Managing Priviliged Access Groups in PIM with Graph

Brian Purchell 21 Reputation points
2022-01-26T20:02:29.977+00:00

Is it possible to use Graph to set up users to be eligible for a Privileged Access Group (PAG) in PIM? Today I use graph to add users to Azure AD Role assignable groups, now we're looking at using the JIT functionality of PIM. I don't see from my research if this is possible (or maybe it isn't documented) using Graph. I don't want to go backwards from a fully automated process to one in which I need to manually configure users to be eligible for the PAGs I've created.

The only thing I see if to be able to manage users assigned to the built-in roles, not PAGs. Any suggestions?

Any help is appreciated!

Microsoft Graph Identity API
Microsoft Graph Identity API
A Microsoft API to access Azure Active Directory (Azure AD) resources to enable scenarios like managing administrator (directory) roles, inviting external users to an organization, and, if you are a Cloud Solution Provider (CSP), managing your customer's data.
308 questions
Microsoft Graph SDK
Microsoft Graph SDK
A Microsoft software developer kit designed to simplify building high-quality, efficient, and resilient applications that access Microsoft Graph.
991 questions
0 comments No comments
{count} votes

Accepted answer
  1. RajeshKumarMSFT 1,956 Reputation points Microsoft Vendor
    2022-01-27T12:52:54.967+00:00

    Hi @Anonymous ,

    Currently Graph API doesn't support Managing PAG . Could you please Raise your feature request here ?

    Refer :- https://learn.microsoft.com/en-us/graph/api/resources/privilegedaccess?view=graph-rest-beta

    Hope this helps.
    If the answer is helpful and your question is resolved, please click "Accept Answer" and kindly upvote it. If you have any further questions about this answer, please click "Comment".

    0 comments No comments

0 additional answers

Sort by: Most helpful