How to resolve role assignment alerts are not received via email when creating an eligible group ownership request for a principal using the Microsoft Graph REST API

Plaifa Atthapaibul 0 Reputation points
2024-08-22T08:16:45.11+00:00

I would like to create an eligible group ownership request for a principal using the Microsoft Graph REST API and receive role assignment alerts via email notification. The role assignment alert is set for each PIM group.

First, I tested three scenarios:

  1. Adding a PIM role assignment on the Azure Portal.
  2. Using Microsoft Graph Explorer.
  3. Running automation from a third-party tool.

In scenarios 1 and 2, I was able to add an eligible assignment and receive the role assignment alert via email notification. However, in scenario 3, while I could add the eligible assignment, the admin did not receive the role assignment alert via email notification.

 

I attempted to create an eligible group ownership request for a principal using the Microsoft Graph REST API's eligibilityScheduleRequest method, following the instructions from this link. The PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup permission has already been assigned to the API permissions of the third-party app registration. Role assignment alerts are set in the notification settings for each group.

How can I troubleshoot and resolve the issue where the admin does not receive a role assignment alert via email notification when creating an eligible group ownership request for a principal using the Microsoft Graph REST API?

Thank you.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,889 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.