POST https://graph.microsoft.com/beta/identityGovernance/permissionsManagement/scheduledPermissionsRequests
Content-Type: application/json
{
"requestedPermissions": {
"@odata.type": "#microsoft.graph.awsPermissionsDefinition",
"authorizationSystemInfo": {
"authorizationSystemId": "956987887735",
"authorizationSystemType": "AWS"
},
"actionInfo": {
"@odata.type": "microsoft.graph.awsPolicyPermissionsDefinitionAction",
"policies": [
{
"id": "arn:aws:iam::956987887735:policy/AddUserToGroup"
}
],
"assignToRoleId": "arn:aws:aim::956987887735:role/saml-user"
},
"identityInfo": {
"externalId": "alex@contoso.com",
"source": {
"@odata.type": "microsoft.graph.samlIdentitySource"
},
"identityType": "user"
}
},
"justification": "I need to do this because I want to add a user to a group",
"notes": "Pretty Please",
"scheduleInfo": {
"expiration": {
"duration": "PT1H"
}
},
"ticketInfo": {
"ticketNumber": "INC1234567",
"ticketSystem": "ServiceNow",
"ticketSubmitterIdentityId": "alex@contoso.com",
"ticketApproverIdentityId": "alexmanager@contoso.com"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new ScheduledPermissionsRequest
{
RequestedPermissions = new AwsPermissionsDefinition
{
OdataType = "#microsoft.graph.awsPermissionsDefinition",
AuthorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem
{
AuthorizationSystemId = "956987887735",
AuthorizationSystemType = "AWS",
},
ActionInfo = new AwsPolicyPermissionsDefinitionAction
{
OdataType = "microsoft.graph.awsPolicyPermissionsDefinitionAction",
Policies = new List<PermissionsDefinitionAwsPolicy>
{
new PermissionsDefinitionAwsPolicy
{
Id = "arn:aws:iam::956987887735:policy/AddUserToGroup",
},
},
AssignToRoleId = "arn:aws:aim::956987887735:role/saml-user",
},
IdentityInfo = new PermissionsDefinitionAuthorizationSystemIdentity
{
ExternalId = "alex@contoso.com",
Source = new SamlIdentitySource
{
OdataType = "microsoft.graph.samlIdentitySource",
},
IdentityType = PermissionsDefinitionIdentityType.User,
},
},
Justification = "I need to do this because I want to add a user to a group",
Notes = "Pretty Please",
ScheduleInfo = new RequestSchedule
{
Expiration = new ExpirationPattern
{
Duration = TimeSpan.Parse("PT1H"),
},
},
TicketInfo = new TicketInfo
{
TicketNumber = "INC1234567",
TicketSystem = "ServiceNow",
TicketSubmitterIdentityId = "alex@contoso.com",
TicketApproverIdentityId = "alexmanager@contoso.com",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.PermissionsManagement.ScheduledPermissionsRequests.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
ScheduledPermissionsRequest scheduledPermissionsRequest = new ScheduledPermissionsRequest();
AwsPermissionsDefinition requestedPermissions = new AwsPermissionsDefinition();
requestedPermissions.setOdataType("#microsoft.graph.awsPermissionsDefinition");
PermissionsDefinitionAuthorizationSystem authorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem();
authorizationSystemInfo.setAuthorizationSystemId("956987887735");
authorizationSystemInfo.setAuthorizationSystemType("AWS");
requestedPermissions.setAuthorizationSystemInfo(authorizationSystemInfo);
AwsPolicyPermissionsDefinitionAction actionInfo = new AwsPolicyPermissionsDefinitionAction();
actionInfo.setOdataType("microsoft.graph.awsPolicyPermissionsDefinitionAction");
LinkedList<PermissionsDefinitionAwsPolicy> policies = new LinkedList<PermissionsDefinitionAwsPolicy>();
PermissionsDefinitionAwsPolicy permissionsDefinitionAwsPolicy = new PermissionsDefinitionAwsPolicy();
permissionsDefinitionAwsPolicy.setId("arn:aws:iam::956987887735:policy/AddUserToGroup");
policies.add(permissionsDefinitionAwsPolicy);
actionInfo.setPolicies(policies);
actionInfo.setAssignToRoleId("arn:aws:aim::956987887735:role/saml-user");
requestedPermissions.setActionInfo(actionInfo);
PermissionsDefinitionAuthorizationSystemIdentity identityInfo = new PermissionsDefinitionAuthorizationSystemIdentity();
identityInfo.setExternalId("alex@contoso.com");
SamlIdentitySource source = new SamlIdentitySource();
source.setOdataType("microsoft.graph.samlIdentitySource");
identityInfo.setSource(source);
identityInfo.setIdentityType(PermissionsDefinitionIdentityType.User);
requestedPermissions.setIdentityInfo(identityInfo);
scheduledPermissionsRequest.setRequestedPermissions(requestedPermissions);
scheduledPermissionsRequest.setJustification("I need to do this because I want to add a user to a group");
scheduledPermissionsRequest.setNotes("Pretty Please");
RequestSchedule scheduleInfo = new RequestSchedule();
ExpirationPattern expiration = new ExpirationPattern();
PeriodAndDuration duration = PeriodAndDuration.ofDuration(Duration.parse("PT1H"));
expiration.setDuration(duration);
scheduleInfo.setExpiration(expiration);
scheduledPermissionsRequest.setScheduleInfo(scheduleInfo);
TicketInfo ticketInfo = new TicketInfo();
ticketInfo.setTicketNumber("INC1234567");
ticketInfo.setTicketSystem("ServiceNow");
ticketInfo.setTicketSubmitterIdentityId("alex@contoso.com");
ticketInfo.setTicketApproverIdentityId("alexmanager@contoso.com");
scheduledPermissionsRequest.setTicketInfo(ticketInfo);
ScheduledPermissionsRequest result = graphClient.identityGovernance().permissionsManagement().scheduledPermissionsRequests().post(scheduledPermissionsRequest);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\ScheduledPermissionsRequest;
use Microsoft\Graph\Beta\Generated\Models\AwsPermissionsDefinition;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAuthorizationSystem;
use Microsoft\Graph\Beta\Generated\Models\AwsPolicyPermissionsDefinitionAction;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAwsPolicy;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAuthorizationSystemIdentity;
use Microsoft\Graph\Beta\Generated\Models\SamlIdentitySource;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionIdentityType;
use Microsoft\Graph\Beta\Generated\Models\RequestSchedule;
use Microsoft\Graph\Beta\Generated\Models\ExpirationPattern;
use Microsoft\Graph\Beta\Generated\Models\TicketInfo;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new ScheduledPermissionsRequest();
$requestedPermissions = new AwsPermissionsDefinition();
$requestedPermissions->setOdataType('#microsoft.graph.awsPermissionsDefinition');
$requestedPermissionsAuthorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem();
$requestedPermissionsAuthorizationSystemInfo->setAuthorizationSystemId('956987887735');
$requestedPermissionsAuthorizationSystemInfo->setAuthorizationSystemType('AWS');
$requestedPermissions->setAuthorizationSystemInfo($requestedPermissionsAuthorizationSystemInfo);
$requestedPermissionsActionInfo = new AwsPolicyPermissionsDefinitionAction();
$requestedPermissionsActionInfo->setOdataType('microsoft.graph.awsPolicyPermissionsDefinitionAction');
$policiesPermissionsDefinitionAwsPolicy1 = new PermissionsDefinitionAwsPolicy();
$policiesPermissionsDefinitionAwsPolicy1->setId('arn:aws:iam::956987887735:policy/AddUserToGroup');
$policiesArray []= $policiesPermissionsDefinitionAwsPolicy1;
$requestedPermissionsActionInfo->setPolicies($policiesArray);
$requestedPermissionsActionInfo->setAssignToRoleId('arn:aws:aim::956987887735:role/saml-user');
$requestedPermissions->setActionInfo($requestedPermissionsActionInfo);
$requestedPermissionsIdentityInfo = new PermissionsDefinitionAuthorizationSystemIdentity();
$requestedPermissionsIdentityInfo->setExternalId('alex@contoso.com');
$requestedPermissionsIdentityInfoSource = new SamlIdentitySource();
$requestedPermissionsIdentityInfoSource->setOdataType('microsoft.graph.samlIdentitySource');
$requestedPermissionsIdentityInfo->setSource($requestedPermissionsIdentityInfoSource);
$requestedPermissionsIdentityInfo->setIdentityType(new PermissionsDefinitionIdentityType('user'));
$requestedPermissions->setIdentityInfo($requestedPermissionsIdentityInfo);
$requestBody->setRequestedPermissions($requestedPermissions);
$requestBody->setJustification('I need to do this because I want to add a user to a group');
$requestBody->setNotes('Pretty Please');
$scheduleInfo = new RequestSchedule();
$scheduleInfoExpiration = new ExpirationPattern();
$scheduleInfoExpiration->setDuration(new \DateInterval('PT1H'));
$scheduleInfo->setExpiration($scheduleInfoExpiration);
$requestBody->setScheduleInfo($scheduleInfo);
$ticketInfo = new TicketInfo();
$ticketInfo->setTicketNumber('INC1234567');
$ticketInfo->setTicketSystem('ServiceNow');
$ticketInfo->setTicketSubmitterIdentityId('alex@contoso.com');
$ticketInfo->setTicketApproverIdentityId('alexmanager@contoso.com');
$requestBody->setTicketInfo($ticketInfo);
$result = $graphServiceClient->identityGovernance()->permissionsManagement()->scheduledPermissionsRequests()->post($requestBody)->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.scheduled_permissions_request import ScheduledPermissionsRequest
from msgraph_beta.generated.models.aws_permissions_definition import AwsPermissionsDefinition
from msgraph_beta.generated.models.permissions_definition_authorization_system import PermissionsDefinitionAuthorizationSystem
from msgraph_beta.generated.models.aws_policy_permissions_definition_action import AwsPolicyPermissionsDefinitionAction
from msgraph_beta.generated.models.permissions_definition_aws_policy import PermissionsDefinitionAwsPolicy
from msgraph_beta.generated.models.permissions_definition_authorization_system_identity import PermissionsDefinitionAuthorizationSystemIdentity
from msgraph_beta.generated.models.saml_identity_source import SamlIdentitySource
from msgraph_beta.generated.models.permissions_definition_identity_type import PermissionsDefinitionIdentityType
from msgraph_beta.generated.models.request_schedule import RequestSchedule
from msgraph_beta.generated.models.expiration_pattern import ExpirationPattern
from msgraph_beta.generated.models.ticket_info import TicketInfo
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = ScheduledPermissionsRequest(
requested_permissions = AwsPermissionsDefinition(
odata_type = "#microsoft.graph.awsPermissionsDefinition",
authorization_system_info = PermissionsDefinitionAuthorizationSystem(
authorization_system_id = "956987887735",
authorization_system_type = "AWS",
),
action_info = AwsPolicyPermissionsDefinitionAction(
odata_type = "microsoft.graph.awsPolicyPermissionsDefinitionAction",
policies = [
PermissionsDefinitionAwsPolicy(
id = "arn:aws:iam::956987887735:policy/AddUserToGroup",
),
],
assign_to_role_id = "arn:aws:aim::956987887735:role/saml-user",
),
identity_info = PermissionsDefinitionAuthorizationSystemIdentity(
external_id = "alex@contoso.com",
source = SamlIdentitySource(
odata_type = "microsoft.graph.samlIdentitySource",
),
identity_type = PermissionsDefinitionIdentityType.User,
),
),
justification = "I need to do this because I want to add a user to a group",
notes = "Pretty Please",
schedule_info = RequestSchedule(
expiration = ExpirationPattern(
duration = "PT1H",
),
),
ticket_info = TicketInfo(
ticket_number = "INC1234567",
ticket_system = "ServiceNow",
ticket_submitter_identity_id = "alex@contoso.com",
ticket_approver_identity_id = "alexmanager@contoso.com",
),
)
result = await graph_client.identity_governance.permissions_management.scheduled_permissions_requests.post(request_body)
POST https://graph.microsoft.com/beta/identityGovernance/permissionsManagement/scheduledPermissionsRequests
Content-Type: application/json
{
"requestedPermissions": {
"@odata.type": "microsoft.graph.singleResourceAzurePermissionsDefinition",
"authorizationSystemInfo": {
"authorizationSystemId": "87eefd90-95a3-480a-ba42-56ff299a05ee",
"authorizationSystemType": "AZURE"
},
"actionInfo": {
"@odata.type": "microsoft.graph.azureRolePermissionsDefinitionAction",
"roles": [
{
"id": "cdda3590-29a3-44f6-95f2-9f980659eb04"
},
{
"id": "312a565d-c81f-4fd8-895a-4e21e48d571c"
}
]
},
"identityInfo": {
"externalId": "alex@contoso.com",
"source": {
"@odata.type": "microsoft.graph.edIdentitySource"
},
"identityType": "user"
},
"resourceId": "/subscriptions/87eefd90-95a3-480a-ba42-56ff299a05ee"
},
"justification": "I need to do this because I want to some new azure roles",
"notes": "Pretty Pleaseeeee",
"scheduleInfo": {
"expiration": {
"duration": "PT1H"
},
"recurrence": null
},
"ticketInfo": {
"ticketNumber": "INC1234567",
"ticketSystem": "ServiceNow",
"ticketSubmitterIdentityId": "alex@contoso.com",
"ticketApproverIdentityId": "alexmanager@contoso.com"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new ScheduledPermissionsRequest
{
RequestedPermissions = new SingleResourceAzurePermissionsDefinition
{
OdataType = "microsoft.graph.singleResourceAzurePermissionsDefinition",
AuthorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem
{
AuthorizationSystemId = "87eefd90-95a3-480a-ba42-56ff299a05ee",
AuthorizationSystemType = "AZURE",
},
ActionInfo = new AzureRolePermissionsDefinitionAction
{
OdataType = "microsoft.graph.azureRolePermissionsDefinitionAction",
Roles = new List<PermissionsDefinitionAzureRole>
{
new PermissionsDefinitionAzureRole
{
Id = "cdda3590-29a3-44f6-95f2-9f980659eb04",
},
new PermissionsDefinitionAzureRole
{
Id = "312a565d-c81f-4fd8-895a-4e21e48d571c",
},
},
},
IdentityInfo = new PermissionsDefinitionAuthorizationSystemIdentity
{
ExternalId = "alex@contoso.com",
Source = new EdIdentitySource
{
OdataType = "microsoft.graph.edIdentitySource",
},
IdentityType = PermissionsDefinitionIdentityType.User,
},
ResourceId = "/subscriptions/87eefd90-95a3-480a-ba42-56ff299a05ee",
},
Justification = "I need to do this because I want to some new azure roles",
Notes = "Pretty Pleaseeeee",
ScheduleInfo = new RequestSchedule
{
Expiration = new ExpirationPattern
{
Duration = TimeSpan.Parse("PT1H"),
},
Recurrence = null,
},
TicketInfo = new TicketInfo
{
TicketNumber = "INC1234567",
TicketSystem = "ServiceNow",
TicketSubmitterIdentityId = "alex@contoso.com",
TicketApproverIdentityId = "alexmanager@contoso.com",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.PermissionsManagement.ScheduledPermissionsRequests.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
ScheduledPermissionsRequest scheduledPermissionsRequest = new ScheduledPermissionsRequest();
SingleResourceAzurePermissionsDefinition requestedPermissions = new SingleResourceAzurePermissionsDefinition();
requestedPermissions.setOdataType("microsoft.graph.singleResourceAzurePermissionsDefinition");
PermissionsDefinitionAuthorizationSystem authorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem();
authorizationSystemInfo.setAuthorizationSystemId("87eefd90-95a3-480a-ba42-56ff299a05ee");
authorizationSystemInfo.setAuthorizationSystemType("AZURE");
requestedPermissions.setAuthorizationSystemInfo(authorizationSystemInfo);
AzureRolePermissionsDefinitionAction actionInfo = new AzureRolePermissionsDefinitionAction();
actionInfo.setOdataType("microsoft.graph.azureRolePermissionsDefinitionAction");
LinkedList<PermissionsDefinitionAzureRole> roles = new LinkedList<PermissionsDefinitionAzureRole>();
PermissionsDefinitionAzureRole permissionsDefinitionAzureRole = new PermissionsDefinitionAzureRole();
permissionsDefinitionAzureRole.setId("cdda3590-29a3-44f6-95f2-9f980659eb04");
roles.add(permissionsDefinitionAzureRole);
PermissionsDefinitionAzureRole permissionsDefinitionAzureRole1 = new PermissionsDefinitionAzureRole();
permissionsDefinitionAzureRole1.setId("312a565d-c81f-4fd8-895a-4e21e48d571c");
roles.add(permissionsDefinitionAzureRole1);
actionInfo.setRoles(roles);
requestedPermissions.setActionInfo(actionInfo);
PermissionsDefinitionAuthorizationSystemIdentity identityInfo = new PermissionsDefinitionAuthorizationSystemIdentity();
identityInfo.setExternalId("alex@contoso.com");
EdIdentitySource source = new EdIdentitySource();
source.setOdataType("microsoft.graph.edIdentitySource");
identityInfo.setSource(source);
identityInfo.setIdentityType(PermissionsDefinitionIdentityType.User);
requestedPermissions.setIdentityInfo(identityInfo);
requestedPermissions.setResourceId("/subscriptions/87eefd90-95a3-480a-ba42-56ff299a05ee");
scheduledPermissionsRequest.setRequestedPermissions(requestedPermissions);
scheduledPermissionsRequest.setJustification("I need to do this because I want to some new azure roles");
scheduledPermissionsRequest.setNotes("Pretty Pleaseeeee");
RequestSchedule scheduleInfo = new RequestSchedule();
ExpirationPattern expiration = new ExpirationPattern();
PeriodAndDuration duration = PeriodAndDuration.ofDuration(Duration.parse("PT1H"));
expiration.setDuration(duration);
scheduleInfo.setExpiration(expiration);
scheduleInfo.setRecurrence(null);
scheduledPermissionsRequest.setScheduleInfo(scheduleInfo);
TicketInfo ticketInfo = new TicketInfo();
ticketInfo.setTicketNumber("INC1234567");
ticketInfo.setTicketSystem("ServiceNow");
ticketInfo.setTicketSubmitterIdentityId("alex@contoso.com");
ticketInfo.setTicketApproverIdentityId("alexmanager@contoso.com");
scheduledPermissionsRequest.setTicketInfo(ticketInfo);
ScheduledPermissionsRequest result = graphClient.identityGovernance().permissionsManagement().scheduledPermissionsRequests().post(scheduledPermissionsRequest);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\ScheduledPermissionsRequest;
use Microsoft\Graph\Beta\Generated\Models\SingleResourceAzurePermissionsDefinition;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAuthorizationSystem;
use Microsoft\Graph\Beta\Generated\Models\AzureRolePermissionsDefinitionAction;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAzureRole;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAuthorizationSystemIdentity;
use Microsoft\Graph\Beta\Generated\Models\EdIdentitySource;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionIdentityType;
use Microsoft\Graph\Beta\Generated\Models\RequestSchedule;
use Microsoft\Graph\Beta\Generated\Models\ExpirationPattern;
use Microsoft\Graph\Beta\Generated\Models\TicketInfo;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new ScheduledPermissionsRequest();
$requestedPermissions = new SingleResourceAzurePermissionsDefinition();
$requestedPermissions->setOdataType('microsoft.graph.singleResourceAzurePermissionsDefinition');
$requestedPermissionsAuthorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem();
$requestedPermissionsAuthorizationSystemInfo->setAuthorizationSystemId('87eefd90-95a3-480a-ba42-56ff299a05ee');
$requestedPermissionsAuthorizationSystemInfo->setAuthorizationSystemType('AZURE');
$requestedPermissions->setAuthorizationSystemInfo($requestedPermissionsAuthorizationSystemInfo);
$requestedPermissionsActionInfo = new AzureRolePermissionsDefinitionAction();
$requestedPermissionsActionInfo->setOdataType('microsoft.graph.azureRolePermissionsDefinitionAction');
$rolesPermissionsDefinitionAzureRole1 = new PermissionsDefinitionAzureRole();
$rolesPermissionsDefinitionAzureRole1->setId('cdda3590-29a3-44f6-95f2-9f980659eb04');
$rolesArray []= $rolesPermissionsDefinitionAzureRole1;
$rolesPermissionsDefinitionAzureRole2 = new PermissionsDefinitionAzureRole();
$rolesPermissionsDefinitionAzureRole2->setId('312a565d-c81f-4fd8-895a-4e21e48d571c');
$rolesArray []= $rolesPermissionsDefinitionAzureRole2;
$requestedPermissionsActionInfo->setRoles($rolesArray);
$requestedPermissions->setActionInfo($requestedPermissionsActionInfo);
$requestedPermissionsIdentityInfo = new PermissionsDefinitionAuthorizationSystemIdentity();
$requestedPermissionsIdentityInfo->setExternalId('alex@contoso.com');
$requestedPermissionsIdentityInfoSource = new EdIdentitySource();
$requestedPermissionsIdentityInfoSource->setOdataType('microsoft.graph.edIdentitySource');
$requestedPermissionsIdentityInfo->setSource($requestedPermissionsIdentityInfoSource);
$requestedPermissionsIdentityInfo->setIdentityType(new PermissionsDefinitionIdentityType('user'));
$requestedPermissions->setIdentityInfo($requestedPermissionsIdentityInfo);
$requestedPermissions->setResourceId('/subscriptions/87eefd90-95a3-480a-ba42-56ff299a05ee');
$requestBody->setRequestedPermissions($requestedPermissions);
$requestBody->setJustification('I need to do this because I want to some new azure roles');
$requestBody->setNotes('Pretty Pleaseeeee');
$scheduleInfo = new RequestSchedule();
$scheduleInfoExpiration = new ExpirationPattern();
$scheduleInfoExpiration->setDuration(new \DateInterval('PT1H'));
$scheduleInfo->setExpiration($scheduleInfoExpiration);
$scheduleInfo->setRecurrence(null);
$requestBody->setScheduleInfo($scheduleInfo);
$ticketInfo = new TicketInfo();
$ticketInfo->setTicketNumber('INC1234567');
$ticketInfo->setTicketSystem('ServiceNow');
$ticketInfo->setTicketSubmitterIdentityId('alex@contoso.com');
$ticketInfo->setTicketApproverIdentityId('alexmanager@contoso.com');
$requestBody->setTicketInfo($ticketInfo);
$result = $graphServiceClient->identityGovernance()->permissionsManagement()->scheduledPermissionsRequests()->post($requestBody)->wait();
POST https://graph.microsoft.com/beta/identityGovernance/permissionsManagement/scheduledPermissionsRequests
Content-Type: application/json
{
"requestedPermissions": {
"@odata.type": "microsoft.graph.singleResourceGcpPermissionsDefinition",
"authorizationSystemInfo": {
"authorizationSystemId": "carbide-bonsai-205017",
"authorizationSystemType": "GCP"
},
"actionInfo": {
"@odata.type": "microsoft.graph.gcpActionPermissionsDefinitionAction",
"actions": [
"aiplatform:dataitems"
]
},
"identityInfo": {
"externalId": "alex@contoso.com",
"source": {
"@odata.type": "microsoft.graph.edIdentitySource"
},
"identityType": "user"
},
"resourceId": "carbide-bonsai-205017"
},
"justification": "I need to do this because I want to code my own chat GPT-3 bot on GCP",
"notes": "Pretty Pleaseeeee",
"scheduleInfo": {
"expiration": {
"duration": "PT1H"
}
},
"ticketInfo": {
"ticketNumber": "INC1234567",
"ticketSystem": "ServiceNow",
"ticketSubmitterIdentityId": "alex@contoso.com",
"ticketApproverIdentityId": "alexmanager@contoso.com"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new ScheduledPermissionsRequest
{
RequestedPermissions = new SingleResourceGcpPermissionsDefinition
{
OdataType = "microsoft.graph.singleResourceGcpPermissionsDefinition",
AuthorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem
{
AuthorizationSystemId = "carbide-bonsai-205017",
AuthorizationSystemType = "GCP",
},
ActionInfo = new GcpActionPermissionsDefinitionAction
{
OdataType = "microsoft.graph.gcpActionPermissionsDefinitionAction",
Actions = new List<string>
{
"aiplatform:dataitems",
},
},
IdentityInfo = new PermissionsDefinitionAuthorizationSystemIdentity
{
ExternalId = "alex@contoso.com",
Source = new EdIdentitySource
{
OdataType = "microsoft.graph.edIdentitySource",
},
IdentityType = PermissionsDefinitionIdentityType.User,
},
ResourceId = "carbide-bonsai-205017",
},
Justification = "I need to do this because I want to code my own chat GPT-3 bot on GCP",
Notes = "Pretty Pleaseeeee",
ScheduleInfo = new RequestSchedule
{
Expiration = new ExpirationPattern
{
Duration = TimeSpan.Parse("PT1H"),
},
},
TicketInfo = new TicketInfo
{
TicketNumber = "INC1234567",
TicketSystem = "ServiceNow",
TicketSubmitterIdentityId = "alex@contoso.com",
TicketApproverIdentityId = "alexmanager@contoso.com",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.PermissionsManagement.ScheduledPermissionsRequests.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
ScheduledPermissionsRequest scheduledPermissionsRequest = new ScheduledPermissionsRequest();
SingleResourceGcpPermissionsDefinition requestedPermissions = new SingleResourceGcpPermissionsDefinition();
requestedPermissions.setOdataType("microsoft.graph.singleResourceGcpPermissionsDefinition");
PermissionsDefinitionAuthorizationSystem authorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem();
authorizationSystemInfo.setAuthorizationSystemId("carbide-bonsai-205017");
authorizationSystemInfo.setAuthorizationSystemType("GCP");
requestedPermissions.setAuthorizationSystemInfo(authorizationSystemInfo);
GcpActionPermissionsDefinitionAction actionInfo = new GcpActionPermissionsDefinitionAction();
actionInfo.setOdataType("microsoft.graph.gcpActionPermissionsDefinitionAction");
LinkedList<String> actions = new LinkedList<String>();
actions.add("aiplatform:dataitems");
actionInfo.setActions(actions);
requestedPermissions.setActionInfo(actionInfo);
PermissionsDefinitionAuthorizationSystemIdentity identityInfo = new PermissionsDefinitionAuthorizationSystemIdentity();
identityInfo.setExternalId("alex@contoso.com");
EdIdentitySource source = new EdIdentitySource();
source.setOdataType("microsoft.graph.edIdentitySource");
identityInfo.setSource(source);
identityInfo.setIdentityType(PermissionsDefinitionIdentityType.User);
requestedPermissions.setIdentityInfo(identityInfo);
requestedPermissions.setResourceId("carbide-bonsai-205017");
scheduledPermissionsRequest.setRequestedPermissions(requestedPermissions);
scheduledPermissionsRequest.setJustification("I need to do this because I want to code my own chat GPT-3 bot on GCP");
scheduledPermissionsRequest.setNotes("Pretty Pleaseeeee");
RequestSchedule scheduleInfo = new RequestSchedule();
ExpirationPattern expiration = new ExpirationPattern();
PeriodAndDuration duration = PeriodAndDuration.ofDuration(Duration.parse("PT1H"));
expiration.setDuration(duration);
scheduleInfo.setExpiration(expiration);
scheduledPermissionsRequest.setScheduleInfo(scheduleInfo);
TicketInfo ticketInfo = new TicketInfo();
ticketInfo.setTicketNumber("INC1234567");
ticketInfo.setTicketSystem("ServiceNow");
ticketInfo.setTicketSubmitterIdentityId("alex@contoso.com");
ticketInfo.setTicketApproverIdentityId("alexmanager@contoso.com");
scheduledPermissionsRequest.setTicketInfo(ticketInfo);
ScheduledPermissionsRequest result = graphClient.identityGovernance().permissionsManagement().scheduledPermissionsRequests().post(scheduledPermissionsRequest);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\ScheduledPermissionsRequest;
use Microsoft\Graph\Beta\Generated\Models\SingleResourceGcpPermissionsDefinition;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAuthorizationSystem;
use Microsoft\Graph\Beta\Generated\Models\GcpActionPermissionsDefinitionAction;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionAuthorizationSystemIdentity;
use Microsoft\Graph\Beta\Generated\Models\EdIdentitySource;
use Microsoft\Graph\Beta\Generated\Models\PermissionsDefinitionIdentityType;
use Microsoft\Graph\Beta\Generated\Models\RequestSchedule;
use Microsoft\Graph\Beta\Generated\Models\ExpirationPattern;
use Microsoft\Graph\Beta\Generated\Models\TicketInfo;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new ScheduledPermissionsRequest();
$requestedPermissions = new SingleResourceGcpPermissionsDefinition();
$requestedPermissions->setOdataType('microsoft.graph.singleResourceGcpPermissionsDefinition');
$requestedPermissionsAuthorizationSystemInfo = new PermissionsDefinitionAuthorizationSystem();
$requestedPermissionsAuthorizationSystemInfo->setAuthorizationSystemId('carbide-bonsai-205017');
$requestedPermissionsAuthorizationSystemInfo->setAuthorizationSystemType('GCP');
$requestedPermissions->setAuthorizationSystemInfo($requestedPermissionsAuthorizationSystemInfo);
$requestedPermissionsActionInfo = new GcpActionPermissionsDefinitionAction();
$requestedPermissionsActionInfo->setOdataType('microsoft.graph.gcpActionPermissionsDefinitionAction');
$requestedPermissionsActionInfo->setActions(['aiplatform:dataitems', ]);
$requestedPermissions->setActionInfo($requestedPermissionsActionInfo);
$requestedPermissionsIdentityInfo = new PermissionsDefinitionAuthorizationSystemIdentity();
$requestedPermissionsIdentityInfo->setExternalId('alex@contoso.com');
$requestedPermissionsIdentityInfoSource = new EdIdentitySource();
$requestedPermissionsIdentityInfoSource->setOdataType('microsoft.graph.edIdentitySource');
$requestedPermissionsIdentityInfo->setSource($requestedPermissionsIdentityInfoSource);
$requestedPermissionsIdentityInfo->setIdentityType(new PermissionsDefinitionIdentityType('user'));
$requestedPermissions->setIdentityInfo($requestedPermissionsIdentityInfo);
$requestedPermissions->setResourceId('carbide-bonsai-205017');
$requestBody->setRequestedPermissions($requestedPermissions);
$requestBody->setJustification('I need to do this because I want to code my own chat GPT-3 bot on GCP');
$requestBody->setNotes('Pretty Pleaseeeee');
$scheduleInfo = new RequestSchedule();
$scheduleInfoExpiration = new ExpirationPattern();
$scheduleInfoExpiration->setDuration(new \DateInterval('PT1H'));
$scheduleInfo->setExpiration($scheduleInfoExpiration);
$requestBody->setScheduleInfo($scheduleInfo);
$ticketInfo = new TicketInfo();
$ticketInfo->setTicketNumber('INC1234567');
$ticketInfo->setTicketSystem('ServiceNow');
$ticketInfo->setTicketSubmitterIdentityId('alex@contoso.com');
$ticketInfo->setTicketApproverIdentityId('alexmanager@contoso.com');
$requestBody->setTicketInfo($ticketInfo);
$result = $graphServiceClient->identityGovernance()->permissionsManagement()->scheduledPermissionsRequests()->post($requestBody)->wait();