Microsoft Graph API role assignment alerts are not received via email when creating an eligible group ownership request

Plaifa Atthapaibul 0 Reputation points
2024-08-22T07:01:31.81+00:00

I would like to create an eligible group ownership request for a principal using the Microsoft Graph REST API and receive role assignment alerts via email notification. The role assignment alert is set for each PIM group.

First, I tested three scenarios:

  1. Adding a PIM role assignment on the Azure Portal.
  2. Using Microsoft Graph Explorer.
  3. Running automation from a third-party tool.

In scenarios 1 and 2, I was able to add an eligible assignment and receive the role assignment alert via email notification. However, in scenario 3, while I could add the eligible assignment, the admin did not receive the role assignment alert via email notification.

I attempted to create an eligible group ownership request for a principal using the Microsoft Graph REST API's eligibilityScheduleRequest method, following the instructions from this link. The PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup permission has already been assigned to the API permissions of the third-party app registration. Role assignment alerts are set in the notification settings for each group. My code is as follow:

Screenshot 2567-08-22 at 13.38.32

How can I troubleshoot and resolve the issue where the admin does not receive a role assignment alert via email notification when creating an eligible group ownership request for a principal using the Microsoft Graph REST API?

Thank you.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,856 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.