对目录角色的操作 | Graph API 参考
**适用范围: ** Graph API | Azure Active Directory
本主题讨论如何使用 Azure Active Directory (AD) Graph API 执行对 Azure AD 目录角色的操作。 目录角色 ([DirectoryRole]) 具有目录中的特定权限集。 Azure AD 对作为目录角色成员的用户和服务主体授予该角色相关的权限。 Azure AD 目录角色也被称为管理员角色。 有关目录(管理员)角色的详细信息,请参阅在 Azure AD 中分配管理员角色。
凭借 Graph API,可以读取目录角色的属性、目录角色的查询成员并在目录角色中添加和删除成员。 目录角色可能将用户和服务主体作为其成员。 当前不支持将组添加到目录角色。
在 1.5 之前的版本中,默认情况下,所有的目录角色都出现在租户中。 在 1.5 版和更高版本中,默认情况下,仅出现公司管理员目录角色。 若要访问成员并将其分配给其他目录角色,必须首先使用相应的目录角色模板 ([DirectoryRoleTemplate]) 激活它。 有关更多信息,请参阅激活目录角色。
Graph API 是与 OData 3.0 兼容的 REST API,它提供对 Azure Active Directory 中的目录对象(如用户、组、组织联系人和应用程序)的编程访问。
重要
Azure AD Graph API 功能也可通过 Microsoft Graph 使用。Microsoft Graph 是一个统一的 API,它还包括其他 Microsoft 服务(如 Outlook、OneDrive、OneNote、Planner 和 Office Graph)的 API,这些都可以使用单个访问令牌通过单个终结点进行访问。
对目录角色上执行 REST 操作
若要使用 Graph API 对目录角色执行操作,请使用受支持的方法(GET、POST、PATCH、PUT 或 DELETE)将 HTTP 请求发送给以目录角色资源集合、特定目录角色、目录角色的导航属性或者可以对目录角色调用的函数或操作为目标的终结点。
Graph API 请求使用以下基本 URL:
https://graph.windows.net/{tenant_id}/{resource_path}?{api_version}[odata_query_parameters]
重要
发送到 Graph API 的请求必须格式良好,以有效的终结点和 Graph API 版本为目标并且具有从 Authorization 标头中的 Azure AD 获取的有效访问令牌。 有关使用 Graph API 创建请求和接收响应的更多详细信息,请参阅 [Operations Overview]。
指定 {resource_path} 的方式各有不同,具体取决于是否以租户中的所有目录角色的集合、单个目录角色或特定目录角色的导航属性为目标。
/directoryRoles以 directoryRole 资源集合为目标。 在版本 1.5 和更高版本中,可以使用此资源路径读取租户中的所有目录角色,以激活租户中的目录角色。/directoryRoleTemplates以 directoryRoleTemplate 资源集合为目标。 此资源路径可用于读取租户中可用的所有目录角色模板。 在版本 1.5 和更高版本中,目录角色模板可用于激活租户中的目录角色。/directoryRoles/{object_id}以租户中的单个目录角色为目标。 使用其对象 ID (GUID) 指定目标角色。 此资源路径可用于获取指定目录角色的已声明属性。/directoryRoles/{object_id}/members以目录角色的 members 导航属性为目标。 可用其返回作为指定目录角色的成员的用户和服务主体。 注意: 这种格式的寻址仅适用于读取操作。/directoryRoles/{object_id}/$links/members以目录角色的 members 导航属性为目标。 可以使用这种格式的寻址读取和修改角色成员。 读取时,属性引用的用户和服务正文将作为响应正文中的一个或多个链接返回。 写入时,这些用户和服务主体将指定为请求正文中的一个或多个链接。
例如,以下请求将返回指向指定目录角色的成员的链接集合:
GET https://graph.windows.net/myorganization/directoryRoles/ffffffff-ffff-ffff-ffff-ffffffffffff/$links/members?api-version=1.6
对目录角色的基本操作
可以对目录角色和目录角色模板的执行以下基本操作。
- 读取所有目录角色,或个别角色的属性。
- 读取所有目录角色模板或个别模板(版本 1.5 和更高版本)的属性。
- 使用 POST 请求激活目录角色(版本 1.5 和更高版本)。
下列主题介绍了如何操作。
获取目录角色
获取租户中激活的集合目录角色。 (对于 1.5 之前的版本,默认情况下,所有的目录角色都已激活。)
成功后,将返回已激活的 [DirectoryRole] 对象的集合;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "get directory roles",
"showComponents": {
"codeGenerator": "true"
}
}
获取目录角色
获取指定的目录角色。 按其对象 ID (GUID) 指定目录角色。
成功后,将返回指定角色的 [DirectoryRole] 对象;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "get directory role by id",
"showComponents": {
"codeGenerator": "true"
}
}
获取目录角色模板
获取租户中可用的目录角色模板的集合。 在 1.5 和更高版本中,目录角色模板用于激活目录角色。 在低于 1.5 的版本中不可用。
成功后,将返回租户的 [DirectoryRoleTemplate] 对象的集合;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "get directory role templates",
"showComponents": {
"codeGenerator": "true"
}
}
激活目录角色
激活租户中的目录角色。 仅在版本 1.5 和更高版本中可用。 请求正文包含要激活的目录角色的目录角色模板的对象 ID。
注意: 在 1.5 之前的版本中,默认情况下,所有的目录角色都出现在租户中。 在 1.5 版和更高版本中,默认情况下,仅出现公司管理员目录角色。 若要访问并给其他目录角色分配成员,必须首先使用相应的目录角色模板 ([DirectoryRoleTemplate]) 激活它。
下表显示在你激活目录角色时所需的属性。
| 必需的参数 | 类型 | 描述 |
|---|---|---|
| roleTemplateId | 字符串 | 该角色基于的 [DirectoryRoleTemplate] 的 objectId。 |
成功后,将返回新创建的 [DirectoryRole];否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "activate directory role"
}
对目录角色导航属性的操作
导航属性表示目录中实体的实例和其他对象之间的关系。 目录角色仅公开单个导航属性,即 members 属性。 此属性包含已添加到目录角色的用户和服务主体。 可以通过以 members 属性为目标从目录角色读取 (GET)、添加 (POST) 和删除 (DELETE) 成员。
获取目录角色的成员
从 members 导航属性获取目录角色的成员。
成功后,将返回指向作为目录角色成员的 [User] 和 [ServicePrincipal] 的链接集合;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
注意: 可以 URL 中删除“$links”段,以返回用户和服务主体的 [DirectoryObject],而不是链接。
{
"api": "DirectoryRoles",
"operation": "get directory role members links",
"showComponents": {
"codeGenerator": "true"
}
}
添加目录角色成员
通过 members 导航属性将一个或多个成员添加到目录角色。 可以添加用户或服务主体。 请求正文包含一个或多个指向要添加的 [User] 和 [ServicePrincipal] 的链接。
成功后,不返回任何响应正文;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "add directory role members"
}
删除目录角色成员
通过 members 导航属性从目录角色中删除指定成员。 指定要在终端 URL 段中删除的 [User] 或 [ServicePrincipal] 的对象 ID。
成功后,不返回任何响应正文;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "delete directory role member"
}
有关目录角色的函数和操作
你可以对目录角色调用以下任意函数。
获取所有组和目录角色成员身份(可传递)
可以调用 [getMemberObjects] 函数以返回用户、联系人、组或服务主体为其成员的所有组和目录角色。 检查对于组是可传递的(目录角色不能将组或其他目录角色作为成员)。
从对象 ID 列表获取对象
对目录服务调用 [getObjectsByObjectIds] 函数可返回对象 ID 列表中指定的目录对象。 还可以通过指定可选的 types 参数指定应搜索的资源集合(用户、组等)。 例如,可以使用此函数在上述 getMemberObjects 函数返回的对象 ID 的列表中查找目录角色。
其他资源
- 在 Graph API 概念中了解有关 Graph API 支持的特性、功能和预览功能的详细信息
Get directory roles
GET https://graph.windows.net/myorganization/directoryRoles?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRole",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "02618ff0-e643-450d-b9b2-2f812364eb2c",
"deletionTimestamp": null,
"description": "Helpdesk Administrator has access to perform common helpdesk related tasks.",
"displayName": "Helpdesk Administrator",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "044ca859-dc72-47cb-b466-7f6e78398979",
"deletionTimestamp": null,
"description": "Allows access read tasks and a subset of write tasks in the directory.",
"displayName": "Directory Writers",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "9360feb5-f418-4baa-8175-e2a00bac4301"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "44261f4c-b686-44c1-8997-310171ed4ca8",
"deletionTimestamp": null,
"description": "Allows access to various read only tasks in the directory. ",
"displayName": "Directory Readers",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8",
"deletionTimestamp": null,
"description": "Company Administrator role has full access to perform any operation in the company scope.",
"displayName": "Company Administrator",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "62e90394-69f5-4237-9190-012177145e10"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoles?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoles?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoles");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoles?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoles";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoles');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoles')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get a directory role
GET https://graph.windows.net/myorganization/directoryRoles/{object_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | ---- | ----- | ----- |
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role. |
| Query | ---- | ----- | ----- |
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
GET https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRole/@Element",
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8",
"deletionTimestamp": null,
"description": "Company Administrator role has full access to perform any operation in the company scope.",
"displayName": "Company Administrator",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "62e90394-69f5-4237-9190-012177145e10"
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoles/{object_id}?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoles/{object_id}?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoles/{object_id}");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoles/{object_id}?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoles/{object_id}";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoles/{object_id}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoles/{object_id}')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get directory role templates
GET https://graph.windows.net/myorganization/directoryRoleTemplates?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRoleTemplate",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "729827e3-9c14-49f7-bb1b-9608f156bbb8",
"deletionTimestamp": null,
"description": "Helpdesk Administrator has access to perform common helpdesk related tasks.",
"displayName": "Helpdesk Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "f023fd81-a637-4b56-95fd-791ac0226033",
"deletionTimestamp": null,
"description": "Service Support Administrator has access to perform common support tasks.",
"displayName": "Service Support Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "b0f54661-2d74-4c50-afa3-1ec803f12efe",
"deletionTimestamp": null,
"description": "Billing Administrator has access to perform common billing related tasks.",
"displayName": "Billing Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "b5468a13-3945-4a40-b0b1-5d78c2676bbf",
"deletionTimestamp": null,
"description": "Allows access and management of users mailboxes.",
"displayName": "Mailbox Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "4ba39ca4-527c-499a-b93d-d9b492c50246",
"deletionTimestamp": null,
"description": "Allows ability to perform tier1 support tasks.",
"displayName": "Partner Tier1 Support"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "e00e864a-17c5-4a4b-9c06-f5b95a8d5bd8",
"deletionTimestamp": null,
"description": "Allows ability to perform tier2 support tasks.",
"displayName": "Partner Tier2 Support"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
"deletionTimestamp": null,
"description": "Allows access to various read only tasks in the directory. ",
"displayName": "Directory Readers"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "29232cdf-9323-42fd-ade2-1d097af3e4de",
"deletionTimestamp": null,
"description": "Exchange Service Administrator.",
"displayName": "Exchange Service Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "75941009-915a-4869-abe7-691bff18279e",
"deletionTimestamp": null,
"description": "Lync Service Administrator.",
"displayName": "Lync Service Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "fe930be7-5e62-47db-91af-98c3a49a38b1",
"deletionTimestamp": null,
"description": "User Account Administrator has access to perform common user management related tasks.",
"displayName": "User Account Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "9360feb5-f418-4baa-8175-e2a00bac4301",
"deletionTimestamp": null,
"description": "Allows access read tasks and a subset of write tasks in the directory.",
"displayName": "Directory Writers"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "62e90394-69f5-4237-9190-012177145e10",
"deletionTimestamp": null,
"description": "Company Administrator role has full access to perform any operation in the company scope.",
"displayName": "Company Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "a0b1b346-4d3e-4e8b-98f8-753987be4970",
"deletionTimestamp": null,
"description": "Every user is implicitly considered to be a member of the User Role.",
"displayName": "User"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "d65e02d2-0214-4674-8e5d-766fb330e2c0",
"deletionTimestamp": null,
"description": "Allows creation of new email verified users.",
"displayName": "Email Verified User Creator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "eb1d8c34-acf5-460d-8424-c1f1a6fbdb85",
"deletionTimestamp": null,
"description": "Allows access manage AdHoc license.",
"displayName": "AdHoc License Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "f28a1f50-f6e7-4571-818b-6a12f2af6b6c",
"deletionTimestamp": null,
"description": "SharePoint Service Administrator.",
"displayName": "SharePoint Service Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "d405c6df-0af8-4e3b-95e4-4d06e542189e",
"deletionTimestamp": null,
"description": "Device Users",
"displayName": "Device Users"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "9f06204d-73c1-4d4c-880a-6edb90606fd8",
"deletionTimestamp": null,
"description": "Device Administrators",
"displayName": "Device Administrators"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "9c094953-4995-41c8-84c8-3ebb9b32c93f",
"deletionTimestamp": null,
"description": "Device Join",
"displayName": "Device Join"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "c34f683f-4d5a-4403-affd-6615e00e3a7f",
"deletionTimestamp": null,
"description": "Workplace Device Join",
"displayName": "Workplace Device Join"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "17315797-102d-40b4-93e0-432062caca18",
"deletionTimestamp": null,
"description": "Compliance administrator.",
"displayName": "Compliance Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "d29b2b05-8046-44ba-8758-1e26182fcf32",
"deletionTimestamp": null,
"description": "Directory Synchronization Accounts",
"displayName": "Directory Synchronization Accounts"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "2b499bcd-da44-4968-8aec-78e1674fa64d",
"deletionTimestamp": null,
"description": "Allows access to read and edit device properties. ",
"displayName": "Device Managers"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoleTemplates?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoleTemplates?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoleTemplates");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoleTemplates?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoleTemplates";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoleTemplates');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoleTemplates?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoleTemplates?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoleTemplates')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Activate a directory role
POST https://graph.windows.net/myorganization/directoryRoles?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"roleTemplateId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
}
Response
Status Code:201
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRole/@Element",
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "ebabdd59-04ba-46f0-bd7f-bef08fe8fa9b",
"deletionTimestamp": null,
"description": "Allows access to various read only tasks in the directory. ",
"displayName": "Directory Readers",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
}
Response List
| Status Code | Description |
|---|---|
| 201 | Created. Indicates success. The newly activated directory role is returned in the response body. |
Get a directory role's members
GET https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
GET https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8/$links/members?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/$links/members",
"value": [
{
"url": "https://graph.windows.net/myorganization/directoryObjects/f19096bf-a58c-46ba-9ffd-0344f1daecf8/Microsoft.DirectoryServices.User"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. A collection of links to the directory role members is returned. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}/$links/members?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}/$links/members?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Add directory role members
POST https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"url": "https://graph.windows.net/myorganization/directoryObjects/3eb6055a-baeb-44d4-a1ea-2fee86d8891b"
}
POST https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8/$links/members?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |
Delete a directory role member
DELETE https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members/{member_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role. |
| member_id | string | 3eb6055a-baeb-44d4-a1ea-2fee86d8891b | The object ID (GUID) of the member to be removed. Can be a user or a service principal. |
| Query | ----- | ----- | ------ |
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
DELETE https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8/$links/members/3eb6055a-baeb-44d4-a1ea-2fee86d8891b?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |