How to resolve role assignment alerts are not received via email when creating an eligible group ownership request for a principal using the Microsoft Graph REST API
I would like to create an eligible group ownership request for a principal using the Microsoft Graph REST API and receive role assignment alerts via email notification. The role assignment alert is set for each PIM group.
First, I tested three scenarios:
- Adding a PIM role assignment on the Azure Portal.
- Using Microsoft Graph Explorer.
- Running automation from a third-party tool.
In scenarios 1 and 2, I was able to add an eligible assignment and receive the role assignment alert via email notification. However, in scenario 3, while I could add the eligible assignment, the admin did not receive the role assignment alert via email notification.
I attempted to create an eligible group ownership request for a principal using the Microsoft Graph REST API's eligibilityScheduleRequest
method, following the instructions from this link. The PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup
permission has already been assigned to the API permissions of the third-party app registration. Role assignment alerts are set in the notification settings for each group.
How can I troubleshoot and resolve the issue where the admin does not receive a role assignment alert via email notification when creating an eligible group ownership request for a principal using the Microsoft Graph REST API?
Thank you.