"isEscalationEnabled": true,\
"escalationTimeInMinutes": 11520,\
"primaryApprovers": [\
{\
"@odata.type": "#microsoft.graph.groupMembers",\
"isBackup": true,\
"id": "string (identifier)",\
"description": "group for users from connected organizations which have no external sponsor"\
},\
{\
"@odata.type": "#microsoft.graph.externalSponsors",\
"isBackup": false\
}\
],\
"escalationApprovers": [\
{\
"@odata.type": "#microsoft.graph.singleUser",\
"isBackup": true,\
"id": "string (identifier)",\
"description": "user if the external sponsor does not respond"\
}\
]\
},\
{\
"approvalStageTimeOutInDays": 14,\
"isApproverJustificationRequired": true,\
"isEscalationEnabled": true,\
"escalationTimeInMinutes": 11520,\
"primaryApprovers": [\
{\
"@odata.type": "#microsoft.graph.groupMembers",\
"isBackup": true,\
"id": "string (identifier)",\
"description": "group for users from connected organizations which have no internal sponsor"\
},\
{\
"@odata.type": "#microsoft.graph.internalSponsors",\
"isBackup": false\
}\
],\
"escalationApprovers": [\
{\
"@odata.type": "#microsoft.graph.singleUser",\
"isBackup": true,\
"id": "string (identifier)",\
"description": "user if the internal sponsor does not respond"\
}\
]\
}\
]\
},\
"accessReviewSettings": {\
"isEnabled": true,\
"recurrenceType": "quarterly",\
"reviewerType": "Self",\
"startDateTime": "2020-04-01T07:59:59.998Z",\
"durationInDays": 25,\
"reviewers": []\
}\
}\
'
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentPolicy()
accessPackageId := "string (identifier)"
requestBody.SetAccessPackageId(&accessPackageId)
displayName := "Users from connected organizations can request"
requestBody.SetDisplayName(&displayName)
description := "Allow users from configured connected organizations to request and be approved by their sponsors"
requestBody.SetDescription(&description)
canExtend := false
requestBody.SetCanExtend(&canExtend)
durationInDays := int32(365)
requestBody.SetDurationInDays(&durationInDays)
expirationDateTime := null
requestBody.SetExpirationDateTime(&expirationDateTime)
requestorSettings := graphmodels.NewRequestorSettings()
scopeType := "AllExistingConnectedOrganizationSubjects"
requestorSettings.SetScopeType(&scopeType)
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
allowedRequestors := []graphmodels.UserSetable {
}
requestorSettings.SetAllowedRequestors(allowedRequestors)
requestBody.SetRequestorSettings(requestorSettings)
requestApprovalSettings := graphmodels.NewApprovalSettings()
isApprovalRequired := true
requestApprovalSettings.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
requestApprovalSettings.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := true
requestApprovalSettings.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "Serial"
requestApprovalSettings.SetApprovalMode(&approvalMode)
approvalStage := graphmodels.NewApprovalStage()
approvalStageTimeOutInDays := int32(14)
approvalStage.SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
approvalStage.SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := true
approvalStage.SetIsEscalationEnabled(&isEscalationEnabled)
escalationTimeInMinutes := int32(11520)
approvalStage.SetEscalationTimeInMinutes(&escalationTimeInMinutes)
userSet := graphmodels.NewGroupMembers()
isBackup := true
userSet.SetIsBackup(&isBackup)
id := "string (identifier)"
userSet.SetId(&id)
description := "group for users from connected organizations which have no external sponsor"
userSet.SetDescription(&description)
userSet1 := graphmodels.NewExternalSponsors()
isBackup := false
userSet1.SetIsBackup(&isBackup)
primaryApprovers := []graphmodels.UserSetable {
userSet,
userSet1,
}
approvalStage.SetPrimaryApprovers(primaryApprovers)
userSet := graphmodels.NewSingleUser()
isBackup := true
userSet.SetIsBackup(&isBackup)
id := "string (identifier)"
userSet.SetId(&id)
description := "user if the external sponsor does not respond"
userSet.SetDescription(&description)
escalationApprovers := []graphmodels.UserSetable {
userSet,
}
approvalStage.SetEscalationApprovers(escalationApprovers)
approvalStage1 := graphmodels.NewApprovalStage()
approvalStageTimeOutInDays := int32(14)
approvalStage1.SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
approvalStage1.SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := true
approvalStage1.SetIsEscalationEnabled(&isEscalationEnabled)
escalationTimeInMinutes := int32(11520)
approvalStage1.SetEscalationTimeInMinutes(&escalationTimeInMinutes)
userSet := graphmodels.NewGroupMembers()
isBackup := true
userSet.SetIsBackup(&isBackup)
id := "string (identifier)"
userSet.SetId(&id)
description := "group for users from connected organizations which have no internal sponsor"
userSet.SetDescription(&description)
userSet1 := graphmodels.NewInternalSponsors()
isBackup := false
userSet1.SetIsBackup(&isBackup)
primaryApprovers := []graphmodels.UserSetable {
userSet,
userSet1,
}
approvalStage1.SetPrimaryApprovers(primaryApprovers)
userSet := graphmodels.NewSingleUser()
isBackup := true
userSet.SetIsBackup(&isBackup)
id := "string (identifier)"
userSet.SetId(&id)
description := "user if the internal sponsor does not respond"
userSet.SetDescription(&description)
escalationApprovers := []graphmodels.UserSetable {
userSet,
}
approvalStage1.SetEscalationApprovers(escalationApprovers)
approvalStages := []graphmodels.ApprovalStageable {
approvalStage,
approvalStage1,
}
requestApprovalSettings.SetApprovalStages(approvalStages)
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
accessReviewSettings := graphmodels.NewAssignmentReviewSettings()
isEnabled := true
accessReviewSettings.SetIsEnabled(&isEnabled)
recurrenceType := "quarterly"
accessReviewSettings.SetRecurrenceType(&recurrenceType)
reviewerType := "Self"
accessReviewSettings.SetReviewerType(&reviewerType)
startDateTime , err := time.Parse(time.RFC3339, "2020-04-01T07:59:59.998Z")
accessReviewSettings.SetStartDateTime(&startDateTime)
durationInDays := int32(25)
accessReviewSettings.SetDurationInDays(&durationInDays)
reviewers := []graphmodels.UserSetable {
}
accessReviewSettings.SetReviewers(reviewers)
requestBody.SetAccessReviewSettings(accessReviewSettings)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessPackageAssignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(context.Background(), requestBody, nil)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.setAccessPackageId("string (identifier)");
accessPackageAssignmentPolicy.setDisplayName("Users from connected organizations can request");
accessPackageAssignmentPolicy.setDescription("Allow users from configured connected organizations to request and be approved by their sponsors");
accessPackageAssignmentPolicy.setCanExtend(false);
accessPackageAssignmentPolicy.setDurationInDays(365);
accessPackageAssignmentPolicy.setExpirationDateTime(null);
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.setScopeType("AllExistingConnectedOrganizationSubjects");
requestorSettings.setAcceptRequests(true);
LinkedList<UserSet> allowedRequestors = new LinkedList<UserSet>();
requestorSettings.setAllowedRequestors(allowedRequestors);
accessPackageAssignmentPolicy.setRequestorSettings(requestorSettings);
ApprovalSettings requestApprovalSettings = new ApprovalSettings();
requestApprovalSettings.setIsApprovalRequired(true);
requestApprovalSettings.setIsApprovalRequiredForExtension(false);
requestApprovalSettings.setIsRequestorJustificationRequired(true);
requestApprovalSettings.setApprovalMode("Serial");
LinkedList<ApprovalStage> approvalStages = new LinkedList<ApprovalStage>();
ApprovalStage approvalStage = new ApprovalStage();
approvalStage.setApprovalStageTimeOutInDays(14);
approvalStage.setIsApproverJustificationRequired(true);
approvalStage.setIsEscalationEnabled(true);
approvalStage.setEscalationTimeInMinutes(11520);
LinkedList<UserSet> primaryApprovers = new LinkedList<UserSet>();
GroupMembers userSet = new GroupMembers();
userSet.setOdataType("#microsoft.graph.groupMembers");
userSet.setIsBackup(true);
userSet.setId("string (identifier)");
userSet.setDescription("group for users from connected organizations which have no external sponsor");
primaryApprovers.add(userSet);
ExternalSponsors userSet1 = new ExternalSponsors();
userSet1.setOdataType("#microsoft.graph.externalSponsors");
userSet1.setIsBackup(false);
primaryApprovers.add(userSet1);
approvalStage.setPrimaryApprovers(primaryApprovers);
LinkedList<UserSet> escalationApprovers = new LinkedList<UserSet>();
SingleUser userSet2 = new SingleUser();
userSet2.setOdataType("#microsoft.graph.singleUser");
userSet2.setIsBackup(true);
userSet2.setId("string (identifier)");
userSet2.setDescription("user if the external sponsor does not respond");
escalationApprovers.add(userSet2);
approvalStage.setEscalationApprovers(escalationApprovers);
approvalStages.add(approvalStage);
ApprovalStage approvalStage1 = new ApprovalStage();
approvalStage1.setApprovalStageTimeOutInDays(14);
approvalStage1.setIsApproverJustificationRequired(true);
approvalStage1.setIsEscalationEnabled(true);
approvalStage1.setEscalationTimeInMinutes(11520);
LinkedList<UserSet> primaryApprovers1 = new LinkedList<UserSet>();
GroupMembers userSet3 = new GroupMembers();
userSet3.setOdataType("#microsoft.graph.groupMembers");
userSet3.setIsBackup(true);
userSet3.setId("string (identifier)");
userSet3.setDescription("group for users from connected organizations which have no internal sponsor");
primaryApprovers1.add(userSet3);
InternalSponsors userSet4 = new InternalSponsors();
userSet4.setOdataType("#microsoft.graph.internalSponsors");
userSet4.setIsBackup(false);
primaryApprovers1.add(userSet4);
approvalStage1.setPrimaryApprovers(primaryApprovers1);
LinkedList<UserSet> escalationApprovers1 = new LinkedList<UserSet>();
SingleUser userSet5 = new SingleUser();
userSet5.setOdataType("#microsoft.graph.singleUser");
userSet5.setIsBackup(true);
userSet5.setId("string (identifier)");
userSet5.setDescription("user if the internal sponsor does not respond");
escalationApprovers1.add(userSet5);
approvalStage1.setEscalationApprovers(escalationApprovers1);
approvalStages.add(approvalStage1);
requestApprovalSettings.setApprovalStages(approvalStages);
accessPackageAssignmentPolicy.setRequestApprovalSettings(requestApprovalSettings);
AssignmentReviewSettings accessReviewSettings = new AssignmentReviewSettings();
accessReviewSettings.setIsEnabled(true);
accessReviewSettings.setRecurrenceType("quarterly");
accessReviewSettings.setReviewerType("Self");
OffsetDateTime startDateTime = OffsetDateTime.parse("2020-04-01T07:59:59.998Z");
accessReviewSettings.setStartDateTime(startDateTime);
accessReviewSettings.setDurationInDays(25);
LinkedList<UserSet> reviewers = new LinkedList<UserSet>();
accessReviewSettings.setReviewers(reviewers);
accessPackageAssignmentPolicy.setAccessReviewSettings(accessReviewSettings);
AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies().post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
accessPackageId: 'string (identifier)',
displayName: 'Users from connected organizations can request',
description: 'Allow users from configured connected organizations to request and be approved by their sponsors',
canExtend: false,
durationInDays: 365,
expirationDateTime: null,
requestorSettings: {
scopeType: 'AllExistingConnectedOrganizationSubjects',
acceptRequests: true,
allowedRequestors: []
},
requestApprovalSettings: {
isApprovalRequired: true,
isApprovalRequiredForExtension: false,
isRequestorJustificationRequired: true,
approvalMode: 'Serial',
approvalStages: [
{
approvalStageTimeOutInDays: 14,
isApproverJustificationRequired: true,
isEscalationEnabled: true,
escalationTimeInMinutes: 11520,
primaryApprovers: [
{
'@odata.type': '#microsoft.graph.groupMembers',
isBackup: true,
id: 'string (identifier)',
description: 'group for users from connected organizations which have no external sponsor'
},
{
'@odata.type': '#microsoft.graph.externalSponsors',
isBackup: false
}
],
escalationApprovers: [
{
'@odata.type': '#microsoft.graph.singleUser',
isBackup: true,
id: 'string (identifier)',
description: 'user if the external sponsor does not respond'
}
]
},
{
approvalStageTimeOutInDays: 14,
isApproverJustificationRequired: true,
isEscalationEnabled: true,
escalationTimeInMinutes: 11520,
primaryApprovers: [
{
'@odata.type': '#microsoft.graph.groupMembers',
isBackup: true,
id: 'string (identifier)',
description: 'group for users from connected organizations which have no internal sponsor'
},
{
'@odata.type': '#microsoft.graph.internalSponsors',
isBackup: false
}
],
escalationApprovers: [
{
'@odata.type': '#microsoft.graph.singleUser',
isBackup: true,
id: 'string (identifier)',
description: 'user if the internal sponsor does not respond'
}
]
}
]
},
accessReviewSettings: {
isEnabled: true,
recurrenceType: 'quarterly',
reviewerType: 'Self',
startDateTime: '2020-04-01T07:59:59.998Z',
durationInDays: 25,
reviewers: []
}
};
await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
.version('beta')
.post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAssignmentPolicy;
use Microsoft\Graph\Beta\Generated\Models\RequestorSettings;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\ApprovalSettings;
use Microsoft\Graph\Beta\Generated\Models\ApprovalStage;
use Microsoft\Graph\Beta\Generated\Models\GroupMembers;
use Microsoft\Graph\Beta\Generated\Models\ExternalSponsors;
use Microsoft\Graph\Beta\Generated\Models\SingleUser;
use Microsoft\Graph\Beta\Generated\Models\InternalSponsors;
use Microsoft\Graph\Beta\Generated\Models\AssignmentReviewSettings;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentPolicy();
$requestBody->setAccessPackageId('string (identifier)');
$requestBody->setDisplayName('Users from connected organizations can request');
$requestBody->setDescription('Allow users from configured connected organizations to request and be approved by their sponsors');
$requestBody->setCanExtend(false);
$requestBody->setDurationInDays(365);
$requestBody->setExpirationDateTime(null);
$requestorSettings = new RequestorSettings();
$requestorSettings->setScopeType('AllExistingConnectedOrganizationSubjects');
$requestorSettings->setAcceptRequests(true);
$requestorSettings->setAllowedRequestors([ ]);
$requestBody->setRequestorSettings($requestorSettings);
$requestApprovalSettings = new ApprovalSettings();
$requestApprovalSettings->setIsApprovalRequired(true);
$requestApprovalSettings->setIsApprovalRequiredForExtension(false);
$requestApprovalSettings->setIsRequestorJustificationRequired(true);
$requestApprovalSettings->setApprovalMode('Serial');
$approvalStagesApprovalStage1 = new ApprovalStage();
$approvalStagesApprovalStage1->setApprovalStageTimeOutInDays(14);
$approvalStagesApprovalStage1->setIsApproverJustificationRequired(true);
$approvalStagesApprovalStage1->setIsEscalationEnabled(true);
$approvalStagesApprovalStage1->setEscalationTimeInMinutes(11520);
$primaryApproversUserSet1 = new GroupMembers();
$primaryApproversUserSet1->setOdataType('#microsoft.graph.groupMembers');
$primaryApproversUserSet1->setIsBackup(true);
$primaryApproversUserSet1->setId('string (identifier)');
$primaryApproversUserSet1->setDescription('group for users from connected organizations which have no external sponsor');
$primaryApproversArray []= $primaryApproversUserSet1;
$primaryApproversUserSet2 = new ExternalSponsors();
$primaryApproversUserSet2->setOdataType('#microsoft.graph.externalSponsors');
$primaryApproversUserSet2->setIsBackup(false);
$primaryApproversArray []= $primaryApproversUserSet2;
$approvalStagesApprovalStage1->setPrimaryApprovers($primaryApproversArray);
$escalationApproversUserSet1 = new SingleUser();
$escalationApproversUserSet1->setOdataType('#microsoft.graph.singleUser');
$escalationApproversUserSet1->setIsBackup(true);
$escalationApproversUserSet1->setId('string (identifier)');
$escalationApproversUserSet1->setDescription('user if the external sponsor does not respond');
$escalationApproversArray []= $escalationApproversUserSet1;
$approvalStagesApprovalStage1->setEscalationApprovers($escalationApproversArray);
$approvalStagesArray []= $approvalStagesApprovalStage1;
$approvalStagesApprovalStage2 = new ApprovalStage();
$approvalStagesApprovalStage2->setApprovalStageTimeOutInDays(14);
$approvalStagesApprovalStage2->setIsApproverJustificationRequired(true);
$approvalStagesApprovalStage2->setIsEscalationEnabled(true);
$approvalStagesApprovalStage2->setEscalationTimeInMinutes(11520);
$primaryApproversUserSet1 = new GroupMembers();
$primaryApproversUserSet1->setOdataType('#microsoft.graph.groupMembers');
$primaryApproversUserSet1->setIsBackup(true);
$primaryApproversUserSet1->setId('string (identifier)');
$primaryApproversUserSet1->setDescription('group for users from connected organizations which have no internal sponsor');
$primaryApproversArray []= $primaryApproversUserSet1;
$primaryApproversUserSet2 = new InternalSponsors();
$primaryApproversUserSet2->setOdataType('#microsoft.graph.internalSponsors');
$primaryApproversUserSet2->setIsBackup(false);
$primaryApproversArray []= $primaryApproversUserSet2;
$approvalStagesApprovalStage2->setPrimaryApprovers($primaryApproversArray);
$escalationApproversUserSet1 = new SingleUser();
$escalationApproversUserSet1->setOdataType('#microsoft.graph.singleUser');
$escalationApproversUserSet1->setIsBackup(true);
$escalationApproversUserSet1->setId('string (identifier)');
$escalationApproversUserSet1->setDescription('user if the internal sponsor does not respond');
$escalationApproversArray []= $escalationApproversUserSet1;
$approvalStagesApprovalStage2->setEscalationApprovers($escalationApproversArray);
$approvalStagesArray []= $approvalStagesApprovalStage2;
$requestApprovalSettings->setApprovalStages($approvalStagesArray);
$requestBody->setRequestApprovalSettings($requestApprovalSettings);
$accessReviewSettings = new AssignmentReviewSettings();
$accessReviewSettings->setIsEnabled(true);
$accessReviewSettings->setRecurrenceType('quarterly');
$accessReviewSettings->setReviewerType('Self');
$accessReviewSettings->setStartDateTime(new \DateTime('2020-04-01T07:59:59.998Z'));
$accessReviewSettings->setDurationInDays(25);
$accessReviewSettings->setReviewers([]);
$requestBody->setAccessReviewSettings($accessReviewSettings);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackageAssignmentPolicies()->post($requestBody)->wait();
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
accessPackageId = "string (identifier)"
displayName = "Users from connected organizations can request"
description = "Allow users from configured connected organizations to request and be approved by their sponsors"
canExtend = $false
durationInDays = 365
expirationDateTime = $null
requestorSettings = @{
scopeType = "AllExistingConnectedOrganizationSubjects"
acceptRequests = $true
allowedRequestors = @(
)
}
requestApprovalSettings = @{
isApprovalRequired = $true
isApprovalRequiredForExtension = $false
isRequestorJustificationRequired = $true
approvalMode = "Serial"
approvalStages = @(
@{
approvalStageTimeOutInDays = 14
isApproverJustificationRequired = $true
isEscalationEnabled = $true
escalationTimeInMinutes = 11520
primaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.groupMembers"
isBackup = $true
id = "string (identifier)"
description = "group for users from connected organizations which have no external sponsor"
}
@{
"@odata.type" = "#microsoft.graph.externalSponsors"
isBackup = $false
}
)
escalationApprovers = @(
@{
"@odata.type" = "#microsoft.graph.singleUser"
isBackup = $true
id = "string (identifier)"
description = "user if the external sponsor does not respond"
}
)
}
@{
approvalStageTimeOutInDays = 14
isApproverJustificationRequired = $true
isEscalationEnabled = $true
escalationTimeInMinutes = 11520
primaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.groupMembers"
isBackup = $true
id = "string (identifier)"
description = "group for users from connected organizations which have no internal sponsor"
}
@{
"@odata.type" = "#microsoft.graph.internalSponsors"
isBackup = $false
}
)
escalationApprovers = @(
@{
"@odata.type" = "#microsoft.graph.singleUser"
isBackup = $true
id = "string (identifier)"
description = "user if the internal sponsor does not respond"
}
)
}
)
}
accessReviewSettings = @{
isEnabled = $true
recurrenceType = "quarterly"
reviewerType = "Self"
startDateTime = [System.DateTime]::Parse("2020-04-01T07:59:59.998Z")
durationInDays = 25
reviewers = @(
)
}
}
New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_package_assignment_policy import AccessPackageAssignmentPolicy
from msgraph_beta.generated.models.requestor_settings import RequestorSettings
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.approval_settings import ApprovalSettings
from msgraph_beta.generated.models.approval_stage import ApprovalStage
from msgraph_beta.generated.models.group_members import GroupMembers
from msgraph_beta.generated.models.external_sponsors import ExternalSponsors
from msgraph_beta.generated.models.single_user import SingleUser
from msgraph_beta.generated.models.internal_sponsors import InternalSponsors
from msgraph_beta.generated.models.assignment_review_settings import AssignmentReviewSettings
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentPolicy(
access_package_id = "string (identifier)",
display_name = "Users from connected organizations can request",
description = "Allow users from configured connected organizations to request and be approved by their sponsors",
can_extend = False,
duration_in_days = 365,
expiration_date_time = None,
requestor_settings = RequestorSettings(
scope_type = "AllExistingConnectedOrganizationSubjects",
accept_requests = True,
allowed_requestors = [
],
),
request_approval_settings = ApprovalSettings(
is_approval_required = True,
is_approval_required_for_extension = False,
is_requestor_justification_required = True,
approval_mode = "Serial",
approval_stages = [
ApprovalStage(
approval_stage_time_out_in_days = 14,
is_approver_justification_required = True,
is_escalation_enabled = True,
escalation_time_in_minutes = 11520,
primary_approvers = [
GroupMembers(
odata_type = "#microsoft.graph.groupMembers",
is_backup = True,
id = "string (identifier)",
description = "group for users from connected organizations which have no external sponsor",
),
ExternalSponsors(
odata_type = "#microsoft.graph.externalSponsors",
is_backup = False,
),
],
escalation_approvers = [
SingleUser(
odata_type = "#microsoft.graph.singleUser",
is_backup = True,
id = "string (identifier)",
description = "user if the external sponsor does not respond",
),
],
),
ApprovalStage(
approval_stage_time_out_in_days = 14,
is_approver_justification_required = True,
is_escalation_enabled = True,
escalation_time_in_minutes = 11520,
primary_approvers = [
GroupMembers(
odata_type = "#microsoft.graph.groupMembers",
is_backup = True,
id = "string (identifier)",
description = "group for users from connected organizations which have no internal sponsor",
),
InternalSponsors(
odata_type = "#microsoft.graph.internalSponsors",
is_backup = False,
),
],
escalation_approvers = [
SingleUser(
odata_type = "#microsoft.graph.singleUser",
is_backup = True,
id = "string (identifier)",
description = "user if the internal sponsor does not respond",
),
],
),
],
),
access_review_settings = AssignmentReviewSettings(
is_enabled = True,
recurrence_type = "quarterly",
reviewer_type = "Self",
start_date_time = "2020-04-01T07:59:59.998Z",
duration_in_days = 25,
reviewers = [
],
),
)
result = await graph_client.identity_governance.entitlement_management.access_package_assignment_policies.post(request_body)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "4c02f928-7752-49aa-8fc8-e286d973a965",
"accessPackageId": "string (identifier)",
"displayName": "Users from connected organizations can request",
"description": "Allow users from configured connected organizations to request and be approved by their sponsors"
}
示例 3:创建包含问题的分配策略
分配策略中配置的问题将询问到策略范围内的请求者。 他们的答案将向审批者显示。 问题 ID 是只读的,默认情况下包含在响应中。
请求
以下示例显示了创建访问包分配策略的请求。
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json
{
"accessPackageId": "b2eba9a1-b357-42ee-83a8-336522ed6cbf",
"displayName": "Users from connected organizations can request",
"description": "Allow users from configured connected organizations to request and be approved by their sponsors",
"canExtend": false,
"durationInDays": 365,
"expirationDateTime": null,
"requestorSettings": {
"scopeType": "AllExistingConnectedOrganizationSubjects",
"acceptRequests": true
},
"requestApprovalSettings": {
"isApprovalRequired": true,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": true,
"approvalMode": "SingleStage",
"approvalStages": [{
"approvalStageTimeOutInDays": 14,
"isApproverJustificationRequired": true,
"isEscalationEnabled": false,
"escalationTimeInMinutes": 11520,
"primaryApprovers": [{
"@odata.type": "#microsoft.graph.groupMembers",
"isBackup": true,
"id": "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",
"description": "group for users from connected organizations which have no external sponsor"
},
{
"@odata.type": "#microsoft.graph.externalSponsors",
"isBackup": false
}
]
}
]
},
"questions": [{
"isRequired": false,
"text": {
"defaultText": "what state are you from?",
"localizedTexts": [{
"text": "¿De qué estado eres?",
"languageCode": "es"
}]
},
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"choices": [{
"actualValue": "AZ",
"displayValue": {
"localizedTexts": [{
"text": "Arizona",
"languageCode": "es"
}]
}
}, {
"actualValue": "CA",
"displayValue": {
"localizedTexts": [{
"text": "California",
"languageCode": "es"
}]
}
}, {
"actualValue": "OH",
"displayValue": {
"localizedTexts": [{
"text": "Ohio",
"languageCode": "es"
}]
}
}],
"allowsMultipleSelection": false
}, {
"isRequired": false,
"text": {
"defaultText": "Who is your manager?",
"localizedTexts": [{
"text": "por qué necesita acceso a este paquete",
"languageCode": "es"
}]
},
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"isSingleLineQuestion": false
}]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new AccessPackageAssignmentPolicy
{
AccessPackageId = "b2eba9a1-b357-42ee-83a8-336522ed6cbf",
DisplayName = "Users from connected organizations can request",
Description = "Allow users from configured connected organizations to request and be approved by their sponsors",
CanExtend = false,
DurationInDays = 365,
ExpirationDateTime = null,
RequestorSettings = new RequestorSettings
{
ScopeType = "AllExistingConnectedOrganizationSubjects",
AcceptRequests = true,
},
RequestApprovalSettings = new ApprovalSettings
{
IsApprovalRequired = true,
IsApprovalRequiredForExtension = false,
IsRequestorJustificationRequired = true,
ApprovalMode = "SingleStage",
ApprovalStages = new List<ApprovalStage>
{
new ApprovalStage
{
ApprovalStageTimeOutInDays = 14,
IsApproverJustificationRequired = true,
IsEscalationEnabled = false,
EscalationTimeInMinutes = 11520,
PrimaryApprovers = new List<UserSet>
{
new GroupMembers
{
OdataType = "#microsoft.graph.groupMembers",
IsBackup = true,
Id = "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",
Description = "group for users from connected organizations which have no external sponsor",
},
new ExternalSponsors
{
OdataType = "#microsoft.graph.externalSponsors",
IsBackup = false,
},
},
},
},
},
Questions = new List<AccessPackageQuestion>
{
new AccessPackageMultipleChoiceQuestion
{
IsRequired = false,
Text = new AccessPackageLocalizedContent
{
DefaultText = "what state are you from?",
LocalizedTexts = new List<AccessPackageLocalizedText>
{
new AccessPackageLocalizedText
{
Text = "¿De qué estado eres?",
LanguageCode = "es",
},
},
},
OdataType = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
Choices = new List<AccessPackageAnswerChoice>
{
new AccessPackageAnswerChoice
{
ActualValue = "AZ",
DisplayValue = new AccessPackageLocalizedContent
{
LocalizedTexts = new List<AccessPackageLocalizedText>
{
new AccessPackageLocalizedText
{
Text = "Arizona",
LanguageCode = "es",
},
},
},
},
new AccessPackageAnswerChoice
{
ActualValue = "CA",
DisplayValue = new AccessPackageLocalizedContent
{
LocalizedTexts = new List<AccessPackageLocalizedText>
{
new AccessPackageLocalizedText
{
Text = "California",
LanguageCode = "es",
},
},
},
},
new AccessPackageAnswerChoice
{
ActualValue = "OH",
DisplayValue = new AccessPackageLocalizedContent
{
LocalizedTexts = new List<AccessPackageLocalizedText>
{
new AccessPackageLocalizedText
{
Text = "Ohio",
LanguageCode = "es",
},
},
},
},
},
AllowsMultipleSelection = false,
},
new AccessPackageTextInputQuestion
{
IsRequired = false,
Text = new AccessPackageLocalizedContent
{
DefaultText = "Who is your manager?",
LocalizedTexts = new List<AccessPackageLocalizedText>
{
new AccessPackageLocalizedText
{
Text = "por qué necesita acceso a este paquete",
LanguageCode = "es",
},
},
},
OdataType = "#microsoft.graph.accessPackageTextInputQuestion",
IsSingleLineQuestion = false,
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies.PostAsync(requestBody);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
mgc-beta identity-governance entitlement-management access-package-assignment-policies create --body '{\
"accessPackageId": "b2eba9a1-b357-42ee-83a8-336522ed6cbf",\
"displayName": "Users from connected organizations can request",\
"description": "Allow users from configured connected organizations to request and be approved by their sponsors",\
"canExtend": false,\
"durationInDays": 365,\
"expirationDateTime": null,\
"requestorSettings": {\
"scopeType": "AllExistingConnectedOrganizationSubjects",\
"acceptRequests": true\
},\
"requestApprovalSettings": {\
"isApprovalRequired": true,\
"isApprovalRequiredForExtension": false,\
"isRequestorJustificationRequired": true,\
"approvalMode": "SingleStage",\
"approvalStages": [{\
"approvalStageTimeOutInDays": 14,\
"isApproverJustificationRequired": true,\
"isEscalationEnabled": false,\
"escalationTimeInMinutes": 11520,\
"primaryApprovers": [{\
"@odata.type": "#microsoft.graph.groupMembers",\
"isBackup": true,\
"id": "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",\
"description": "group for users from connected organizations which have no external sponsor"\
},\
{\
"@odata.type": "#microsoft.graph.externalSponsors",\
"isBackup": false\
}\
]\
}\
]\
},\
"questions": [{\
"isRequired": false,\
"text": {\
"defaultText": "what state are you from?",\
"localizedTexts": [{\
"text": "¿De qué estado eres?",\
"languageCode": "es"\
}]\
},\
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",\
"choices": [{\
"actualValue": "AZ",\
"displayValue": {\
"localizedTexts": [{\
"text": "Arizona",\
"languageCode": "es"\
}]\
}\
}, {\
"actualValue": "CA",\
"displayValue": {\
"localizedTexts": [{\
"text": "California",\
"languageCode": "es"\
}]\
}\
}, {\
"actualValue": "OH",\
"displayValue": {\
"localizedTexts": [{\
"text": "Ohio",\
"languageCode": "es"\
}]\
}\
}],\
"allowsMultipleSelection": false\
}, {\
"isRequired": false,\
"text": {\
"defaultText": "Who is your manager?",\
"localizedTexts": [{\
"text": "por qué necesita acceso a este paquete",\
"languageCode": "es"\
}]\
},\
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",\
"isSingleLineQuestion": false\
}]\
}\
'
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentPolicy()
accessPackageId := "b2eba9a1-b357-42ee-83a8-336522ed6cbf"
requestBody.SetAccessPackageId(&accessPackageId)
displayName := "Users from connected organizations can request"
requestBody.SetDisplayName(&displayName)
description := "Allow users from configured connected organizations to request and be approved by their sponsors"
requestBody.SetDescription(&description)
canExtend := false
requestBody.SetCanExtend(&canExtend)
durationInDays := int32(365)
requestBody.SetDurationInDays(&durationInDays)
expirationDateTime := null
requestBody.SetExpirationDateTime(&expirationDateTime)
requestorSettings := graphmodels.NewRequestorSettings()
scopeType := "AllExistingConnectedOrganizationSubjects"
requestorSettings.SetScopeType(&scopeType)
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
requestBody.SetRequestorSettings(requestorSettings)
requestApprovalSettings := graphmodels.NewApprovalSettings()
isApprovalRequired := true
requestApprovalSettings.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
requestApprovalSettings.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := true
requestApprovalSettings.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "SingleStage"
requestApprovalSettings.SetApprovalMode(&approvalMode)
approvalStage := graphmodels.NewApprovalStage()
approvalStageTimeOutInDays := int32(14)
approvalStage.SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
approvalStage.SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := false
approvalStage.SetIsEscalationEnabled(&isEscalationEnabled)
escalationTimeInMinutes := int32(11520)
approvalStage.SetEscalationTimeInMinutes(&escalationTimeInMinutes)
userSet := graphmodels.NewGroupMembers()
isBackup := true
userSet.SetIsBackup(&isBackup)
id := "d2dcb9a1-a445-42ee-83a8-476522ed6cbf"
userSet.SetId(&id)
description := "group for users from connected organizations which have no external sponsor"
userSet.SetDescription(&description)
userSet1 := graphmodels.NewExternalSponsors()
isBackup := false
userSet1.SetIsBackup(&isBackup)
primaryApprovers := []graphmodels.UserSetable {
userSet,
userSet1,
}
approvalStage.SetPrimaryApprovers(primaryApprovers)
approvalStages := []graphmodels.ApprovalStageable {
approvalStage,
}
requestApprovalSettings.SetApprovalStages(approvalStages)
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
accessPackageQuestion := graphmodels.NewAccessPackageMultipleChoiceQuestion()
isRequired := false
accessPackageQuestion.SetIsRequired(&isRequired)
text := graphmodels.NewAccessPackageLocalizedContent()
defaultText := "what state are you from?"
text.SetDefaultText(&defaultText)
accessPackageLocalizedText := graphmodels.NewAccessPackageLocalizedText()
text := "¿De qué estado eres?"
accessPackageLocalizedText.SetText(&text)
languageCode := "es"
accessPackageLocalizedText.SetLanguageCode(&languageCode)
localizedTexts := []graphmodels.AccessPackageLocalizedTextable {
accessPackageLocalizedText,
}
text.SetLocalizedTexts(localizedTexts)
accessPackageQuestion.SetText(text)
accessPackageAnswerChoice := graphmodels.NewAccessPackageAnswerChoice()
actualValue := "AZ"
accessPackageAnswerChoice.SetActualValue(&actualValue)
displayValue := graphmodels.NewAccessPackageLocalizedContent()
accessPackageLocalizedText := graphmodels.NewAccessPackageLocalizedText()
text := "Arizona"
accessPackageLocalizedText.SetText(&text)
languageCode := "es"
accessPackageLocalizedText.SetLanguageCode(&languageCode)
localizedTexts := []graphmodels.AccessPackageLocalizedTextable {
accessPackageLocalizedText,
}
displayValue.SetLocalizedTexts(localizedTexts)
accessPackageAnswerChoice.SetDisplayValue(displayValue)
accessPackageAnswerChoice1 := graphmodels.NewAccessPackageAnswerChoice()
actualValue := "CA"
accessPackageAnswerChoice1.SetActualValue(&actualValue)
displayValue := graphmodels.NewAccessPackageLocalizedContent()
accessPackageLocalizedText := graphmodels.NewAccessPackageLocalizedText()
text := "California"
accessPackageLocalizedText.SetText(&text)
languageCode := "es"
accessPackageLocalizedText.SetLanguageCode(&languageCode)
localizedTexts := []graphmodels.AccessPackageLocalizedTextable {
accessPackageLocalizedText,
}
displayValue.SetLocalizedTexts(localizedTexts)
accessPackageAnswerChoice1.SetDisplayValue(displayValue)
accessPackageAnswerChoice2 := graphmodels.NewAccessPackageAnswerChoice()
actualValue := "OH"
accessPackageAnswerChoice2.SetActualValue(&actualValue)
displayValue := graphmodels.NewAccessPackageLocalizedContent()
accessPackageLocalizedText := graphmodels.NewAccessPackageLocalizedText()
text := "Ohio"
accessPackageLocalizedText.SetText(&text)
languageCode := "es"
accessPackageLocalizedText.SetLanguageCode(&languageCode)
localizedTexts := []graphmodels.AccessPackageLocalizedTextable {
accessPackageLocalizedText,
}
displayValue.SetLocalizedTexts(localizedTexts)
accessPackageAnswerChoice2.SetDisplayValue(displayValue)
choices := []graphmodels.AccessPackageAnswerChoiceable {
accessPackageAnswerChoice,
accessPackageAnswerChoice1,
accessPackageAnswerChoice2,
}
accessPackageQuestion.SetChoices(choices)
allowsMultipleSelection := false
accessPackageQuestion.SetAllowsMultipleSelection(&allowsMultipleSelection)
accessPackageQuestion1 := graphmodels.NewAccessPackageTextInputQuestion()
isRequired := false
accessPackageQuestion1.SetIsRequired(&isRequired)
text := graphmodels.NewAccessPackageLocalizedContent()
defaultText := "Who is your manager?"
text.SetDefaultText(&defaultText)
accessPackageLocalizedText := graphmodels.NewAccessPackageLocalizedText()
text := "por qué necesita acceso a este paquete"
accessPackageLocalizedText.SetText(&text)
languageCode := "es"
accessPackageLocalizedText.SetLanguageCode(&languageCode)
localizedTexts := []graphmodels.AccessPackageLocalizedTextable {
accessPackageLocalizedText,
}
text.SetLocalizedTexts(localizedTexts)
accessPackageQuestion1.SetText(text)
isSingleLineQuestion := false
accessPackageQuestion1.SetIsSingleLineQuestion(&isSingleLineQuestion)
questions := []graphmodels.AccessPackageQuestionable {
accessPackageQuestion,
accessPackageQuestion1,
}
requestBody.SetQuestions(questions)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessPackageAssignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(context.Background(), requestBody, nil)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.setAccessPackageId("b2eba9a1-b357-42ee-83a8-336522ed6cbf");
accessPackageAssignmentPolicy.setDisplayName("Users from connected organizations can request");
accessPackageAssignmentPolicy.setDescription("Allow users from configured connected organizations to request and be approved by their sponsors");
accessPackageAssignmentPolicy.setCanExtend(false);
accessPackageAssignmentPolicy.setDurationInDays(365);
accessPackageAssignmentPolicy.setExpirationDateTime(null);
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.setScopeType("AllExistingConnectedOrganizationSubjects");
requestorSettings.setAcceptRequests(true);
accessPackageAssignmentPolicy.setRequestorSettings(requestorSettings);
ApprovalSettings requestApprovalSettings = new ApprovalSettings();
requestApprovalSettings.setIsApprovalRequired(true);
requestApprovalSettings.setIsApprovalRequiredForExtension(false);
requestApprovalSettings.setIsRequestorJustificationRequired(true);
requestApprovalSettings.setApprovalMode("SingleStage");
LinkedList<ApprovalStage> approvalStages = new LinkedList<ApprovalStage>();
ApprovalStage approvalStage = new ApprovalStage();
approvalStage.setApprovalStageTimeOutInDays(14);
approvalStage.setIsApproverJustificationRequired(true);
approvalStage.setIsEscalationEnabled(false);
approvalStage.setEscalationTimeInMinutes(11520);
LinkedList<UserSet> primaryApprovers = new LinkedList<UserSet>();
GroupMembers userSet = new GroupMembers();
userSet.setOdataType("#microsoft.graph.groupMembers");
userSet.setIsBackup(true);
userSet.setId("d2dcb9a1-a445-42ee-83a8-476522ed6cbf");
userSet.setDescription("group for users from connected organizations which have no external sponsor");
primaryApprovers.add(userSet);
ExternalSponsors userSet1 = new ExternalSponsors();
userSet1.setOdataType("#microsoft.graph.externalSponsors");
userSet1.setIsBackup(false);
primaryApprovers.add(userSet1);
approvalStage.setPrimaryApprovers(primaryApprovers);
approvalStages.add(approvalStage);
requestApprovalSettings.setApprovalStages(approvalStages);
accessPackageAssignmentPolicy.setRequestApprovalSettings(requestApprovalSettings);
LinkedList<AccessPackageQuestion> questions = new LinkedList<AccessPackageQuestion>();
AccessPackageMultipleChoiceQuestion accessPackageQuestion = new AccessPackageMultipleChoiceQuestion();
accessPackageQuestion.setIsRequired(false);
AccessPackageLocalizedContent text = new AccessPackageLocalizedContent();
text.setDefaultText("what state are you from?");
LinkedList<AccessPackageLocalizedText> localizedTexts = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText accessPackageLocalizedText = new AccessPackageLocalizedText();
accessPackageLocalizedText.setText("¿De qué estado eres?");
accessPackageLocalizedText.setLanguageCode("es");
localizedTexts.add(accessPackageLocalizedText);
text.setLocalizedTexts(localizedTexts);
accessPackageQuestion.setText(text);
accessPackageQuestion.setOdataType("#microsoft.graph.accessPackageMultipleChoiceQuestion");
LinkedList<AccessPackageAnswerChoice> choices = new LinkedList<AccessPackageAnswerChoice>();
AccessPackageAnswerChoice accessPackageAnswerChoice = new AccessPackageAnswerChoice();
accessPackageAnswerChoice.setActualValue("AZ");
AccessPackageLocalizedContent displayValue = new AccessPackageLocalizedContent();
LinkedList<AccessPackageLocalizedText> localizedTexts1 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText accessPackageLocalizedText1 = new AccessPackageLocalizedText();
accessPackageLocalizedText1.setText("Arizona");
accessPackageLocalizedText1.setLanguageCode("es");
localizedTexts1.add(accessPackageLocalizedText1);
displayValue.setLocalizedTexts(localizedTexts1);
accessPackageAnswerChoice.setDisplayValue(displayValue);
choices.add(accessPackageAnswerChoice);
AccessPackageAnswerChoice accessPackageAnswerChoice1 = new AccessPackageAnswerChoice();
accessPackageAnswerChoice1.setActualValue("CA");
AccessPackageLocalizedContent displayValue1 = new AccessPackageLocalizedContent();
LinkedList<AccessPackageLocalizedText> localizedTexts2 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText accessPackageLocalizedText2 = new AccessPackageLocalizedText();
accessPackageLocalizedText2.setText("California");
accessPackageLocalizedText2.setLanguageCode("es");
localizedTexts2.add(accessPackageLocalizedText2);
displayValue1.setLocalizedTexts(localizedTexts2);
accessPackageAnswerChoice1.setDisplayValue(displayValue1);
choices.add(accessPackageAnswerChoice1);
AccessPackageAnswerChoice accessPackageAnswerChoice2 = new AccessPackageAnswerChoice();
accessPackageAnswerChoice2.setActualValue("OH");
AccessPackageLocalizedContent displayValue2 = new AccessPackageLocalizedContent();
LinkedList<AccessPackageLocalizedText> localizedTexts3 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText accessPackageLocalizedText3 = new AccessPackageLocalizedText();
accessPackageLocalizedText3.setText("Ohio");
accessPackageLocalizedText3.setLanguageCode("es");
localizedTexts3.add(accessPackageLocalizedText3);
displayValue2.setLocalizedTexts(localizedTexts3);
accessPackageAnswerChoice2.setDisplayValue(displayValue2);
choices.add(accessPackageAnswerChoice2);
accessPackageQuestion.setChoices(choices);
accessPackageQuestion.setAllowsMultipleSelection(false);
questions.add(accessPackageQuestion);
AccessPackageTextInputQuestion accessPackageQuestion1 = new AccessPackageTextInputQuestion();
accessPackageQuestion1.setIsRequired(false);
AccessPackageLocalizedContent text5 = new AccessPackageLocalizedContent();
text5.setDefaultText("Who is your manager?");
LinkedList<AccessPackageLocalizedText> localizedTexts4 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText accessPackageLocalizedText4 = new AccessPackageLocalizedText();
accessPackageLocalizedText4.setText("por qué necesita acceso a este paquete");
accessPackageLocalizedText4.setLanguageCode("es");
localizedTexts4.add(accessPackageLocalizedText4);
text5.setLocalizedTexts(localizedTexts4);
accessPackageQuestion1.setText(text5);
accessPackageQuestion1.setOdataType("#microsoft.graph.accessPackageTextInputQuestion");
accessPackageQuestion1.setIsSingleLineQuestion(false);
questions.add(accessPackageQuestion1);
accessPackageAssignmentPolicy.setQuestions(questions);
AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies().post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
accessPackageId: 'b2eba9a1-b357-42ee-83a8-336522ed6cbf',
displayName: 'Users from connected organizations can request',
description: 'Allow users from configured connected organizations to request and be approved by their sponsors',
canExtend: false,
durationInDays: 365,
expirationDateTime: null,
requestorSettings: {
scopeType: 'AllExistingConnectedOrganizationSubjects',
acceptRequests: true
},
requestApprovalSettings: {
isApprovalRequired: true,
isApprovalRequiredForExtension: false,
isRequestorJustificationRequired: true,
approvalMode: 'SingleStage',
approvalStages: [{
approvalStageTimeOutInDays: 14,
isApproverJustificationRequired: true,
isEscalationEnabled: false,
escalationTimeInMinutes: 11520,
primaryApprovers: [{
'@odata.type': '#microsoft.graph.groupMembers',
isBackup: true,
id: 'd2dcb9a1-a445-42ee-83a8-476522ed6cbf',
description: 'group for users from connected organizations which have no external sponsor'
},
{
'@odata.type': '#microsoft.graph.externalSponsors',
isBackup: false
}
]
}
]
},
questions: [{
isRequired: false,
text: {
defaultText: 'what state are you from?',
localizedTexts: [{
text: '¿De qué estado eres?',
languageCode: 'es'
}]
},
'@odata.type': '#microsoft.graph.accessPackageMultipleChoiceQuestion',
choices: [{
actualValue: 'AZ',
displayValue: {
localizedTexts: [{
text: 'Arizona',
languageCode: 'es'
}]
}
}, {
actualValue: 'CA',
displayValue: {
localizedTexts: [{
text: 'California',
languageCode: 'es'
}]
}
}, {
actualValue: 'OH',
displayValue: {
localizedTexts: [{
text: 'Ohio',
languageCode: 'es'
}]
}
}],
allowsMultipleSelection: false
}, {
isRequired: false,
text: {
defaultText: 'Who is your manager?',
localizedTexts: [{
text: 'por qué necesita acceso a este paquete',
languageCode: 'es'
}]
},
'@odata.type': '#microsoft.graph.accessPackageTextInputQuestion',
isSingleLineQuestion: false
}]
};
await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
.version('beta')
.post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAssignmentPolicy;
use Microsoft\Graph\Beta\Generated\Models\RequestorSettings;
use Microsoft\Graph\Beta\Generated\Models\ApprovalSettings;
use Microsoft\Graph\Beta\Generated\Models\ApprovalStage;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\GroupMembers;
use Microsoft\Graph\Beta\Generated\Models\ExternalSponsors;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageQuestion;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageMultipleChoiceQuestion;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageLocalizedContent;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageLocalizedText;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAnswerChoice;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageTextInputQuestion;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentPolicy();
$requestBody->setAccessPackageId('b2eba9a1-b357-42ee-83a8-336522ed6cbf');
$requestBody->setDisplayName('Users from connected organizations can request');
$requestBody->setDescription('Allow users from configured connected organizations to request and be approved by their sponsors');
$requestBody->setCanExtend(false);
$requestBody->setDurationInDays(365);
$requestBody->setExpirationDateTime(null);
$requestorSettings = new RequestorSettings();
$requestorSettings->setScopeType('AllExistingConnectedOrganizationSubjects');
$requestorSettings->setAcceptRequests(true);
$requestBody->setRequestorSettings($requestorSettings);
$requestApprovalSettings = new ApprovalSettings();
$requestApprovalSettings->setIsApprovalRequired(true);
$requestApprovalSettings->setIsApprovalRequiredForExtension(false);
$requestApprovalSettings->setIsRequestorJustificationRequired(true);
$requestApprovalSettings->setApprovalMode('SingleStage');
$approvalStagesApprovalStage1 = new ApprovalStage();
$approvalStagesApprovalStage1->setApprovalStageTimeOutInDays(14);
$approvalStagesApprovalStage1->setIsApproverJustificationRequired(true);
$approvalStagesApprovalStage1->setIsEscalationEnabled(false);
$approvalStagesApprovalStage1->setEscalationTimeInMinutes(11520);
$primaryApproversUserSet1 = new GroupMembers();
$primaryApproversUserSet1->setOdataType('#microsoft.graph.groupMembers');
$primaryApproversUserSet1->setIsBackup(true);
$primaryApproversUserSet1->setId('d2dcb9a1-a445-42ee-83a8-476522ed6cbf');
$primaryApproversUserSet1->setDescription('group for users from connected organizations which have no external sponsor');
$primaryApproversArray []= $primaryApproversUserSet1;
$primaryApproversUserSet2 = new ExternalSponsors();
$primaryApproversUserSet2->setOdataType('#microsoft.graph.externalSponsors');
$primaryApproversUserSet2->setIsBackup(false);
$primaryApproversArray []= $primaryApproversUserSet2;
$approvalStagesApprovalStage1->setPrimaryApprovers($primaryApproversArray);
$approvalStagesArray []= $approvalStagesApprovalStage1;
$requestApprovalSettings->setApprovalStages($approvalStagesArray);
$requestBody->setRequestApprovalSettings($requestApprovalSettings);
$questionsAccessPackageQuestion1 = new AccessPackageMultipleChoiceQuestion();
$questionsAccessPackageQuestion1->setIsRequired(false);
$questionsAccessPackageQuestion1Text = new AccessPackageLocalizedContent();
$questionsAccessPackageQuestion1Text->setDefaultText('what state are you from?');
$localizedTextsAccessPackageLocalizedText1 = new AccessPackageLocalizedText();
$localizedTextsAccessPackageLocalizedText1->setText('¿De qué estado eres?');
$localizedTextsAccessPackageLocalizedText1->setLanguageCode('es');
$localizedTextsArray []= $localizedTextsAccessPackageLocalizedText1;
$questionsAccessPackageQuestion1Text->setLocalizedTexts($localizedTextsArray);
$questionsAccessPackageQuestion1->setText($questionsAccessPackageQuestion1Text);
$questionsAccessPackageQuestion1->setOdataType('#microsoft.graph.accessPackageMultipleChoiceQuestion');
$choicesAccessPackageAnswerChoice1 = new AccessPackageAnswerChoice();
$choicesAccessPackageAnswerChoice1->setActualValue('AZ');
$choicesAccessPackageAnswerChoice1DisplayValue = new AccessPackageLocalizedContent();
$localizedTextsAccessPackageLocalizedText1 = new AccessPackageLocalizedText();
$localizedTextsAccessPackageLocalizedText1->setText('Arizona');
$localizedTextsAccessPackageLocalizedText1->setLanguageCode('es');
$localizedTextsArray []= $localizedTextsAccessPackageLocalizedText1;
$choicesAccessPackageAnswerChoice1DisplayValue->setLocalizedTexts($localizedTextsArray);
$choicesAccessPackageAnswerChoice1->setDisplayValue($choicesAccessPackageAnswerChoice1DisplayValue);
$choicesArray []= $choicesAccessPackageAnswerChoice1;
$choicesAccessPackageAnswerChoice2 = new AccessPackageAnswerChoice();
$choicesAccessPackageAnswerChoice2->setActualValue('CA');
$choicesAccessPackageAnswerChoice2DisplayValue = new AccessPackageLocalizedContent();
$localizedTextsAccessPackageLocalizedText1 = new AccessPackageLocalizedText();
$localizedTextsAccessPackageLocalizedText1->setText('California');
$localizedTextsAccessPackageLocalizedText1->setLanguageCode('es');
$localizedTextsArray []= $localizedTextsAccessPackageLocalizedText1;
$choicesAccessPackageAnswerChoice2DisplayValue->setLocalizedTexts($localizedTextsArray);
$choicesAccessPackageAnswerChoice2->setDisplayValue($choicesAccessPackageAnswerChoice2DisplayValue);
$choicesArray []= $choicesAccessPackageAnswerChoice2;
$choicesAccessPackageAnswerChoice3 = new AccessPackageAnswerChoice();
$choicesAccessPackageAnswerChoice3->setActualValue('OH');
$choicesAccessPackageAnswerChoice3DisplayValue = new AccessPackageLocalizedContent();
$localizedTextsAccessPackageLocalizedText1 = new AccessPackageLocalizedText();
$localizedTextsAccessPackageLocalizedText1->setText('Ohio');
$localizedTextsAccessPackageLocalizedText1->setLanguageCode('es');
$localizedTextsArray []= $localizedTextsAccessPackageLocalizedText1;
$choicesAccessPackageAnswerChoice3DisplayValue->setLocalizedTexts($localizedTextsArray);
$choicesAccessPackageAnswerChoice3->setDisplayValue($choicesAccessPackageAnswerChoice3DisplayValue);
$choicesArray []= $choicesAccessPackageAnswerChoice3;
$questionsAccessPackageQuestion1->setChoices($choicesArray);
$questionsAccessPackageQuestion1->setAllowsMultipleSelection(false);
$questionsArray []= $questionsAccessPackageQuestion1;
$questionsAccessPackageQuestion2 = new AccessPackageTextInputQuestion();
$questionsAccessPackageQuestion2->setIsRequired(false);
$questionsAccessPackageQuestion2Text = new AccessPackageLocalizedContent();
$questionsAccessPackageQuestion2Text->setDefaultText('Who is your manager?');
$localizedTextsAccessPackageLocalizedText1 = new AccessPackageLocalizedText();
$localizedTextsAccessPackageLocalizedText1->setText('por qué necesita acceso a este paquete');
$localizedTextsAccessPackageLocalizedText1->setLanguageCode('es');
$localizedTextsArray []= $localizedTextsAccessPackageLocalizedText1;
$questionsAccessPackageQuestion2Text->setLocalizedTexts($localizedTextsArray);
$questionsAccessPackageQuestion2->setText($questionsAccessPackageQuestion2Text);
$questionsAccessPackageQuestion2->setOdataType('#microsoft.graph.accessPackageTextInputQuestion');
$questionsAccessPackageQuestion2->setIsSingleLineQuestion(false);
$questionsArray []= $questionsAccessPackageQuestion2;
$requestBody->setQuestions($questionsArray);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackageAssignmentPolicies()->post($requestBody)->wait();
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
accessPackageId = "b2eba9a1-b357-42ee-83a8-336522ed6cbf"
displayName = "Users from connected organizations can request"
description = "Allow users from configured connected organizations to request and be approved by their sponsors"
canExtend = $false
durationInDays = 365
expirationDateTime = $null
requestorSettings = @{
scopeType = "AllExistingConnectedOrganizationSubjects"
acceptRequests = $true
}
requestApprovalSettings = @{
isApprovalRequired = $true
isApprovalRequiredForExtension = $false
isRequestorJustificationRequired = $true
approvalMode = "SingleStage"
approvalStages = @(
@{
approvalStageTimeOutInDays = 14
isApproverJustificationRequired = $true
isEscalationEnabled = $false
escalationTimeInMinutes = 11520
primaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.groupMembers"
isBackup = $true
id = "d2dcb9a1-a445-42ee-83a8-476522ed6cbf"
description = "group for users from connected organizations which have no external sponsor"
}
@{
"@odata.type" = "#microsoft.graph.externalSponsors"
isBackup = $false
}
)
}
)
}
questions = @(
@{
isRequired = $false
text = @{
defaultText = "what state are you from?"
localizedTexts = @(
@{
text = "¿De qué estado eres?"
languageCode = "es"
}
)
}
"@odata.type" = "#microsoft.graph.accessPackageMultipleChoiceQuestion"
choices = @(
@{
actualValue = "AZ"
displayValue = @{
localizedTexts = @(
@{
text = "Arizona"
languageCode = "es"
}
)
}
}
@{
actualValue = "CA"
displayValue = @{
localizedTexts = @(
@{
text = "California"
languageCode = "es"
}
)
}
}
@{
actualValue = "OH"
displayValue = @{
localizedTexts = @(
@{
text = "Ohio"
languageCode = "es"
}
)
}
}
)
allowsMultipleSelection = $false
}
@{
isRequired = $false
text = @{
defaultText = "Who is your manager?"
localizedTexts = @(
@{
text = "por qué necesita acceso a este paquete"
languageCode = "es"
}
)
}
"@odata.type" = "#microsoft.graph.accessPackageTextInputQuestion"
isSingleLineQuestion = $false
}
)
}
New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_package_assignment_policy import AccessPackageAssignmentPolicy
from msgraph_beta.generated.models.requestor_settings import RequestorSettings
from msgraph_beta.generated.models.approval_settings import ApprovalSettings
from msgraph_beta.generated.models.approval_stage import ApprovalStage
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.group_members import GroupMembers
from msgraph_beta.generated.models.external_sponsors import ExternalSponsors
from msgraph_beta.generated.models.access_package_question import AccessPackageQuestion
from msgraph_beta.generated.models.access_package_multiple_choice_question import AccessPackageMultipleChoiceQuestion
from msgraph_beta.generated.models.access_package_localized_content import AccessPackageLocalizedContent
from msgraph_beta.generated.models.access_package_localized_text import AccessPackageLocalizedText
from msgraph_beta.generated.models.access_package_answer_choice import AccessPackageAnswerChoice
from msgraph_beta.generated.models.access_package_text_input_question import AccessPackageTextInputQuestion
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentPolicy(
access_package_id = "b2eba9a1-b357-42ee-83a8-336522ed6cbf",
display_name = "Users from connected organizations can request",
description = "Allow users from configured connected organizations to request and be approved by their sponsors",
can_extend = False,
duration_in_days = 365,
expiration_date_time = None,
requestor_settings = RequestorSettings(
scope_type = "AllExistingConnectedOrganizationSubjects",
accept_requests = True,
),
request_approval_settings = ApprovalSettings(
is_approval_required = True,
is_approval_required_for_extension = False,
is_requestor_justification_required = True,
approval_mode = "SingleStage",
approval_stages = [
ApprovalStage(
approval_stage_time_out_in_days = 14,
is_approver_justification_required = True,
is_escalation_enabled = False,
escalation_time_in_minutes = 11520,
primary_approvers = [
GroupMembers(
odata_type = "#microsoft.graph.groupMembers",
is_backup = True,
id = "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",
description = "group for users from connected organizations which have no external sponsor",
),
ExternalSponsors(
odata_type = "#microsoft.graph.externalSponsors",
is_backup = False,
),
],
),
],
),
questions = [
AccessPackageMultipleChoiceQuestion(
is_required = False,
text = AccessPackageLocalizedContent(
default_text = "what state are you from?",
localized_texts = [
AccessPackageLocalizedText(
text = "¿De qué estado eres?",
language_code = "es",
),
],
),
odata_type = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
choices = [
AccessPackageAnswerChoice(
actual_value = "AZ",
display_value = AccessPackageLocalizedContent(
localized_texts = [
AccessPackageLocalizedText(
text = "Arizona",
language_code = "es",
),
],
),
),
AccessPackageAnswerChoice(
actual_value = "CA",
display_value = AccessPackageLocalizedContent(
localized_texts = [
AccessPackageLocalizedText(
text = "California",
language_code = "es",
),
],
),
),
AccessPackageAnswerChoice(
actual_value = "OH",
display_value = AccessPackageLocalizedContent(
localized_texts = [
AccessPackageLocalizedText(
text = "Ohio",
language_code = "es",
),
],
),
),
],
allows_multiple_selection = False,
),
AccessPackageTextInputQuestion(
is_required = False,
text = AccessPackageLocalizedContent(
default_text = "Who is your manager?",
localized_texts = [
AccessPackageLocalizedText(
text = "por qué necesita acceso a este paquete",
language_code = "es",
),
],
),
odata_type = "#microsoft.graph.accessPackageTextInputQuestion",
is_single_line_question = False,
),
],
)
result = await graph_client.identity_governance.entitlement_management.access_package_assignment_policies.post(request_body)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "4c02f928-7752-49aa-8fc8-e286d973a965",
"accessPackageId": "string (identifier)",
"displayName": "Users from connected organizations can request",
"description": "Allow users from configured connected organizations to request and be approved by their sponsors",
"questions": [{
"id" : "BD3F6B95-458D-4BC8-A9A6-8D4B29F64F3D",
"isRequired": false,
"text": {
"defaultText": "what state are you from?",
"localizedTexts": [{
"text": "¿De qué estado eres?",
"languageCode": "es"
}]
},
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"choices": [{
"actualValue": "AZ",
"displayValue": {
"localizedTexts": [{
"text": "Arizona?",
"languageCode": "es"
}]
}
}, {
"actualValue": "CA",
"displayValue": {
"localizedTexts": [{
"text": "California",
"languageCode": "es"
}]
}
}, {
"actualValue": "OH",
"displayValue": {
"localizedTexts": [{
"text": "Ohio",
"languageCode": "es"
}]
}
}],
"allowsMultipleSelection": false
}, {
"id" : "F652C13C-A660-4E4C-A1E0-CE9FEC6EE57A",
"isRequired": false,
"text": {
"defaultText": "Who is your manager?",
"localizedTexts": [{
"text": "por qué necesita acceso a este paquete",
"languageCode": "es"
}]
},
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"isSingleLineQuestion": false
}]
}
示例 4:创建策略并指定触发预定义自定义工作流扩展的阶段
请求
在以下示例中,在创建访问包分配的请求并授予请求时,将触发预定义的 customAccessPackageWorkflowExtension 对象。 customExtension 字段中提供的标识符是 customAccessPackageWorkflowExtension 对象的 ID。
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json
{
"displayName": "extension-policy",
"description": "test",
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
"expiration": {
"type": "afterDuration",
"duration": "P365D"
},
"canExtend": false,
"requestApprovalSettings": null,
"requestorSettings": {
"acceptRequests": true,
"scopeType": "AllExistingDirectorySubjects",
"allowedRequestors": [],
"isOnBehalfAllowed": false
},
"accessReviewSettings": null,
"questions": [],
"customExtensionHandlers": [
{
"stage": "assignmentRequestCreated",
"customExtension": {
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
},
{
"stage": "assignmentRequestGranted",
"customExtension": {
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
using Microsoft.Kiota.Abstractions.Serialization;
var requestBody = new AccessPackageAssignmentPolicy
{
DisplayName = "extension-policy",
Description = "test",
AccessPackageId = "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
CanExtend = false,
RequestApprovalSettings = null,
RequestorSettings = new RequestorSettings
{
AcceptRequests = true,
ScopeType = "AllExistingDirectorySubjects",
AllowedRequestors = new List<UserSet>
{
},
AdditionalData = new Dictionary<string, object>
{
{
"isOnBehalfAllowed" , false
},
},
},
AccessReviewSettings = null,
Questions = new List<AccessPackageQuestion>
{
},
CustomExtensionHandlers = new List<CustomExtensionHandler>
{
new CustomExtensionHandler
{
Stage = AccessPackageCustomExtensionStage.AssignmentRequestCreated,
CustomExtension = new CustomAccessPackageWorkflowExtension
{
Id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
},
},
new CustomExtensionHandler
{
Stage = AccessPackageCustomExtensionStage.AssignmentRequestGranted,
CustomExtension = new CustomAccessPackageWorkflowExtension
{
Id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
},
},
},
AdditionalData = new Dictionary<string, object>
{
{
"expiration" , new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"type", new UntypedString("afterDuration")
},
{
"duration", new UntypedString("P365D")
},
})
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies.PostAsync(requestBody);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
mgc-beta identity-governance entitlement-management access-package-assignment-policies create --body '{\
"displayName": "extension-policy",\
"description": "test",\
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",\
"expiration": {\
"type": "afterDuration",\
"duration": "P365D"\
},\
"canExtend": false,\
"requestApprovalSettings": null,\
"requestorSettings": {\
"acceptRequests": true,\
"scopeType": "AllExistingDirectorySubjects",\
"allowedRequestors": [],\
"isOnBehalfAllowed": false\
},\
"accessReviewSettings": null,\
"questions": [],\
"customExtensionHandlers": [\
{\
"stage": "assignmentRequestCreated",\
"customExtension": {\
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"\
}\
},\
{\
"stage": "assignmentRequestGranted",\
"customExtension": {\
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"\
}\
}\
]\
}\
'
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentPolicy()
displayName := "extension-policy"
requestBody.SetDisplayName(&displayName)
description := "test"
requestBody.SetDescription(&description)
accessPackageId := "ba5807c7-2aa9-4c8a-907e-4a17ee587500"
requestBody.SetAccessPackageId(&accessPackageId)
canExtend := false
requestBody.SetCanExtend(&canExtend)
requestApprovalSettings := null
requestBody.SetRequestApprovalSettings(&requestApprovalSettings)
requestorSettings := graphmodels.NewRequestorSettings()
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
scopeType := "AllExistingDirectorySubjects"
requestorSettings.SetScopeType(&scopeType)
allowedRequestors := []graphmodels.UserSetable {
}
requestorSettings.SetAllowedRequestors(allowedRequestors)
additionalData := map[string]interface{}{
isOnBehalfAllowed := false
requestorSettings.SetIsOnBehalfAllowed(&isOnBehalfAllowed)
}
requestorSettings.SetAdditionalData(additionalData)
requestBody.SetRequestorSettings(requestorSettings)
accessReviewSettings := null
requestBody.SetAccessReviewSettings(&accessReviewSettings)
questions := []graphmodels.AccessPackageQuestionable {
}
requestBody.SetQuestions(questions)
customExtensionHandler := graphmodels.NewCustomExtensionHandler()
stage := graphmodels.ASSIGNMENTREQUESTCREATED_ACCESSPACKAGECUSTOMEXTENSIONSTAGE
customExtensionHandler.SetStage(&stage)
customExtension := graphmodels.NewCustomAccessPackageWorkflowExtension()
id := "219f57b6-7983-45a1-be01-2c228b7a43f8"
customExtension.SetId(&id)
customExtensionHandler.SetCustomExtension(customExtension)
customExtensionHandler1 := graphmodels.NewCustomExtensionHandler()
stage := graphmodels.ASSIGNMENTREQUESTGRANTED_ACCESSPACKAGECUSTOMEXTENSIONSTAGE
customExtensionHandler1.SetStage(&stage)
customExtension := graphmodels.NewCustomAccessPackageWorkflowExtension()
id := "219f57b6-7983-45a1-be01-2c228b7a43f8"
customExtension.SetId(&id)
customExtensionHandler1.SetCustomExtension(customExtension)
customExtensionHandlers := []graphmodels.CustomExtensionHandlerable {
customExtensionHandler,
customExtensionHandler1,
}
requestBody.SetCustomExtensionHandlers(customExtensionHandlers)
additionalData := map[string]interface{}{
expiration := graph.New()
type := "afterDuration"
expiration.SetType(&type)
duration := "P365D"
expiration.SetDuration(&duration)
requestBody.SetExpiration(expiration)
}
requestBody.SetAdditionalData(additionalData)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessPackageAssignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(context.Background(), requestBody, nil)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.setDisplayName("extension-policy");
accessPackageAssignmentPolicy.setDescription("test");
accessPackageAssignmentPolicy.setAccessPackageId("ba5807c7-2aa9-4c8a-907e-4a17ee587500");
accessPackageAssignmentPolicy.setCanExtend(false);
accessPackageAssignmentPolicy.setRequestApprovalSettings(null);
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.setAcceptRequests(true);
requestorSettings.setScopeType("AllExistingDirectorySubjects");
LinkedList<UserSet> allowedRequestors = new LinkedList<UserSet>();
requestorSettings.setAllowedRequestors(allowedRequestors);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("isOnBehalfAllowed", false);
requestorSettings.setAdditionalData(additionalData);
accessPackageAssignmentPolicy.setRequestorSettings(requestorSettings);
accessPackageAssignmentPolicy.setAccessReviewSettings(null);
LinkedList<AccessPackageQuestion> questions = new LinkedList<AccessPackageQuestion>();
accessPackageAssignmentPolicy.setQuestions(questions);
LinkedList<CustomExtensionHandler> customExtensionHandlers = new LinkedList<CustomExtensionHandler>();
CustomExtensionHandler customExtensionHandler = new CustomExtensionHandler();
customExtensionHandler.setStage(AccessPackageCustomExtensionStage.AssignmentRequestCreated);
CustomAccessPackageWorkflowExtension customExtension = new CustomAccessPackageWorkflowExtension();
customExtension.setId("219f57b6-7983-45a1-be01-2c228b7a43f8");
customExtensionHandler.setCustomExtension(customExtension);
customExtensionHandlers.add(customExtensionHandler);
CustomExtensionHandler customExtensionHandler1 = new CustomExtensionHandler();
customExtensionHandler1.setStage(AccessPackageCustomExtensionStage.AssignmentRequestGranted);
CustomAccessPackageWorkflowExtension customExtension1 = new CustomAccessPackageWorkflowExtension();
customExtension1.setId("219f57b6-7983-45a1-be01-2c228b7a43f8");
customExtensionHandler1.setCustomExtension(customExtension1);
customExtensionHandlers.add(customExtensionHandler1);
accessPackageAssignmentPolicy.setCustomExtensionHandlers(customExtensionHandlers);
HashMap<String, Object> additionalData1 = new HashMap<String, Object>();
expiration = new ();
expiration.setType("afterDuration");
expiration.setDuration("P365D");
additionalData1.put("expiration", expiration);
accessPackageAssignmentPolicy.setAdditionalData(additionalData1);
AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies().post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
displayName: 'extension-policy',
description: 'test',
accessPackageId: 'ba5807c7-2aa9-4c8a-907e-4a17ee587500',
expiration: {
type: 'afterDuration',
duration: 'P365D'
},
canExtend: false,
requestApprovalSettings: null,
requestorSettings: {
acceptRequests: true,
scopeType: 'AllExistingDirectorySubjects',
allowedRequestors: [],
isOnBehalfAllowed: false
},
accessReviewSettings: null,
questions: [],
customExtensionHandlers: [
{
stage: 'assignmentRequestCreated',
customExtension: {
id: '219f57b6-7983-45a1-be01-2c228b7a43f8'
}
},
{
stage: 'assignmentRequestGranted',
customExtension: {
id: '219f57b6-7983-45a1-be01-2c228b7a43f8'
}
}
]
};
await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
.version('beta')
.post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAssignmentPolicy;
use Microsoft\Graph\Beta\Generated\Models\RequestorSettings;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageQuestion;
use Microsoft\Graph\Beta\Generated\Models\CustomExtensionHandler;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageCustomExtensionStage;
use Microsoft\Graph\Beta\Generated\Models\CustomAccessPackageWorkflowExtension;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentPolicy();
$requestBody->setDisplayName('extension-policy');
$requestBody->setDescription('test');
$requestBody->setAccessPackageId('ba5807c7-2aa9-4c8a-907e-4a17ee587500');
$requestBody->setCanExtend(false);
$requestBody->setRequestApprovalSettings(null);
$requestorSettings = new RequestorSettings();
$requestorSettings->setAcceptRequests(true);
$requestorSettings->setScopeType('AllExistingDirectorySubjects');
$requestorSettings->setAllowedRequestors([ ]);
$additionalData = [
'isOnBehalfAllowed' => false,
];
$requestorSettings->setAdditionalData($additionalData);
$requestBody->setRequestorSettings($requestorSettings);
$requestBody->setAccessReviewSettings(null);
$requestBody->setQuestions([ ]);
$customExtensionHandlersCustomExtensionHandler1 = new CustomExtensionHandler();
$customExtensionHandlersCustomExtensionHandler1->setStage(new AccessPackageCustomExtensionStage('assignmentRequestCreated'));
$customExtensionHandlersCustomExtensionHandler1CustomExtension = new CustomAccessPackageWorkflowExtension();
$customExtensionHandlersCustomExtensionHandler1CustomExtension->setId('219f57b6-7983-45a1-be01-2c228b7a43f8');
$customExtensionHandlersCustomExtensionHandler1->setCustomExtension($customExtensionHandlersCustomExtensionHandler1CustomExtension);
$customExtensionHandlersArray []= $customExtensionHandlersCustomExtensionHandler1;
$customExtensionHandlersCustomExtensionHandler2 = new CustomExtensionHandler();
$customExtensionHandlersCustomExtensionHandler2->setStage(new AccessPackageCustomExtensionStage('assignmentRequestGranted'));
$customExtensionHandlersCustomExtensionHandler2CustomExtension = new CustomAccessPackageWorkflowExtension();
$customExtensionHandlersCustomExtensionHandler2CustomExtension->setId('219f57b6-7983-45a1-be01-2c228b7a43f8');
$customExtensionHandlersCustomExtensionHandler2->setCustomExtension($customExtensionHandlersCustomExtensionHandler2CustomExtension);
$customExtensionHandlersArray []= $customExtensionHandlersCustomExtensionHandler2;
$requestBody->setCustomExtensionHandlers($customExtensionHandlersArray);
$additionalData = [
'expiration' => [
'type' => 'afterDuration',
'duration' => 'P365D',
],
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackageAssignmentPolicies()->post($requestBody)->wait();
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
displayName = "extension-policy"
description = "test"
accessPackageId = "ba5807c7-2aa9-4c8a-907e-4a17ee587500"
expiration = @{
type = "afterDuration"
duration = "P365D"
}
canExtend = $false
requestApprovalSettings = $null
requestorSettings = @{
acceptRequests = $true
scopeType = "AllExistingDirectorySubjects"
allowedRequestors = @(
)
isOnBehalfAllowed = $false
}
accessReviewSettings = $null
questions = @(
)
customExtensionHandlers = @(
@{
stage = "assignmentRequestCreated"
customExtension = @{
id = "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
}
@{
stage = "assignmentRequestGranted"
customExtension = @{
id = "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
}
)
}
New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_package_assignment_policy import AccessPackageAssignmentPolicy
from msgraph_beta.generated.models.requestor_settings import RequestorSettings
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.access_package_question import AccessPackageQuestion
from msgraph_beta.generated.models.custom_extension_handler import CustomExtensionHandler
from msgraph_beta.generated.models.access_package_custom_extension_stage import AccessPackageCustomExtensionStage
from msgraph_beta.generated.models.custom_access_package_workflow_extension import CustomAccessPackageWorkflowExtension
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentPolicy(
display_name = "extension-policy",
description = "test",
access_package_id = "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
can_extend = False,
request_approval_settings = None,
requestor_settings = RequestorSettings(
accept_requests = True,
scope_type = "AllExistingDirectorySubjects",
allowed_requestors = [
],
additional_data = {
"is_on_behalf_allowed" : False,
}
),
access_review_settings = None,
questions = [
],
custom_extension_handlers = [
CustomExtensionHandler(
stage = AccessPackageCustomExtensionStage.AssignmentRequestCreated,
custom_extension = CustomAccessPackageWorkflowExtension(
id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
),
),
CustomExtensionHandler(
stage = AccessPackageCustomExtensionStage.AssignmentRequestGranted,
custom_extension = CustomAccessPackageWorkflowExtension(
id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
),
),
],
additional_data = {
"expiration" : {
"type" : "afterDuration",
"duration" : "P365D",
},
}
)
result = await graph_client.identity_governance.entitlement_management.access_package_assignment_policies.post(request_body)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
以下示例显示了相应的响应。 默认情况下不返回 customExtensionHandlers 对象。 若要检索此对象,请将 GET 方法与 一起使用 $expand
。 有关详细信息,请参阅 检索策略的自定义扩展处理程序
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
"displayName": "extension-policy",
"description": "test",
"canExtend": false,
"durationInDays": 0,
"expirationDateTime": null,
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
"accessReviewSettings": null,
"questions": [],
"requestorSettings": {
"scopeType": "AllExistingDirectorySubjects",
"acceptRequests": true,
"allowedRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequired": false,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": false,
"approvalMode": "NoApproval",
"approvalStages": []
}
}
示例 5:创建策略并指定触发预定义访问包自定义扩展的阶段
在以下示例中,预定义 的 accessPackageCustomWorkflowExtension 对象通过创建或批准访问包分配请求触发。 customExtension 属性中的标识符对应于 accessPackageCustomWorkflowExtension 对象的 ID。
请求
以下示例显示了一个请求。
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json
{
"displayName": "extension-policy",
"description": "test",
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
"expiration": {
"type": "afterDuration",
"duration": "P365D"
},
"canExtend": false,
"requestApprovalSettings": null,
"requestorSettings": {
"acceptRequests": true,
"scopeType": "AllExistingDirectorySubjects",
"allowedRequestors": [],
"isOnBehalfAllowed": false
},
"accessReviewSettings": null,
"questions": [],
"customExtensionStageSettings": [
{
"stage": "assignmentRequestCreated",
"customExtension": {
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
},
{
"stage": "assignmentRequestGranted",
"customExtension": {
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
using Microsoft.Kiota.Abstractions.Serialization;
var requestBody = new AccessPackageAssignmentPolicy
{
DisplayName = "extension-policy",
Description = "test",
AccessPackageId = "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
CanExtend = false,
RequestApprovalSettings = null,
RequestorSettings = new RequestorSettings
{
AcceptRequests = true,
ScopeType = "AllExistingDirectorySubjects",
AllowedRequestors = new List<UserSet>
{
},
AdditionalData = new Dictionary<string, object>
{
{
"isOnBehalfAllowed" , false
},
},
},
AccessReviewSettings = null,
Questions = new List<AccessPackageQuestion>
{
},
CustomExtensionStageSettings = new List<CustomExtensionStageSetting>
{
new CustomExtensionStageSetting
{
Stage = AccessPackageCustomExtensionStage.AssignmentRequestCreated,
CustomExtension = new CustomCalloutExtension
{
Id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
},
},
new CustomExtensionStageSetting
{
Stage = AccessPackageCustomExtensionStage.AssignmentRequestGranted,
CustomExtension = new CustomCalloutExtension
{
Id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
},
},
},
AdditionalData = new Dictionary<string, object>
{
{
"expiration" , new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"type", new UntypedString("afterDuration")
},
{
"duration", new UntypedString("P365D")
},
})
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies.PostAsync(requestBody);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
mgc-beta identity-governance entitlement-management access-package-assignment-policies create --body '{\
"displayName": "extension-policy",\
"description": "test",\
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",\
"expiration": {\
"type": "afterDuration",\
"duration": "P365D"\
},\
"canExtend": false,\
"requestApprovalSettings": null,\
"requestorSettings": {\
"acceptRequests": true,\
"scopeType": "AllExistingDirectorySubjects",\
"allowedRequestors": [],\
"isOnBehalfAllowed": false\
},\
"accessReviewSettings": null,\
"questions": [],\
"customExtensionStageSettings": [\
{\
"stage": "assignmentRequestCreated",\
"customExtension": {\
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"\
}\
},\
{\
"stage": "assignmentRequestGranted",\
"customExtension": {\
"id": "219f57b6-7983-45a1-be01-2c228b7a43f8"\
}\
}\
]\
}\
'
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentPolicy()
displayName := "extension-policy"
requestBody.SetDisplayName(&displayName)
description := "test"
requestBody.SetDescription(&description)
accessPackageId := "ba5807c7-2aa9-4c8a-907e-4a17ee587500"
requestBody.SetAccessPackageId(&accessPackageId)
canExtend := false
requestBody.SetCanExtend(&canExtend)
requestApprovalSettings := null
requestBody.SetRequestApprovalSettings(&requestApprovalSettings)
requestorSettings := graphmodels.NewRequestorSettings()
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
scopeType := "AllExistingDirectorySubjects"
requestorSettings.SetScopeType(&scopeType)
allowedRequestors := []graphmodels.UserSetable {
}
requestorSettings.SetAllowedRequestors(allowedRequestors)
additionalData := map[string]interface{}{
isOnBehalfAllowed := false
requestorSettings.SetIsOnBehalfAllowed(&isOnBehalfAllowed)
}
requestorSettings.SetAdditionalData(additionalData)
requestBody.SetRequestorSettings(requestorSettings)
accessReviewSettings := null
requestBody.SetAccessReviewSettings(&accessReviewSettings)
questions := []graphmodels.AccessPackageQuestionable {
}
requestBody.SetQuestions(questions)
customExtensionStageSetting := graphmodels.NewCustomExtensionStageSetting()
stage := graphmodels.ASSIGNMENTREQUESTCREATED_ACCESSPACKAGECUSTOMEXTENSIONSTAGE
customExtensionStageSetting.SetStage(&stage)
customExtension := graphmodels.NewCustomCalloutExtension()
id := "219f57b6-7983-45a1-be01-2c228b7a43f8"
customExtension.SetId(&id)
customExtensionStageSetting.SetCustomExtension(customExtension)
customExtensionStageSetting1 := graphmodels.NewCustomExtensionStageSetting()
stage := graphmodels.ASSIGNMENTREQUESTGRANTED_ACCESSPACKAGECUSTOMEXTENSIONSTAGE
customExtensionStageSetting1.SetStage(&stage)
customExtension := graphmodels.NewCustomCalloutExtension()
id := "219f57b6-7983-45a1-be01-2c228b7a43f8"
customExtension.SetId(&id)
customExtensionStageSetting1.SetCustomExtension(customExtension)
customExtensionStageSettings := []graphmodels.CustomExtensionStageSettingable {
customExtensionStageSetting,
customExtensionStageSetting1,
}
requestBody.SetCustomExtensionStageSettings(customExtensionStageSettings)
additionalData := map[string]interface{}{
expiration := graph.New()
type := "afterDuration"
expiration.SetType(&type)
duration := "P365D"
expiration.SetDuration(&duration)
requestBody.SetExpiration(expiration)
}
requestBody.SetAdditionalData(additionalData)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessPackageAssignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(context.Background(), requestBody, nil)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.setDisplayName("extension-policy");
accessPackageAssignmentPolicy.setDescription("test");
accessPackageAssignmentPolicy.setAccessPackageId("ba5807c7-2aa9-4c8a-907e-4a17ee587500");
accessPackageAssignmentPolicy.setCanExtend(false);
accessPackageAssignmentPolicy.setRequestApprovalSettings(null);
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.setAcceptRequests(true);
requestorSettings.setScopeType("AllExistingDirectorySubjects");
LinkedList<UserSet> allowedRequestors = new LinkedList<UserSet>();
requestorSettings.setAllowedRequestors(allowedRequestors);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("isOnBehalfAllowed", false);
requestorSettings.setAdditionalData(additionalData);
accessPackageAssignmentPolicy.setRequestorSettings(requestorSettings);
accessPackageAssignmentPolicy.setAccessReviewSettings(null);
LinkedList<AccessPackageQuestion> questions = new LinkedList<AccessPackageQuestion>();
accessPackageAssignmentPolicy.setQuestions(questions);
LinkedList<CustomExtensionStageSetting> customExtensionStageSettings = new LinkedList<CustomExtensionStageSetting>();
CustomExtensionStageSetting customExtensionStageSetting = new CustomExtensionStageSetting();
customExtensionStageSetting.setStage(AccessPackageCustomExtensionStage.AssignmentRequestCreated);
CustomCalloutExtension customExtension = new CustomCalloutExtension();
customExtension.setId("219f57b6-7983-45a1-be01-2c228b7a43f8");
customExtensionStageSetting.setCustomExtension(customExtension);
customExtensionStageSettings.add(customExtensionStageSetting);
CustomExtensionStageSetting customExtensionStageSetting1 = new CustomExtensionStageSetting();
customExtensionStageSetting1.setStage(AccessPackageCustomExtensionStage.AssignmentRequestGranted);
CustomCalloutExtension customExtension1 = new CustomCalloutExtension();
customExtension1.setId("219f57b6-7983-45a1-be01-2c228b7a43f8");
customExtensionStageSetting1.setCustomExtension(customExtension1);
customExtensionStageSettings.add(customExtensionStageSetting1);
accessPackageAssignmentPolicy.setCustomExtensionStageSettings(customExtensionStageSettings);
HashMap<String, Object> additionalData1 = new HashMap<String, Object>();
expiration = new ();
expiration.setType("afterDuration");
expiration.setDuration("P365D");
additionalData1.put("expiration", expiration);
accessPackageAssignmentPolicy.setAdditionalData(additionalData1);
AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies().post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
displayName: 'extension-policy',
description: 'test',
accessPackageId: 'ba5807c7-2aa9-4c8a-907e-4a17ee587500',
expiration: {
type: 'afterDuration',
duration: 'P365D'
},
canExtend: false,
requestApprovalSettings: null,
requestorSettings: {
acceptRequests: true,
scopeType: 'AllExistingDirectorySubjects',
allowedRequestors: [],
isOnBehalfAllowed: false
},
accessReviewSettings: null,
questions: [],
customExtensionStageSettings: [
{
stage: 'assignmentRequestCreated',
customExtension: {
id: '219f57b6-7983-45a1-be01-2c228b7a43f8'
}
},
{
stage: 'assignmentRequestGranted',
customExtension: {
id: '219f57b6-7983-45a1-be01-2c228b7a43f8'
}
}
]
};
await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
.version('beta')
.post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAssignmentPolicy;
use Microsoft\Graph\Beta\Generated\Models\RequestorSettings;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageQuestion;
use Microsoft\Graph\Beta\Generated\Models\CustomExtensionStageSetting;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageCustomExtensionStage;
use Microsoft\Graph\Beta\Generated\Models\CustomCalloutExtension;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentPolicy();
$requestBody->setDisplayName('extension-policy');
$requestBody->setDescription('test');
$requestBody->setAccessPackageId('ba5807c7-2aa9-4c8a-907e-4a17ee587500');
$requestBody->setCanExtend(false);
$requestBody->setRequestApprovalSettings(null);
$requestorSettings = new RequestorSettings();
$requestorSettings->setAcceptRequests(true);
$requestorSettings->setScopeType('AllExistingDirectorySubjects');
$requestorSettings->setAllowedRequestors([ ]);
$additionalData = [
'isOnBehalfAllowed' => false,
];
$requestorSettings->setAdditionalData($additionalData);
$requestBody->setRequestorSettings($requestorSettings);
$requestBody->setAccessReviewSettings(null);
$requestBody->setQuestions([ ]);
$customExtensionStageSettingsCustomExtensionStageSetting1 = new CustomExtensionStageSetting();
$customExtensionStageSettingsCustomExtensionStageSetting1->setStage(new AccessPackageCustomExtensionStage('assignmentRequestCreated'));
$customExtensionStageSettingsCustomExtensionStageSetting1CustomExtension = new CustomCalloutExtension();
$customExtensionStageSettingsCustomExtensionStageSetting1CustomExtension->setId('219f57b6-7983-45a1-be01-2c228b7a43f8');
$customExtensionStageSettingsCustomExtensionStageSetting1->setCustomExtension($customExtensionStageSettingsCustomExtensionStageSetting1CustomExtension);
$customExtensionStageSettingsArray []= $customExtensionStageSettingsCustomExtensionStageSetting1;
$customExtensionStageSettingsCustomExtensionStageSetting2 = new CustomExtensionStageSetting();
$customExtensionStageSettingsCustomExtensionStageSetting2->setStage(new AccessPackageCustomExtensionStage('assignmentRequestGranted'));
$customExtensionStageSettingsCustomExtensionStageSetting2CustomExtension = new CustomCalloutExtension();
$customExtensionStageSettingsCustomExtensionStageSetting2CustomExtension->setId('219f57b6-7983-45a1-be01-2c228b7a43f8');
$customExtensionStageSettingsCustomExtensionStageSetting2->setCustomExtension($customExtensionStageSettingsCustomExtensionStageSetting2CustomExtension);
$customExtensionStageSettingsArray []= $customExtensionStageSettingsCustomExtensionStageSetting2;
$requestBody->setCustomExtensionStageSettings($customExtensionStageSettingsArray);
$additionalData = [
'expiration' => [
'type' => 'afterDuration',
'duration' => 'P365D',
],
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackageAssignmentPolicies()->post($requestBody)->wait();
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
displayName = "extension-policy"
description = "test"
accessPackageId = "ba5807c7-2aa9-4c8a-907e-4a17ee587500"
expiration = @{
type = "afterDuration"
duration = "P365D"
}
canExtend = $false
requestApprovalSettings = $null
requestorSettings = @{
acceptRequests = $true
scopeType = "AllExistingDirectorySubjects"
allowedRequestors = @(
)
isOnBehalfAllowed = $false
}
accessReviewSettings = $null
questions = @(
)
customExtensionStageSettings = @(
@{
stage = "assignmentRequestCreated"
customExtension = @{
id = "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
}
@{
stage = "assignmentRequestGranted"
customExtension = @{
id = "219f57b6-7983-45a1-be01-2c228b7a43f8"
}
}
)
}
New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_package_assignment_policy import AccessPackageAssignmentPolicy
from msgraph_beta.generated.models.requestor_settings import RequestorSettings
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.access_package_question import AccessPackageQuestion
from msgraph_beta.generated.models.custom_extension_stage_setting import CustomExtensionStageSetting
from msgraph_beta.generated.models.access_package_custom_extension_stage import AccessPackageCustomExtensionStage
from msgraph_beta.generated.models.custom_callout_extension import CustomCalloutExtension
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentPolicy(
display_name = "extension-policy",
description = "test",
access_package_id = "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
can_extend = False,
request_approval_settings = None,
requestor_settings = RequestorSettings(
accept_requests = True,
scope_type = "AllExistingDirectorySubjects",
allowed_requestors = [
],
additional_data = {
"is_on_behalf_allowed" : False,
}
),
access_review_settings = None,
questions = [
],
custom_extension_stage_settings = [
CustomExtensionStageSetting(
stage = AccessPackageCustomExtensionStage.AssignmentRequestCreated,
custom_extension = CustomCalloutExtension(
id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
),
),
CustomExtensionStageSetting(
stage = AccessPackageCustomExtensionStage.AssignmentRequestGranted,
custom_extension = CustomCalloutExtension(
id = "219f57b6-7983-45a1-be01-2c228b7a43f8",
),
),
],
additional_data = {
"expiration" : {
"type" : "afterDuration",
"duration" : "P365D",
},
}
)
result = await graph_client.identity_governance.entitlement_management.access_package_assignment_policies.post(request_body)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
以下示例显示了相应的响应。 默认情况下,不返回 customExtensionStageSettings 对象。 若要检索此对象,请将 GET accessPackageAssignmentPolicy 方法与 一起使用 $expand
。 有关详细信息,请参阅 示例 3:检索策略的自定义扩展阶段设置。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
"displayName": "extension-policy",
"description": "test",
"canExtend": false,
"durationInDays": 0,
"expirationDateTime": null,
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
"accessReviewSettings": null,
"questions": [],
"requestorSettings": {
"scopeType": "AllExistingDirectorySubjects",
"acceptRequests": true,
"allowedRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequired": false,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": false,
"approvalMode": "NoApproval",
"approvalStages": []
}
}
示例 6:创建具有可验证凭据要求的策略
请求
以下示例演示如何创建具有可验证凭据要求的访问包策略。
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json
{
"displayName": "policy-with-verified-id",
"description": "test",
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
"expiration": {
"type": "afterDuration",
"duration": "P365D"
},
"canExtend": false,
"requestApprovalSettings": null,
"requestorSettings": {
"acceptRequests": true,
"scopeType": "AllExistingDirectorySubjects",
"allowedRequestors": [],
"isOnBehalfAllowed": false
},
"accessReviewSettings": null,
"questions": [],
"customExtensionHandlers": [],
"verifiableCredentialSettings":
{
"credentialTypes":[{
"issuers": ["did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>..."],
"credentialType": "VerifiedCredentialExpert"
}]
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
using Microsoft.Kiota.Abstractions.Serialization;
var requestBody = new AccessPackageAssignmentPolicy
{
DisplayName = "policy-with-verified-id",
Description = "test",
AccessPackageId = "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
CanExtend = false,
RequestApprovalSettings = null,
RequestorSettings = new RequestorSettings
{
AcceptRequests = true,
ScopeType = "AllExistingDirectorySubjects",
AllowedRequestors = new List<UserSet>
{
},
AdditionalData = new Dictionary<string, object>
{
{
"isOnBehalfAllowed" , false
},
},
},
AccessReviewSettings = null,
Questions = new List<AccessPackageQuestion>
{
},
CustomExtensionHandlers = new List<CustomExtensionHandler>
{
},
VerifiableCredentialSettings = new VerifiableCredentialSettings
{
CredentialTypes = new List<VerifiableCredentialType>
{
new VerifiableCredentialType
{
Issuers = new List<string>
{
"did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>...",
},
CredentialType = "VerifiedCredentialExpert",
},
},
},
AdditionalData = new Dictionary<string, object>
{
{
"expiration" , new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"type", new UntypedString("afterDuration")
},
{
"duration", new UntypedString("P365D")
},
})
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies.PostAsync(requestBody);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
mgc-beta identity-governance entitlement-management access-package-assignment-policies create --body '{\
"displayName": "policy-with-verified-id",\
"description": "test",\
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",\
"expiration": {\
"type": "afterDuration",\
"duration": "P365D"\
},\
"canExtend": false,\
"requestApprovalSettings": null,\
"requestorSettings": {\
"acceptRequests": true,\
"scopeType": "AllExistingDirectorySubjects",\
"allowedRequestors": [],\
"isOnBehalfAllowed": false\
},\
"accessReviewSettings": null,\
"questions": [],\
"customExtensionHandlers": [],\
"verifiableCredentialSettings":\
{\
"credentialTypes":[{\
"issuers": ["did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>..."],\
"credentialType": "VerifiedCredentialExpert"\
}]\
}\
}\
'
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentPolicy()
displayName := "policy-with-verified-id"
requestBody.SetDisplayName(&displayName)
description := "test"
requestBody.SetDescription(&description)
accessPackageId := "ba5807c7-2aa9-4c8a-907e-4a17ee587500"
requestBody.SetAccessPackageId(&accessPackageId)
canExtend := false
requestBody.SetCanExtend(&canExtend)
requestApprovalSettings := null
requestBody.SetRequestApprovalSettings(&requestApprovalSettings)
requestorSettings := graphmodels.NewRequestorSettings()
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
scopeType := "AllExistingDirectorySubjects"
requestorSettings.SetScopeType(&scopeType)
allowedRequestors := []graphmodels.UserSetable {
}
requestorSettings.SetAllowedRequestors(allowedRequestors)
additionalData := map[string]interface{}{
isOnBehalfAllowed := false
requestorSettings.SetIsOnBehalfAllowed(&isOnBehalfAllowed)
}
requestorSettings.SetAdditionalData(additionalData)
requestBody.SetRequestorSettings(requestorSettings)
accessReviewSettings := null
requestBody.SetAccessReviewSettings(&accessReviewSettings)
questions := []graphmodels.AccessPackageQuestionable {
}
requestBody.SetQuestions(questions)
customExtensionHandlers := []graphmodels.CustomExtensionHandlerable {
}
requestBody.SetCustomExtensionHandlers(customExtensionHandlers)
verifiableCredentialSettings := graphmodels.NewVerifiableCredentialSettings()
verifiableCredentialType := graphmodels.NewVerifiableCredentialType()
issuers := []string {
"did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>...",
}
verifiableCredentialType.SetIssuers(issuers)
credentialType := "VerifiedCredentialExpert"
verifiableCredentialType.SetCredentialType(&credentialType)
credentialTypes := []graphmodels.VerifiableCredentialTypeable {
verifiableCredentialType,
}
verifiableCredentialSettings.SetCredentialTypes(credentialTypes)
requestBody.SetVerifiableCredentialSettings(verifiableCredentialSettings)
additionalData := map[string]interface{}{
expiration := graph.New()
type := "afterDuration"
expiration.SetType(&type)
duration := "P365D"
expiration.SetDuration(&duration)
requestBody.SetExpiration(expiration)
}
requestBody.SetAdditionalData(additionalData)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessPackageAssignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(context.Background(), requestBody, nil)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.setDisplayName("policy-with-verified-id");
accessPackageAssignmentPolicy.setDescription("test");
accessPackageAssignmentPolicy.setAccessPackageId("ba5807c7-2aa9-4c8a-907e-4a17ee587500");
accessPackageAssignmentPolicy.setCanExtend(false);
accessPackageAssignmentPolicy.setRequestApprovalSettings(null);
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.setAcceptRequests(true);
requestorSettings.setScopeType("AllExistingDirectorySubjects");
LinkedList<UserSet> allowedRequestors = new LinkedList<UserSet>();
requestorSettings.setAllowedRequestors(allowedRequestors);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("isOnBehalfAllowed", false);
requestorSettings.setAdditionalData(additionalData);
accessPackageAssignmentPolicy.setRequestorSettings(requestorSettings);
accessPackageAssignmentPolicy.setAccessReviewSettings(null);
LinkedList<AccessPackageQuestion> questions = new LinkedList<AccessPackageQuestion>();
accessPackageAssignmentPolicy.setQuestions(questions);
LinkedList<CustomExtensionHandler> customExtensionHandlers = new LinkedList<CustomExtensionHandler>();
accessPackageAssignmentPolicy.setCustomExtensionHandlers(customExtensionHandlers);
VerifiableCredentialSettings verifiableCredentialSettings = new VerifiableCredentialSettings();
LinkedList<VerifiableCredentialType> credentialTypes = new LinkedList<VerifiableCredentialType>();
VerifiableCredentialType verifiableCredentialType = new VerifiableCredentialType();
LinkedList<String> issuers = new LinkedList<String>();
issuers.add("did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>...");
verifiableCredentialType.setIssuers(issuers);
verifiableCredentialType.setCredentialType("VerifiedCredentialExpert");
credentialTypes.add(verifiableCredentialType);
verifiableCredentialSettings.setCredentialTypes(credentialTypes);
accessPackageAssignmentPolicy.setVerifiableCredentialSettings(verifiableCredentialSettings);
HashMap<String, Object> additionalData1 = new HashMap<String, Object>();
expiration = new ();
expiration.setType("afterDuration");
expiration.setDuration("P365D");
additionalData1.put("expiration", expiration);
accessPackageAssignmentPolicy.setAdditionalData(additionalData1);
AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies().post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
displayName: 'policy-with-verified-id',
description: 'test',
accessPackageId: 'ba5807c7-2aa9-4c8a-907e-4a17ee587500',
expiration: {
type: 'afterDuration',
duration: 'P365D'
},
canExtend: false,
requestApprovalSettings: null,
requestorSettings: {
acceptRequests: true,
scopeType: 'AllExistingDirectorySubjects',
allowedRequestors: [],
isOnBehalfAllowed: false
},
accessReviewSettings: null,
questions: [],
customExtensionHandlers: [],
verifiableCredentialSettings:
{
credentialTypes: [{
issuers: ['did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>...'],
credentialType: 'VerifiedCredentialExpert'
}]
}
};
await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
.version('beta')
.post(accessPackageAssignmentPolicy);
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageAssignmentPolicy;
use Microsoft\Graph\Beta\Generated\Models\RequestorSettings;
use Microsoft\Graph\Beta\Generated\Models\UserSet;
use Microsoft\Graph\Beta\Generated\Models\AccessPackageQuestion;
use Microsoft\Graph\Beta\Generated\Models\CustomExtensionHandler;
use Microsoft\Graph\Beta\Generated\Models\VerifiableCredentialSettings;
use Microsoft\Graph\Beta\Generated\Models\VerifiableCredentialType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentPolicy();
$requestBody->setDisplayName('policy-with-verified-id');
$requestBody->setDescription('test');
$requestBody->setAccessPackageId('ba5807c7-2aa9-4c8a-907e-4a17ee587500');
$requestBody->setCanExtend(false);
$requestBody->setRequestApprovalSettings(null);
$requestorSettings = new RequestorSettings();
$requestorSettings->setAcceptRequests(true);
$requestorSettings->setScopeType('AllExistingDirectorySubjects');
$requestorSettings->setAllowedRequestors([ ]);
$additionalData = [
'isOnBehalfAllowed' => false,
];
$requestorSettings->setAdditionalData($additionalData);
$requestBody->setRequestorSettings($requestorSettings);
$requestBody->setAccessReviewSettings(null);
$requestBody->setQuestions([ ]);
$requestBody->setCustomExtensionHandlers([ ]);
$verifiableCredentialSettings = new VerifiableCredentialSettings();
$credentialTypesVerifiableCredentialType1 = new VerifiableCredentialType();
$credentialTypesVerifiableCredentialType1->setIssuers(['did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>...', ]);
$credentialTypesVerifiableCredentialType1->setCredentialType('VerifiedCredentialExpert');
$credentialTypesArray []= $credentialTypesVerifiableCredentialType1;
$verifiableCredentialSettings->setCredentialTypes($credentialTypesArray);
$requestBody->setVerifiableCredentialSettings($verifiableCredentialSettings);
$additionalData = [
'expiration' => [
'type' => 'afterDuration',
'duration' => 'P365D',
],
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackageAssignmentPolicies()->post($requestBody)->wait();
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
displayName = "policy-with-verified-id"
description = "test"
accessPackageId = "ba5807c7-2aa9-4c8a-907e-4a17ee587500"
expiration = @{
type = "afterDuration"
duration = "P365D"
}
canExtend = $false
requestApprovalSettings = $null
requestorSettings = @{
acceptRequests = $true
scopeType = "AllExistingDirectorySubjects"
allowedRequestors = @(
)
isOnBehalfAllowed = $false
}
accessReviewSettings = $null
questions = @(
)
customExtensionHandlers = @(
)
verifiableCredentialSettings = @{
credentialTypes = @(
@{
issuers = @(
"did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>..."
)
credentialType = "VerifiedCredentialExpert"
}
)
}
}
New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.access_package_assignment_policy import AccessPackageAssignmentPolicy
from msgraph_beta.generated.models.requestor_settings import RequestorSettings
from msgraph_beta.generated.models.user_set import UserSet
from msgraph_beta.generated.models.access_package_question import AccessPackageQuestion
from msgraph_beta.generated.models.custom_extension_handler import CustomExtensionHandler
from msgraph_beta.generated.models.verifiable_credential_settings import VerifiableCredentialSettings
from msgraph_beta.generated.models.verifiable_credential_type import VerifiableCredentialType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentPolicy(
display_name = "policy-with-verified-id",
description = "test",
access_package_id = "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
can_extend = False,
request_approval_settings = None,
requestor_settings = RequestorSettings(
accept_requests = True,
scope_type = "AllExistingDirectorySubjects",
allowed_requestors = [
],
additional_data = {
"is_on_behalf_allowed" : False,
}
),
access_review_settings = None,
questions = [
],
custom_extension_handlers = [
],
verifiable_credential_settings = VerifiableCredentialSettings(
credential_types = [
VerifiableCredentialType(
issuers = [
"did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>...",
],
credential_type = "VerifiedCredentialExpert",
),
],
),
additional_data = {
"expiration" : {
"type" : "afterDuration",
"duration" : "P365D",
},
}
)
result = await graph_client.identity_governance.entitlement_management.access_package_assignment_policies.post(request_body)
重要
Microsoft Graph SDK 默认使用 v1.0 版本的 API,并且不支持 beta 版本中提供的所有类型、属性和 API。 有关使用 SDK 访问 beta API 的详细信息,请参阅将 Microsoft Graph SDK 与 beta API 配合使用。
有关如何将 SDK 添加到项目并 创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
"displayName": "extension-policy",
"description": "test",
"canExtend": false,
"durationInDays": 0,
"expirationDateTime": null,
"accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
"accessReviewSettings": null,
"questions": [],
"requestorSettings": {
"scopeType": "AllExistingDirectorySubjects",
"acceptRequests": true,
"allowedRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequired": false,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": false,
"approvalMode": "NoApproval",
"approvalStages": []
},
"customExtensionHandlers": [],
"verifiableCredentialSettings": {
"credentialTypes":[{
"issuers": ["did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>..."],
"credentialType": "VerifiedCredentialExpert"
}]
}
}
反馈
此页面是否有帮助?