Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
Permission type
Least privileged permissions
Higher privileged permissions
Delegated (work or school account)
EntitlementManagement.ReadWrite.All
Not available.
Delegated (personal Microsoft account)
Not supported.
Not supported.
Application
EntitlementManagement.ReadWrite.All
Not available.
HTTP request
POST /identityGovernance/entitlementManagement/assignmentRequests
For an administrator to request to create an assignment for a user, the value of the requestType property is adminAdd, and the assignment property contains the targetId of the user being assigned, the assignmentPolicyId property identifying the accessPackageAssignmentPolicy, and the accessPackageId property identifying the accessPackage.
For an administrator to request to update an assignment (for example to extend the assignment or update answers to questions), the value of the requestType property is adminUpdate, and the assignment property contains the id property identifying the accessPackageAssignment being updated.
For an administrator to request to remove an assignment, the value of the requestType property is adminRemove, and the assignment property contains the id property identifying the accessPackageAssignment being removed.
For a non-administrator user to request to create their own assignment for either a first assignment or renew assignment, the value of the requestType property is userAdd. The assignment property contains an object with the targetId with the id of the user. The assignmentPolicyId property identifies the accessPackageAssignmentPolicy. The accessPackageId property identifies the accessPackage. The user making the request must already exist in the directory.
For a non-administrator user to request to update their own assignments, the value of the requestType property is userUpdate. The assignment property contains the targetId with the id of the users. The assignmentPolicyId property identifies the accessPackageAssignmentPolicy. The accessPackageId property identifies the accessPackage. The user making the request must already exist in the directory.
Response
If successful, this method returns a 200-series response code and a new accessPackageAssignmentRequest object in the response body.
Example 1: Admin requests a direct assignment for a user already in the directory
Request
The following example shows a request for a direct assignment, in which the administrator requests the creation of an assignment for a user. Because the accessPackageSubject might not yet exist, the value of the targetID is the object ID of the user being assigned, the value of the accessPackageId is the desired access package for that user, and the value of assignmentPolicyId is a direct assignment policy in that access package.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AccessPackageAssignmentRequest
{
RequestType = AccessPackageRequestType.AdminAdd,
Assignment = new AccessPackageAssignment
{
AdditionalData = new Dictionary<string, object>
{
{
"targetId" , "46184453-e63b-4f20-86c2-c557ed5d5df9"
},
{
"assignmentPolicyId" , "2264bf65-76ba-417b-a27d-54d291f0cbc8"
},
{
"accessPackageId" , "a914b616-e04e-476b-aa37-91038f0b165b"
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentRequest()
requestType := graphmodels.ADMINADD_ACCESSPACKAGEREQUESTTYPE
requestBody.SetRequestType(&requestType)
assignment := graphmodels.NewAccessPackageAssignment()
additionalData := map[string]interface{}{
"targetId" : "46184453-e63b-4f20-86c2-c557ed5d5df9",
"assignmentPolicyId" : "2264bf65-76ba-417b-a27d-54d291f0cbc8",
"accessPackageId" : "a914b616-e04e-476b-aa37-91038f0b165b",
}
assignment.SetAdditionalData(additionalData)
requestBody.SetAssignment(assignment)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentRequests, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentRequests().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.AdminAdd);
AccessPackageAssignment assignment = new AccessPackageAssignment();
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("targetId", "46184453-e63b-4f20-86c2-c557ed5d5df9");
additionalData.put("assignmentPolicyId", "2264bf65-76ba-417b-a27d-54d291f0cbc8");
additionalData.put("accessPackageId", "a914b616-e04e-476b-aa37-91038f0b165b");
assignment.setAdditionalData(additionalData);
accessPackageAssignmentRequest.setAssignment(assignment);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
from msgraph.generated.models.access_package_assignment import AccessPackageAssignment
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
request_type = AccessPackageRequestType.AdminAdd,
assignment = AccessPackageAssignment(
additional_data = {
"target_id" : "46184453-e63b-4f20-86c2-c557ed5d5df9",
"assignment_policy_id" : "2264bf65-76ba-417b-a27d-54d291f0cbc8",
"access_package_id" : "a914b616-e04e-476b-aa37-91038f0b165b",
}
),
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AccessPackageAssignmentRequest
{
RequestType = AccessPackageRequestType.AdminRemove,
Assignment = new AccessPackageAssignment
{
Id = "a6bb6942-3ae1-4259-9908-0133aaee9377",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentRequest()
requestType := graphmodels.ADMINREMOVE_ACCESSPACKAGEREQUESTTYPE
requestBody.SetRequestType(&requestType)
assignment := graphmodels.NewAccessPackageAssignment()
id := "a6bb6942-3ae1-4259-9908-0133aaee9377"
assignment.SetId(&id)
requestBody.SetAssignment(assignment)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentRequests, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentRequests().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.AdminRemove);
AccessPackageAssignment assignment = new AccessPackageAssignment();
assignment.setId("a6bb6942-3ae1-4259-9908-0133aaee9377");
accessPackageAssignmentRequest.setAssignment(assignment);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageAssignmentRequest;
use Microsoft\Graph\Generated\Models\AccessPackageRequestType;
use Microsoft\Graph\Generated\Models\AccessPackageAssignment;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setRequestType(new AccessPackageRequestType('adminRemove'));
$assignment = new AccessPackageAssignment();
$assignment->setId('a6bb6942-3ae1-4259-9908-0133aaee9377');
$requestBody->setAssignment($assignment);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody)->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
from msgraph.generated.models.access_package_assignment import AccessPackageAssignment
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
request_type = AccessPackageRequestType.AdminRemove,
assignment = AccessPackageAssignment(
id = "a6bb6942-3ae1-4259-9908-0133aaee9377",
),
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)
Example 3: Request an assignment by providing answers to questions
The following example shows how a user can request an access package assignment for themselves by answering questions required by the policy during the request process.
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests
Content-type: application/json
{
"@odata.type": "#microsoft.graph.accessPackageAssignmentRequest",
"requestType": "userAdd",
"answers": [
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"displayValue": "This is the answer to a multiple choice question",
"value": "MultipleChoiceAnswerValue",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"id": "8fe745e7-80b2-490d-bd22-4e708c77288c"
}
},
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "This is my answer to a text input question.",
"displayValue": "This is my answer.",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"id": "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
}
}
],
"assignment": {
"accessPackageId": "977c7ff4-ef8f-4910-9d31-49048ddf3120"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AccessPackageAssignmentRequest
{
OdataType = "#microsoft.graph.accessPackageAssignmentRequest",
RequestType = AccessPackageRequestType.UserAdd,
Answers = new List<AccessPackageAnswer>
{
new AccessPackageAnswerString
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
DisplayValue = "This is the answer to a multiple choice question",
Value = "MultipleChoiceAnswerValue",
AnsweredQuestion = new AccessPackageMultipleChoiceQuestion
{
OdataType = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
Id = "8fe745e7-80b2-490d-bd22-4e708c77288c",
},
},
new AccessPackageAnswerString
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
Value = "This is my answer to a text input question.",
DisplayValue = "This is my answer.",
AnsweredQuestion = new AccessPackageTextInputQuestion
{
OdataType = "#microsoft.graph.accessPackageTextInputQuestion",
Id = "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6",
},
},
},
Assignment = new AccessPackageAssignment
{
AdditionalData = new Dictionary<string, object>
{
{
"accessPackageId" , "977c7ff4-ef8f-4910-9d31-49048ddf3120"
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentRequest()
requestType := graphmodels.USERADD_ACCESSPACKAGEREQUESTTYPE
requestBody.SetRequestType(&requestType)
accessPackageAnswer := graphmodels.NewAccessPackageAnswerString()
displayValue := "This is the answer to a multiple choice question"
accessPackageAnswer.SetDisplayValue(&displayValue)
value := "MultipleChoiceAnswerValue"
accessPackageAnswer.SetValue(&value)
answeredQuestion := graphmodels.NewAccessPackageMultipleChoiceQuestion()
id := "8fe745e7-80b2-490d-bd22-4e708c77288c"
answeredQuestion.SetId(&id)
accessPackageAnswer.SetAnsweredQuestion(answeredQuestion)
accessPackageAnswer1 := graphmodels.NewAccessPackageAnswerString()
value := "This is my answer to a text input question."
accessPackageAnswer1.SetValue(&value)
displayValue := "This is my answer."
accessPackageAnswer1.SetDisplayValue(&displayValue)
answeredQuestion := graphmodels.NewAccessPackageTextInputQuestion()
id := "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
answeredQuestion.SetId(&id)
accessPackageAnswer1.SetAnsweredQuestion(answeredQuestion)
answers := []graphmodels.AccessPackageAnswerable {
accessPackageAnswer,
accessPackageAnswer1,
}
requestBody.SetAnswers(answers)
assignment := graphmodels.NewAccessPackageAssignment()
additionalData := map[string]interface{}{
"accessPackageId" : "977c7ff4-ef8f-4910-9d31-49048ddf3120",
}
assignment.SetAdditionalData(additionalData)
requestBody.SetAssignment(assignment)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentRequests, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentRequests().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setOdataType("#microsoft.graph.accessPackageAssignmentRequest");
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.UserAdd);
LinkedList<AccessPackageAnswer> answers = new LinkedList<AccessPackageAnswer>();
AccessPackageAnswerString accessPackageAnswer = new AccessPackageAnswerString();
accessPackageAnswer.setOdataType("#microsoft.graph.accessPackageAnswerString");
accessPackageAnswer.setDisplayValue("This is the answer to a multiple choice question");
accessPackageAnswer.setValue("MultipleChoiceAnswerValue");
AccessPackageMultipleChoiceQuestion answeredQuestion = new AccessPackageMultipleChoiceQuestion();
answeredQuestion.setOdataType("#microsoft.graph.accessPackageMultipleChoiceQuestion");
answeredQuestion.setId("8fe745e7-80b2-490d-bd22-4e708c77288c");
accessPackageAnswer.setAnsweredQuestion(answeredQuestion);
answers.add(accessPackageAnswer);
AccessPackageAnswerString accessPackageAnswer1 = new AccessPackageAnswerString();
accessPackageAnswer1.setOdataType("#microsoft.graph.accessPackageAnswerString");
accessPackageAnswer1.setValue("This is my answer to a text input question.");
accessPackageAnswer1.setDisplayValue("This is my answer.");
AccessPackageTextInputQuestion answeredQuestion1 = new AccessPackageTextInputQuestion();
answeredQuestion1.setOdataType("#microsoft.graph.accessPackageTextInputQuestion");
answeredQuestion1.setId("7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6");
accessPackageAnswer1.setAnsweredQuestion(answeredQuestion1);
answers.add(accessPackageAnswer1);
accessPackageAssignmentRequest.setAnswers(answers);
AccessPackageAssignment assignment = new AccessPackageAssignment();
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("accessPackageId", "977c7ff4-ef8f-4910-9d31-49048ddf3120");
assignment.setAdditionalData(additionalData);
accessPackageAssignmentRequest.setAssignment(assignment);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageAssignmentRequest;
use Microsoft\Graph\Generated\Models\AccessPackageRequestType;
use Microsoft\Graph\Generated\Models\AccessPackageAnswer;
use Microsoft\Graph\Generated\Models\AccessPackageAnswerString;
use Microsoft\Graph\Generated\Models\AccessPackageMultipleChoiceQuestion;
use Microsoft\Graph\Generated\Models\AccessPackageTextInputQuestion;
use Microsoft\Graph\Generated\Models\AccessPackageAssignment;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setOdataType('#microsoft.graph.accessPackageAssignmentRequest');
$requestBody->setRequestType(new AccessPackageRequestType('userAdd'));
$answersAccessPackageAnswer1 = new AccessPackageAnswerString();
$answersAccessPackageAnswer1->setOdataType('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer1->setDisplayValue('This is the answer to a multiple choice question');
$answersAccessPackageAnswer1->setValue('MultipleChoiceAnswerValue');
$answersAccessPackageAnswer1AnsweredQuestion = new AccessPackageMultipleChoiceQuestion();
$answersAccessPackageAnswer1AnsweredQuestion->setOdataType('#microsoft.graph.accessPackageMultipleChoiceQuestion');
$answersAccessPackageAnswer1AnsweredQuestion->setId('8fe745e7-80b2-490d-bd22-4e708c77288c');
$answersAccessPackageAnswer1->setAnsweredQuestion($answersAccessPackageAnswer1AnsweredQuestion);
$answersArray []= $answersAccessPackageAnswer1;
$answersAccessPackageAnswer2 = new AccessPackageAnswerString();
$answersAccessPackageAnswer2->setOdataType('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer2->setValue('This is my answer to a text input question.');
$answersAccessPackageAnswer2->setDisplayValue('This is my answer.');
$answersAccessPackageAnswer2AnsweredQuestion = new AccessPackageTextInputQuestion();
$answersAccessPackageAnswer2AnsweredQuestion->setOdataType('#microsoft.graph.accessPackageTextInputQuestion');
$answersAccessPackageAnswer2AnsweredQuestion->setId('7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6');
$answersAccessPackageAnswer2->setAnsweredQuestion($answersAccessPackageAnswer2AnsweredQuestion);
$answersArray []= $answersAccessPackageAnswer2;
$requestBody->setAnswers($answersArray);
$assignment = new AccessPackageAssignment();
$additionalData = [
'accessPackageId' => '977c7ff4-ef8f-4910-9d31-49048ddf3120',
];
$assignment->setAdditionalData($additionalData);
$requestBody->setAssignment($assignment);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody)->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
from msgraph.generated.models.access_package_answer import AccessPackageAnswer
from msgraph.generated.models.access_package_answer_string import AccessPackageAnswerString
from msgraph.generated.models.access_package_multiple_choice_question import AccessPackageMultipleChoiceQuestion
from msgraph.generated.models.access_package_text_input_question import AccessPackageTextInputQuestion
from msgraph.generated.models.access_package_assignment import AccessPackageAssignment
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
odata_type = "#microsoft.graph.accessPackageAssignmentRequest",
request_type = AccessPackageRequestType.UserAdd,
answers = [
AccessPackageAnswerString(
odata_type = "#microsoft.graph.accessPackageAnswerString",
display_value = "This is the answer to a multiple choice question",
value = "MultipleChoiceAnswerValue",
answered_question = AccessPackageMultipleChoiceQuestion(
odata_type = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
id = "8fe745e7-80b2-490d-bd22-4e708c77288c",
),
),
AccessPackageAnswerString(
odata_type = "#microsoft.graph.accessPackageAnswerString",
value = "This is my answer to a text input question.",
display_value = "This is my answer.",
answered_question = AccessPackageTextInputQuestion(
odata_type = "#microsoft.graph.accessPackageTextInputQuestion",
id = "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6",
),
),
],
assignment = AccessPackageAssignment(
additional_data = {
"access_package_id" : "977c7ff4-ef8f-4910-9d31-49048ddf3120",
}
),
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests
Content-type: application/json
{
"requestType": "UserAdd",
"accessPackageAssignment": {
"accessPackageId": "a914b616-e04e-476b-aa37-91038f0b165b"
},
"justification":"Need access to New Hire access package"
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
using Microsoft.Kiota.Abstractions.Serialization;
var requestBody = new AccessPackageAssignmentRequest
{
RequestType = AccessPackageRequestType.UserAdd,
AdditionalData = new Dictionary<string, object>
{
{
"accessPackageAssignment" , new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"accessPackageId", new UntypedString("a914b616-e04e-476b-aa37-91038f0b165b")
},
})
},
{
"justification" , "Need access to New Hire access package"
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentRequest()
requestType := graphmodels.USERADD_ACCESSPACKAGEREQUESTTYPE
requestBody.SetRequestType(&requestType)
additionalData := map[string]interface{}{
accessPackageAssignment := graph.New()
accessPackageId := "a914b616-e04e-476b-aa37-91038f0b165b"
accessPackageAssignment.SetAccessPackageId(&accessPackageId)
requestBody.SetAccessPackageAssignment(accessPackageAssignment)
"justification" : "Need access to New Hire access package",
}
requestBody.SetAdditionalData(additionalData)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentRequests, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentRequests().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.UserAdd);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
accessPackageAssignment = new ();
accessPackageAssignment.setAccessPackageId("a914b616-e04e-476b-aa37-91038f0b165b");
additionalData.put("accessPackageAssignment", accessPackageAssignment);
additionalData.put("justification", "Need access to New Hire access package");
accessPackageAssignmentRequest.setAdditionalData(additionalData);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
request_type = AccessPackageRequestType.UserAdd,
additional_data = {
"access_package_assignment" : {
"access_package_id" : "a914b616-e04e-476b-aa37-91038f0b165b",
},
"justification" : "Need access to New Hire access package",
}
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)
Example 5: Admin requests a direct assignment for a user not yet in the directory
Request
The following example shows a request for a direct assignment, in which the administrator requests the creation of an assignment for a user who doesn't exist in the directory. The value of the accessPackageId is the desired access package for that user, and the value of assignmentPolicyId is a direct assignment policy in that access package.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
using Microsoft.Kiota.Abstractions.Serialization;
var requestBody = new AccessPackageAssignmentRequest
{
RequestType = AccessPackageRequestType.AdminAdd,
AdditionalData = new Dictionary<string, object>
{
{
"accessPackageAssignment" , new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"target", new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"email", new UntypedString("user@contoso.com")
},
})
},
{
"assignmentPolicyId", new UntypedString("2264bf65-76ba-417b-a27d-54d291f0cbc8")
},
{
"accessPackageId", new UntypedString("a914b616-e04e-476b-aa37-91038f0b165b")
},
})
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.AdminAdd);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
accessPackageAssignment = new ();
target = new ();
target.setEmail("user@contoso.com");
accessPackageAssignment.setTarget(target);
accessPackageAssignment.setAssignmentPolicyId("2264bf65-76ba-417b-a27d-54d291f0cbc8");
accessPackageAssignment.setAccessPackageId("a914b616-e04e-476b-aa37-91038f0b165b");
additionalData.put("accessPackageAssignment", accessPackageAssignment);
accessPackageAssignmentRequest.setAdditionalData(additionalData);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
request_type = AccessPackageRequestType.AdminAdd,
additional_data = {
"access_package_assignment" : {
"target" : {
"email" : "user@contoso.com",
},
"assignment_policy_id" : "2264bf65-76ba-417b-a27d-54d291f0cbc8",
"access_package_id" : "a914b616-e04e-476b-aa37-91038f0b165b",
},
}
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)
Example 6: Request an update to answers for an assignment
The following example shows how an admin can request updates to an assignment to edit their responses to questions that were answered during the request for the assignment.
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests
Content-type: application/json
{
"@odata.type": "#microsoft.graph.accessPackageAssignmentRequest",
"id": "7a6ab703-0780-4b37-8445-81f679b2d75c",
"requestType": "adminUpdate",
"answers": [
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "UpdatedAnswerValue",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"id": "8fe745e7-80b2-490d-bd22-4e708c77288c"
}
},
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "My updated answer.",
"displayValue": "This is my updated answer to the question.",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"id": "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
}
}
],
"assignment": {
"id": "44c741c1-2cf4-40db-83b6-e0112f8e5a83"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AccessPackageAssignmentRequest
{
OdataType = "#microsoft.graph.accessPackageAssignmentRequest",
Id = "7a6ab703-0780-4b37-8445-81f679b2d75c",
RequestType = AccessPackageRequestType.AdminUpdate,
Answers = new List<AccessPackageAnswer>
{
new AccessPackageAnswerString
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
Value = "UpdatedAnswerValue",
AnsweredQuestion = new AccessPackageMultipleChoiceQuestion
{
OdataType = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
Id = "8fe745e7-80b2-490d-bd22-4e708c77288c",
},
},
new AccessPackageAnswerString
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
Value = "My updated answer.",
DisplayValue = "This is my updated answer to the question.",
AnsweredQuestion = new AccessPackageTextInputQuestion
{
OdataType = "#microsoft.graph.accessPackageTextInputQuestion",
Id = "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6",
},
},
},
Assignment = new AccessPackageAssignment
{
Id = "44c741c1-2cf4-40db-83b6-e0112f8e5a83",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAccessPackageAssignmentRequest()
id := "7a6ab703-0780-4b37-8445-81f679b2d75c"
requestBody.SetId(&id)
requestType := graphmodels.ADMINUPDATE_ACCESSPACKAGEREQUESTTYPE
requestBody.SetRequestType(&requestType)
accessPackageAnswer := graphmodels.NewAccessPackageAnswerString()
value := "UpdatedAnswerValue"
accessPackageAnswer.SetValue(&value)
answeredQuestion := graphmodels.NewAccessPackageMultipleChoiceQuestion()
id := "8fe745e7-80b2-490d-bd22-4e708c77288c"
answeredQuestion.SetId(&id)
accessPackageAnswer.SetAnsweredQuestion(answeredQuestion)
accessPackageAnswer1 := graphmodels.NewAccessPackageAnswerString()
value := "My updated answer."
accessPackageAnswer1.SetValue(&value)
displayValue := "This is my updated answer to the question."
accessPackageAnswer1.SetDisplayValue(&displayValue)
answeredQuestion := graphmodels.NewAccessPackageTextInputQuestion()
id := "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
answeredQuestion.SetId(&id)
accessPackageAnswer1.SetAnsweredQuestion(answeredQuestion)
answers := []graphmodels.AccessPackageAnswerable {
accessPackageAnswer,
accessPackageAnswer1,
}
requestBody.SetAnswers(answers)
assignment := graphmodels.NewAccessPackageAssignment()
id := "44c741c1-2cf4-40db-83b6-e0112f8e5a83"
assignment.SetId(&id)
requestBody.SetAssignment(assignment)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentRequests, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentRequests().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setOdataType("#microsoft.graph.accessPackageAssignmentRequest");
accessPackageAssignmentRequest.setId("7a6ab703-0780-4b37-8445-81f679b2d75c");
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.AdminUpdate);
LinkedList<AccessPackageAnswer> answers = new LinkedList<AccessPackageAnswer>();
AccessPackageAnswerString accessPackageAnswer = new AccessPackageAnswerString();
accessPackageAnswer.setOdataType("#microsoft.graph.accessPackageAnswerString");
accessPackageAnswer.setValue("UpdatedAnswerValue");
AccessPackageMultipleChoiceQuestion answeredQuestion = new AccessPackageMultipleChoiceQuestion();
answeredQuestion.setOdataType("#microsoft.graph.accessPackageMultipleChoiceQuestion");
answeredQuestion.setId("8fe745e7-80b2-490d-bd22-4e708c77288c");
accessPackageAnswer.setAnsweredQuestion(answeredQuestion);
answers.add(accessPackageAnswer);
AccessPackageAnswerString accessPackageAnswer1 = new AccessPackageAnswerString();
accessPackageAnswer1.setOdataType("#microsoft.graph.accessPackageAnswerString");
accessPackageAnswer1.setValue("My updated answer.");
accessPackageAnswer1.setDisplayValue("This is my updated answer to the question.");
AccessPackageTextInputQuestion answeredQuestion1 = new AccessPackageTextInputQuestion();
answeredQuestion1.setOdataType("#microsoft.graph.accessPackageTextInputQuestion");
answeredQuestion1.setId("7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6");
accessPackageAnswer1.setAnsweredQuestion(answeredQuestion1);
answers.add(accessPackageAnswer1);
accessPackageAssignmentRequest.setAnswers(answers);
AccessPackageAssignment assignment = new AccessPackageAssignment();
assignment.setId("44c741c1-2cf4-40db-83b6-e0112f8e5a83");
accessPackageAssignmentRequest.setAssignment(assignment);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageAssignmentRequest;
use Microsoft\Graph\Generated\Models\AccessPackageRequestType;
use Microsoft\Graph\Generated\Models\AccessPackageAnswer;
use Microsoft\Graph\Generated\Models\AccessPackageAnswerString;
use Microsoft\Graph\Generated\Models\AccessPackageMultipleChoiceQuestion;
use Microsoft\Graph\Generated\Models\AccessPackageTextInputQuestion;
use Microsoft\Graph\Generated\Models\AccessPackageAssignment;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setOdataType('#microsoft.graph.accessPackageAssignmentRequest');
$requestBody->setId('7a6ab703-0780-4b37-8445-81f679b2d75c');
$requestBody->setRequestType(new AccessPackageRequestType('adminUpdate'));
$answersAccessPackageAnswer1 = new AccessPackageAnswerString();
$answersAccessPackageAnswer1->setOdataType('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer1->setValue('UpdatedAnswerValue');
$answersAccessPackageAnswer1AnsweredQuestion = new AccessPackageMultipleChoiceQuestion();
$answersAccessPackageAnswer1AnsweredQuestion->setOdataType('#microsoft.graph.accessPackageMultipleChoiceQuestion');
$answersAccessPackageAnswer1AnsweredQuestion->setId('8fe745e7-80b2-490d-bd22-4e708c77288c');
$answersAccessPackageAnswer1->setAnsweredQuestion($answersAccessPackageAnswer1AnsweredQuestion);
$answersArray []= $answersAccessPackageAnswer1;
$answersAccessPackageAnswer2 = new AccessPackageAnswerString();
$answersAccessPackageAnswer2->setOdataType('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer2->setValue('My updated answer.');
$answersAccessPackageAnswer2->setDisplayValue('This is my updated answer to the question.');
$answersAccessPackageAnswer2AnsweredQuestion = new AccessPackageTextInputQuestion();
$answersAccessPackageAnswer2AnsweredQuestion->setOdataType('#microsoft.graph.accessPackageTextInputQuestion');
$answersAccessPackageAnswer2AnsweredQuestion->setId('7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6');
$answersAccessPackageAnswer2->setAnsweredQuestion($answersAccessPackageAnswer2AnsweredQuestion);
$answersArray []= $answersAccessPackageAnswer2;
$requestBody->setAnswers($answersArray);
$assignment = new AccessPackageAssignment();
$assignment->setId('44c741c1-2cf4-40db-83b6-e0112f8e5a83');
$requestBody->setAssignment($assignment);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody)->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
from msgraph.generated.models.access_package_answer import AccessPackageAnswer
from msgraph.generated.models.access_package_answer_string import AccessPackageAnswerString
from msgraph.generated.models.access_package_multiple_choice_question import AccessPackageMultipleChoiceQuestion
from msgraph.generated.models.access_package_text_input_question import AccessPackageTextInputQuestion
from msgraph.generated.models.access_package_assignment import AccessPackageAssignment
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
odata_type = "#microsoft.graph.accessPackageAssignmentRequest",
id = "7a6ab703-0780-4b37-8445-81f679b2d75c",
request_type = AccessPackageRequestType.AdminUpdate,
answers = [
AccessPackageAnswerString(
odata_type = "#microsoft.graph.accessPackageAnswerString",
value = "UpdatedAnswerValue",
answered_question = AccessPackageMultipleChoiceQuestion(
odata_type = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
id = "8fe745e7-80b2-490d-bd22-4e708c77288c",
),
),
AccessPackageAnswerString(
odata_type = "#microsoft.graph.accessPackageAnswerString",
value = "My updated answer.",
display_value = "This is my updated answer to the question.",
answered_question = AccessPackageTextInputQuestion(
odata_type = "#microsoft.graph.accessPackageTextInputQuestion",
id = "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6",
),
),
],
assignment = AccessPackageAssignment(
id = "44c741c1-2cf4-40db-83b6-e0112f8e5a83",
),
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AccessPackageAssignmentRequest
{
OdataType = "#microsoft.graph.accessPackageAssignmentRequest",
RequestType = AccessPackageRequestType.AdminUpdate,
Schedule = new EntitlementManagementSchedule
{
StartDateTime = DateTimeOffset.Parse("2023-05-23T20:04:02.39Z"),
Recurrence = null,
Expiration = new ExpirationPattern
{
EndDateTime = DateTimeOffset.Parse("2024-07-01T00:00:00.00Z"),
Duration = null,
Type = ExpirationPatternType.AfterDateTime,
},
},
Assignment = new AccessPackageAssignment
{
Id = "329f8dac-8062-4c1b-a9b8-39b7132f9bff",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AccessPackageAssignmentRequest accessPackageAssignmentRequest = new AccessPackageAssignmentRequest();
accessPackageAssignmentRequest.setOdataType("#microsoft.graph.accessPackageAssignmentRequest");
accessPackageAssignmentRequest.setRequestType(AccessPackageRequestType.AdminUpdate);
EntitlementManagementSchedule schedule = new EntitlementManagementSchedule();
OffsetDateTime startDateTime = OffsetDateTime.parse("2023-05-23T20:04:02.39Z");
schedule.setStartDateTime(startDateTime);
schedule.setRecurrence(null);
ExpirationPattern expiration = new ExpirationPattern();
OffsetDateTime endDateTime = OffsetDateTime.parse("2024-07-01T00:00:00.00Z");
expiration.setEndDateTime(endDateTime);
expiration.setDuration(null);
expiration.setType(ExpirationPatternType.AfterDateTime);
schedule.setExpiration(expiration);
accessPackageAssignmentRequest.setSchedule(schedule);
AccessPackageAssignment assignment = new AccessPackageAssignment();
assignment.setId("329f8dac-8062-4c1b-a9b8-39b7132f9bff");
accessPackageAssignmentRequest.setAssignment(assignment);
AccessPackageAssignmentRequest result = graphClient.identityGovernance().entitlementManagement().assignmentRequests().post(accessPackageAssignmentRequest);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageAssignmentRequest;
use Microsoft\Graph\Generated\Models\AccessPackageRequestType;
use Microsoft\Graph\Generated\Models\EntitlementManagementSchedule;
use Microsoft\Graph\Generated\Models\ExpirationPattern;
use Microsoft\Graph\Generated\Models\ExpirationPatternType;
use Microsoft\Graph\Generated\Models\AccessPackageAssignment;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setOdataType('#microsoft.graph.accessPackageAssignmentRequest');
$requestBody->setRequestType(new AccessPackageRequestType('adminUpdate'));
$schedule = new EntitlementManagementSchedule();
$schedule->setStartDateTime(new \DateTime('2023-05-23T20:04:02.39Z'));
$schedule->setRecurrence(null);
$scheduleExpiration = new ExpirationPattern();
$scheduleExpiration->setEndDateTime(new \DateTime('2024-07-01T00:00:00.00Z'));
$scheduleExpiration->setDuration(null);
$scheduleExpiration->setType(new ExpirationPatternType('afterDateTime'));
$schedule->setExpiration($scheduleExpiration);
$requestBody->setSchedule($schedule);
$assignment = new AccessPackageAssignment();
$assignment->setId('329f8dac-8062-4c1b-a9b8-39b7132f9bff');
$requestBody->setAssignment($assignment);
$result = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody)->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_assignment_request import AccessPackageAssignmentRequest
from msgraph.generated.models.access_package_request_type import AccessPackageRequestType
from msgraph.generated.models.entitlement_management_schedule import EntitlementManagementSchedule
from msgraph.generated.models.expiration_pattern import ExpirationPattern
from msgraph.generated.models.expiration_pattern_type import ExpirationPatternType
from msgraph.generated.models.access_package_assignment import AccessPackageAssignment
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AccessPackageAssignmentRequest(
odata_type = "#microsoft.graph.accessPackageAssignmentRequest",
request_type = AccessPackageRequestType.AdminUpdate,
schedule = EntitlementManagementSchedule(
start_date_time = "2023-05-23T20:04:02.39Z",
recurrence = None,
expiration = ExpirationPattern(
end_date_time = "2024-07-01T00:00:00.00Z",
duration = None,
type = ExpirationPatternType.AfterDateTime,
),
),
assignment = AccessPackageAssignment(
id = "329f8dac-8062-4c1b-a9b8-39b7132f9bff",
),
)
result = await graph_client.identity_governance.entitlement_management.assignment_requests.post(request_body)