目錄角色的作業 | Graph API 參考
**適用於︰**Graph API | Azure Active Directory
本主題討論如何使用 Azure Active Directory (AD) Graph API 對 Azure AD目錄角色執行作業。 目錄角色 ([DirectoryRole]) 在目錄內執行一組特定權限。 Azure AD 會將與目錄角色相關聯的權限授與為該角色成員的使用者和服務主體。 Azure AD 目錄角色也稱為「系統管理員角色」** (administrator role)。 如需目錄 (系統管理員) 角色的詳細資訊,請參閱在 Azure Active Directory (Azure AD) 中指派系統管理員角色。
使用 Graph API,您可以讀取目錄角色的屬性、查詢目錄角色的成員,以及加入和刪除目錄角色的成員。 目錄角色可以將使用者和服務主體當成成員。 目前不支援將群組加入目錄角色。
在 1.5 之前的版本中,預設所有目錄角色都在租用戶中。 在 1.5 版和更新版本中,預設只會有公司系統管理員目錄角色。 若要存取另一個目錄角色,以及將成員指派給另一個目錄角色,您必須使用對應的目錄角色範本 ([DirectoryRoleTemplate]) 先啟用它。 如需詳細資訊,請參閱啟用目錄角色。
Graph API 是 OData 3.0 相容的 REST API,可讓您以程式設計方式存取 Azure Active Directory 中的目錄物件,例如使用者、群組、組織連絡人和應用程式。
重要
您也可以透過 Microsoft Graph 取得 Azure AD Graph API 功能,這個統一 API 同時也包含如 Outlook、OneDrive、OneNote、Planner 和 Office Graph 等其他 Microsoft 服務 API,讓您可以使用單一的存取權杖透過單一端點存取所有 API。
執行目錄角色的 REST 作業
為了使用 Graph API 執行目錄角色的作業,請使用支援的方法 (GET、POST、PATCH、PUT 或 DELETE) 將 HTTP 要求傳送到端點,而端點的目標設為 directoryRoles 資源集合、特定目錄角色、目錄角色的導覽屬性,或是可對目錄角色呼叫的函數或動作。
Graph API 要求使用下列基本 URL:
https://graph.windows.net/{tenant_id}/{resource_path}?{api_version}[odata_query_parameters]
重要
傳送到 Graph API 之要求的格式必須正確、目標設為有效的端點和Graph API 版本,而且其 Authorization 標頭中攜帶取自 Azure AD 的有效存取權杖。 如需使用 Graph API 建立要求以及接收回應的詳細資訊,請參閱[Operations Overview]。
您可以根據目標設為租用戶中的所有目錄角色集合、個別目錄角色還是特定目錄角色的導覽屬性,透過不同的方式指定 {resource_path}。
/directoryRoles將目標設為 directoryRoles 資源集合。 您可以使用此資源路徑讀取租用戶中的所有目錄角色,而在 1.5 版和更新版本中,則是啟用租用戶中的目錄角色。/directoryRoleTemplates將目標設為 directoryRoleTemplates 資源集合。 您可以使用此資源路徑讀取租用戶中可用的所有目錄角色範本。 在 1.5 版和更新版本中,您可以使用目錄角色範本啟用租用戶中的目錄角色。/directoryRoles/{object_id}將目標設為租用戶中的個別目錄角色。 您可以使用物件識別碼 (GUID) 指定目標角色。 您可以使用此資源路徑取得所指定目錄角色的已宣告屬性。/directoryRoles/{object_id}/members將目標設為目錄角色的 members 導覽屬性。 您可以使用它來傳回屬於所指定目錄角色之成員的使用者和服務主體。 注意:這種形式的定址僅供讀取。/directoryRoles/{object_id}/$links/members將目標設為目錄角色的 members 導覽屬性。 您可以使用這種定址形式來讀取和修改角色的成員。 讀取時,會將此屬性所參考的使用者和服務主體傳回為回應主體中的一或多個連結。 寫入時,會將使用者和服務主體指定為要求主體中的一或多個連結。
例如,下列要求會傳回所指定目錄角色之成員的連結集合︰
GET https://graph.windows.net/myorganization/directoryRoles/ffffffff-ffff-ffff-ffff-ffffffffffff/$links/members?api-version=1.6
目錄角色的基本作業
您可以執行目錄角色和目錄角色範本的下列基本作業。
- 讀取所有目錄角色或個別角色的屬性。
- 讀取所有目錄角色範本或個別範本的屬性 (1.5 版和更新版本)。
- 使用 POST 要求啟用目錄角色 (1.5 版和更新版本)。
下列各主題示範做法。
取得目錄角色
取得租用戶中所啟用的目錄角色集合 (在 1.5 之前的版本中,預設已啟用所有目錄角色)。
成功時,傳回已啟用的 [DirectoryRole] 物件集合;否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "get directory roles",
"showComponents": {
"codeGenerator": "true"
}
}
取得目錄角色
取得指定的目錄角色。 使用物件識別碼 (GUID) 指定目錄角色。
成功時,傳回所指定角色的 [DirectoryRole] 物件;否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "get directory role by id",
"showComponents": {
"codeGenerator": "true"
}
}
取得目錄角色範本
取得租用戶中可用的目錄角色範本集合 在 1.5 版和更新版本中,目錄角色範本用來啟用目錄角色。 1.5 之前的版本未提供。
成功時,傳回租用戶的 [DirectoryRoleTemplate] 物件集合;否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "get directory role templates",
"showComponents": {
"codeGenerator": "true"
}
}
啟用目錄角色
啟用租用戶中的目錄角色。 只有 1.5 版和更新版本才提供。 要求主體包含您要啟用之目錄角色的目錄角色範本的物件識別碼。
注意:在 1.5 之前的版本中,預設所有目錄角色都在租用戶中。 在 1.5 版和更新版本中,預設只會有公司系統管理員目錄角色。 若要存取另一個目錄角色,以及將成員指派給另一個目錄角色,您必須使用對應的目錄角色範本 ([DirectoryRoleTemplate]) 先啟用它。
下表顯示啟用目錄角色時所需的屬性。
| 必要參數 | 類型 | 說明 |
|---|---|---|
| roleTemplateId | 字串 | 角色所根據之 [DirectoryRoleTemplate] 的 objectId。 |
成功時,傳回新建立的 [DirectoryRole];否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "activate directory role"
}
目錄角色導覽屬性 的作業
導覽屬性代表實體執行個體與目錄中其他物件之間的關聯性。 目錄角色只會公開單一導覽屬性 (members 屬性)。 此屬性包含已新增至目錄角色中的使用者和服務主體。 您可以將目標設為 members 屬性,來讀取 (GET)、新增 (POST) 和刪除 (DELETE) 目錄角色中的成員。
取得目錄角色的成員
透過 members 導覽屬性取得目錄角色的成員。
成功時,傳回 [User] 的連結集合,以及屬於目錄角色成員之 [ServicePrincipal] 的連結集合;否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
注意:您可以移除 URL 中的 "$links" 區段來傳回使用者和服務主體的 [DirectoryObject],而非連結。
{
"api": "DirectoryRoles",
"operation": "get directory role members links",
"showComponents": {
"codeGenerator": "true"
}
}
新增目錄角色成員
透過 members 導覽屬性,將一或多個成員新增至目錄角色。 您可以新增使用者或服務主體。 要求主體包含要新增之 [User] 和 [ServicePrincipal] 的一或多個連結。
成功時,不會傳回回應主體;否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "add directory role members"
}
刪除目錄角色成員
透過 members 導覽屬性,刪除目錄角色中的指定成員。 在終端機 URL 區段中,指定要刪除之 [User] 或 [ServicePrincipal] 的物件識別碼。
成功時,不會傳回回應主體;否則,回應主體會包含錯誤詳細資料。 如需錯誤的詳細資訊,請參閱[Error Codes and Error Handling]。
{
"api": "DirectoryRoles",
"operation": "delete directory role member"
}
目錄角色的函數和動作
您可以針對目錄角色呼叫下列任何函數。
取得所有群組和目錄角色成員資格 (可轉移)
您可以呼叫 [getMemberObjects] 函數,傳回使用者、連絡人、群組或服務主體為其成員的所有群組和目錄角色。 群組的這項檢查是可轉移的 (目錄角色不能將群組或其他目錄角色作為成員)。
從物件識別碼清單中取得物件
在目錄服務上呼叫 [getObjectsByObjectIds] 函數,可傳回物件識別碼清單中指定的目錄物件。 您也可以指定選擇性 types 參數,進而指定應該搜尋的資源集合 (使用者、群組等)。 例如,您可以使用此函數來尋找上述 getMemberObjects 函數所傳回物件識別碼清單中的目錄角色。
其他資源
- 在 Graph API 概念中深入了解 Graph API 支援的功能、能力和預覽功能。
Get directory roles
GET https://graph.windows.net/myorganization/directoryRoles?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRole",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "02618ff0-e643-450d-b9b2-2f812364eb2c",
"deletionTimestamp": null,
"description": "Helpdesk Administrator has access to perform common helpdesk related tasks.",
"displayName": "Helpdesk Administrator",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "044ca859-dc72-47cb-b466-7f6e78398979",
"deletionTimestamp": null,
"description": "Allows access read tasks and a subset of write tasks in the directory.",
"displayName": "Directory Writers",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "9360feb5-f418-4baa-8175-e2a00bac4301"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "44261f4c-b686-44c1-8997-310171ed4ca8",
"deletionTimestamp": null,
"description": "Allows access to various read only tasks in the directory. ",
"displayName": "Directory Readers",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8",
"deletionTimestamp": null,
"description": "Company Administrator role has full access to perform any operation in the company scope.",
"displayName": "Company Administrator",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "62e90394-69f5-4237-9190-012177145e10"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoles?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoles?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoles");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoles?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoles";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoles');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoles')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get a directory role
GET https://graph.windows.net/myorganization/directoryRoles/{object_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | ---- | ----- | ----- |
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role. |
| Query | ---- | ----- | ----- |
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
GET https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRole/@Element",
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8",
"deletionTimestamp": null,
"description": "Company Administrator role has full access to perform any operation in the company scope.",
"displayName": "Company Administrator",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "62e90394-69f5-4237-9190-012177145e10"
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoles/{object_id}?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoles/{object_id}?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoles/{object_id}");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoles/{object_id}?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoles/{object_id}";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoles/{object_id}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoles/{object_id}')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get directory role templates
GET https://graph.windows.net/myorganization/directoryRoleTemplates?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRoleTemplate",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "729827e3-9c14-49f7-bb1b-9608f156bbb8",
"deletionTimestamp": null,
"description": "Helpdesk Administrator has access to perform common helpdesk related tasks.",
"displayName": "Helpdesk Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "f023fd81-a637-4b56-95fd-791ac0226033",
"deletionTimestamp": null,
"description": "Service Support Administrator has access to perform common support tasks.",
"displayName": "Service Support Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "b0f54661-2d74-4c50-afa3-1ec803f12efe",
"deletionTimestamp": null,
"description": "Billing Administrator has access to perform common billing related tasks.",
"displayName": "Billing Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "b5468a13-3945-4a40-b0b1-5d78c2676bbf",
"deletionTimestamp": null,
"description": "Allows access and management of users mailboxes.",
"displayName": "Mailbox Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "4ba39ca4-527c-499a-b93d-d9b492c50246",
"deletionTimestamp": null,
"description": "Allows ability to perform tier1 support tasks.",
"displayName": "Partner Tier1 Support"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "e00e864a-17c5-4a4b-9c06-f5b95a8d5bd8",
"deletionTimestamp": null,
"description": "Allows ability to perform tier2 support tasks.",
"displayName": "Partner Tier2 Support"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
"deletionTimestamp": null,
"description": "Allows access to various read only tasks in the directory. ",
"displayName": "Directory Readers"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "29232cdf-9323-42fd-ade2-1d097af3e4de",
"deletionTimestamp": null,
"description": "Exchange Service Administrator.",
"displayName": "Exchange Service Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "75941009-915a-4869-abe7-691bff18279e",
"deletionTimestamp": null,
"description": "Lync Service Administrator.",
"displayName": "Lync Service Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "fe930be7-5e62-47db-91af-98c3a49a38b1",
"deletionTimestamp": null,
"description": "User Account Administrator has access to perform common user management related tasks.",
"displayName": "User Account Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "9360feb5-f418-4baa-8175-e2a00bac4301",
"deletionTimestamp": null,
"description": "Allows access read tasks and a subset of write tasks in the directory.",
"displayName": "Directory Writers"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "62e90394-69f5-4237-9190-012177145e10",
"deletionTimestamp": null,
"description": "Company Administrator role has full access to perform any operation in the company scope.",
"displayName": "Company Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "a0b1b346-4d3e-4e8b-98f8-753987be4970",
"deletionTimestamp": null,
"description": "Every user is implicitly considered to be a member of the User Role.",
"displayName": "User"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "d65e02d2-0214-4674-8e5d-766fb330e2c0",
"deletionTimestamp": null,
"description": "Allows creation of new email verified users.",
"displayName": "Email Verified User Creator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "eb1d8c34-acf5-460d-8424-c1f1a6fbdb85",
"deletionTimestamp": null,
"description": "Allows access manage AdHoc license.",
"displayName": "AdHoc License Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "f28a1f50-f6e7-4571-818b-6a12f2af6b6c",
"deletionTimestamp": null,
"description": "SharePoint Service Administrator.",
"displayName": "SharePoint Service Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "d405c6df-0af8-4e3b-95e4-4d06e542189e",
"deletionTimestamp": null,
"description": "Device Users",
"displayName": "Device Users"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "9f06204d-73c1-4d4c-880a-6edb90606fd8",
"deletionTimestamp": null,
"description": "Device Administrators",
"displayName": "Device Administrators"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "9c094953-4995-41c8-84c8-3ebb9b32c93f",
"deletionTimestamp": null,
"description": "Device Join",
"displayName": "Device Join"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "c34f683f-4d5a-4403-affd-6615e00e3a7f",
"deletionTimestamp": null,
"description": "Workplace Device Join",
"displayName": "Workplace Device Join"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "17315797-102d-40b4-93e0-432062caca18",
"deletionTimestamp": null,
"description": "Compliance administrator.",
"displayName": "Compliance Administrator"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "d29b2b05-8046-44ba-8758-1e26182fcf32",
"deletionTimestamp": null,
"description": "Directory Synchronization Accounts",
"displayName": "Directory Synchronization Accounts"
},
{
"odata.type": "Microsoft.DirectoryServices.DirectoryRoleTemplate",
"objectType": "RoleTemplate",
"objectId": "2b499bcd-da44-4968-8aec-78e1674fa64d",
"deletionTimestamp": null,
"description": "Allows access to read and edit device properties. ",
"displayName": "Device Managers"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoleTemplates?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoleTemplates?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoleTemplates");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoleTemplates?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoleTemplates";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoleTemplates');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoleTemplates?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoleTemplates?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoleTemplates')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Activate a directory role
POST https://graph.windows.net/myorganization/directoryRoles?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"roleTemplateId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
}
Response
Status Code:201
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.DirectoryRole/@Element",
"odata.type": "Microsoft.DirectoryServices.DirectoryRole",
"objectType": "Role",
"objectId": "ebabdd59-04ba-46f0-bd7f-bef08fe8fa9b",
"deletionTimestamp": null,
"description": "Allows access to various read only tasks in the directory. ",
"displayName": "Directory Readers",
"isSystem": true,
"roleDisabled": false,
"roleTemplateId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
}
Response List
| Status Code | Description |
|---|---|
| 201 | Created. Indicates success. The newly activated directory role is returned in the response body. |
Get a directory role's members
GET https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
GET https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8/$links/members?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/$links/members",
"value": [
{
"url": "https://graph.windows.net/myorganization/directoryObjects/f19096bf-a58c-46ba-9ffd-0344f1daecf8/Microsoft.DirectoryServices.User"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. A collection of links to the directory role members is returned. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}/$links/members?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/directoryRoles/{object_id}/$links/members?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Add directory role members
POST https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"url": "https://graph.windows.net/myorganization/directoryObjects/3eb6055a-baeb-44d4-a1ea-2fee86d8891b"
}
POST https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8/$links/members?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |
Delete a directory role member
DELETE https://graph.windows.net/myorganization/directoryRoles/{object_id}/$links/members/{member_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8 | The object ID (GUID) of the target directory role. |
| member_id | string | 3eb6055a-baeb-44d4-a1ea-2fee86d8891b | The object ID (GUID) of the member to be removed. Can be a user or a service principal. |
| Query | ----- | ----- | ------ |
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
DELETE https://graph.windows.net/myorganization/directoryRoles/cb5d9ae9-6e2c-41a0-9194-0d4aef426ba8/$links/members/3eb6055a-baeb-44d4-a1ea-2fee86d8891b?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |