For an administrator to request to create an assignment for a user, the value of the requestType property is adminAdd, and the assignment property contains the targetId of the user being assigned, the assignmentPolicyId property identifying the accessPackageAssignmentPolicy, and the accessPackageId property identifying the accessPackage.
For an administrator to request to update an assignment (for example to extend the assignment or update answers to questions), the value of the requestType property is adminUpdate, and the assignment property contains the id property identifying the accessPackageAssignment being updated.
For an administrator to request to remove an assignment, the value of the requestType property is adminRemove, and the assignment property contains the id property identifying the accessPackageAssignment being removed.
For a non-administrator user to request to create their own assignment for either a first assignment or renew assignment, the value of the requestType property is userAdd. The assignment property contains an object with the targetId with the id of the user. The assignmentPolicyId property identifies the accessPackageAssignmentPolicy. The accessPackageId property identifies the accessPackage. The user making the request must already exist in the directory.
For a non-administrator user to request to update their own assignments, the value of the requestType property is userUpdate. The assignment property contains the targetId with the id of the users. The assignmentPolicyId property identifies the accessPackageAssignmentPolicy. The accessPackageId property identifies the accessPackage. The user making the request must already exist in the directory.
Response
If successful, this method returns a 200-series response code and a new accessPackageAssignmentRequest object in the response body.
Example 1: Admin requests a direct assignment for a user already in the directory
Request
The following is an example of the request for a direct assignment, in which the administrator is requesting the creation of an assignment for the user. Because the accessPackageSubject might not yet exist, the value of the targetID is the object ID of the user being assigned, the value of the accessPackageId is the desired access package for that user, and the value of assignmentPolicyId is a direct assignment policy in that access package.
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setRequestType(new AccessPackageRequestType('adminadd'));
$assignment = new AccessPackageAssignment();
$additionalData = [
'targetId' => '46184453-e63b-4f20-86c2-c557ed5d5df9',
'assignmentPolicyId' => '2264bf65-76ba-417b-a27d-54d291f0cbc8',
'accessPackageId' => 'a914b616-e04e-476b-aa37-91038f0b165b',
];
$assignment->setAdditionalData($additionalData);
$requestBody->setAssignment($assignment);
$requestResult = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody);
var graphClient = new GraphServiceClient(requestAdapter);
var requestBody = new AccessPackageAssignmentRequest
{
RequestType = AccessPackageRequestType.AdminRemove,
Assignment = new AccessPackageAssignment
{
Id = "a6bb6942-3ae1-4259-9908-0133aaee9377",
},
};
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setRequestType(new AccessPackageRequestType('adminremove'));
$assignment = new AccessPackageAssignment();
$assignment->setId('a6bb6942-3ae1-4259-9908-0133aaee9377');
$requestBody->setAssignment($assignment);
$requestResult = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody);
var graphClient = new GraphServiceClient(requestAdapter);
var requestBody = new AccessPackageAssignmentRequest
{
RequestType = AccessPackageRequestType.UserAdd,
Assignment = new AccessPackageAssignment
{
AdditionalData = new Dictionary<string, object>
{
{
"accessPackageId" , "d7be3253-b9c6-4fab-adef-30d30de8da2b"
},
},
},
};
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->setRequestType(new AccessPackageRequestType('useradd'));
$assignment = new AccessPackageAssignment();
$additionalData = [
'accessPackageId' => 'd7be3253-b9c6-4fab-adef-30d30de8da2b',
];
$assignment->setAdditionalData($additionalData);
$requestBody->setAssignment($assignment);
$requestResult = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody);
Example 4: Request an assignment by providing answers to questions
The following example shows how a user can request an access package assignment for themselves by answering questions required by the policy while making the request.
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests
Content-type: application/json
{
"@odata.type": "#microsoft.graph.accessPackageAssignmentRequest",
"requestType": "userAdd",
"answers": [
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"displayValue": "This is the answer to a multiple choice question",
"value": "MultipleChoiceAnswerValue",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"id": "8fe745e7-80b2-490d-bd22-4e708c77288c"
}
},
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "This is my answer to a text input question.",
"displayValue": "This is my answer.",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"id": "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
}
}
],
"assignment": {
"accessPackageId": "977c7ff4-ef8f-4910-9d31-49048ddf3120"
}
}
var graphClient = new GraphServiceClient(requestAdapter);
var requestBody = new AccessPackageAssignmentRequest
{
OdataType = "#microsoft.graph.accessPackageAssignmentRequest",
RequestType = AccessPackageRequestType.UserAdd,
Answers = new List<AccessPackageAnswer>
{
new AccessPackageAnswer
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
DisplayValue = "This is the answer to a multiple choice question",
AnsweredQuestion = new AccessPackageQuestion
{
OdataType = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
Id = "8fe745e7-80b2-490d-bd22-4e708c77288c",
},
AdditionalData = new Dictionary<string, object>
{
{
"value" , "MultipleChoiceAnswerValue"
},
},
},
new AccessPackageAnswer
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
DisplayValue = "This is my answer.",
AnsweredQuestion = new AccessPackageQuestion
{
OdataType = "#microsoft.graph.accessPackageTextInputQuestion",
Id = "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6",
},
AdditionalData = new Dictionary<string, object>
{
{
"value" , "This is my answer to a text input question."
},
},
},
},
Assignment = new AccessPackageAssignment
{
AdditionalData = new Dictionary<string, object>
{
{
"accessPackageId" , "977c7ff4-ef8f-4910-9d31-49048ddf3120"
},
},
},
};
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->set@odatatype('#microsoft.graph.accessPackageAssignmentRequest');
$requestBody->setRequestType(new AccessPackageRequestType('useradd'));
$answersAccessPackageAnswer1 = new AccessPackageAnswer();
$answersAccessPackageAnswer1->set@odatatype('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer1->setDisplayValue('This is the answer to a multiple choice question');
$answersAccessPackageAnswer1AnsweredQuestion = new AccessPackageQuestion();
$answersAccessPackageAnswer1AnsweredQuestion->set@odatatype('#microsoft.graph.accessPackageMultipleChoiceQuestion');
$answersAccessPackageAnswer1AnsweredQuestion->setId('8fe745e7-80b2-490d-bd22-4e708c77288c');
$answersAccessPackageAnswer1->setAnsweredQuestion($answersAccessPackageAnswer1AnsweredQuestion);
$additionalData = [
'value' => 'MultipleChoiceAnswerValue',
];
$answersAccessPackageAnswer1->setAdditionalData($additionalData);
$answersArray []= $answersAccessPackageAnswer1;
$answersAccessPackageAnswer2 = new AccessPackageAnswer();
$answersAccessPackageAnswer2->set@odatatype('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer2->setDisplayValue('This is my answer.');
$answersAccessPackageAnswer2AnsweredQuestion = new AccessPackageQuestion();
$answersAccessPackageAnswer2AnsweredQuestion->set@odatatype('#microsoft.graph.accessPackageTextInputQuestion');
$answersAccessPackageAnswer2AnsweredQuestion->setId('7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6');
$answersAccessPackageAnswer2->setAnsweredQuestion($answersAccessPackageAnswer2AnsweredQuestion);
$additionalData = [
'value' => 'This is my answer to a text input question.',
];
$answersAccessPackageAnswer2->setAdditionalData($additionalData);
$answersArray []= $answersAccessPackageAnswer2;
$requestBody->setAnswers($answersArray);
$assignment = new AccessPackageAssignment();
$additionalData = [
'accessPackageId' => '977c7ff4-ef8f-4910-9d31-49048ddf3120',
];
$assignment->setAdditionalData($additionalData);
$requestBody->setAssignment($assignment);
$requestResult = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody);
Note: The response object shown here might be shortened for readability. All the properties will be returned from an actual call.
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#accessPackageAssignmentRequests/$entity",
"id": "7a6ab703-0780-4b37-8445-81f679b2d75c",
"requestType": "userAdd",
"state": "submitted",
"status": "Accepted",
"createdDateTime": null,
"completedDateTime": null,
"schedule": {
"startDateTime": null,
"recurrence": null,
"expiration": {
"endDateTime": null,
"duration": null,
"type": "notSpecified"
}
},
"answers": [
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "MultipleChoiceAnswerValue",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"id": "8fe745e7-80b2-490d-bd22-4e708c77288c"
},
"displayValue": "This is the answer to a multiple choice question"
},
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "This is my answer to a text input question.",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"id": "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
},
"displayValue": "This is my answer."
}
]
}
Example 5: Request an update to answers for an assignment
The following example shows how an admin can request updates to an assignment to edit their responses to questions that were answered while requesting the assignment.
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests
Content-type: application/json
{
"@odata.type": "#microsoft.graph.accessPackageAssignmentRequest",
"id": "7a6ab703-0780-4b37-8445-81f679b2d75c",
"requestType": "adminUpdate",
"answers": [
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "UpdatedAnswerValue",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
"id": "8fe745e7-80b2-490d-bd22-4e708c77288c"
}
},
{
"@odata.type": "#microsoft.graph.accessPackageAnswerString",
"value": "My updated answer.",
"displayValue": "This is my updated answer to the question.",
"answeredQuestion": {
"@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
"id": "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6"
}
}
],
"assignment": {
"id": "44c741c1-2cf4-40db-83b6-e0112f8e5a83"
}
}
var graphClient = new GraphServiceClient(requestAdapter);
var requestBody = new AccessPackageAssignmentRequest
{
OdataType = "#microsoft.graph.accessPackageAssignmentRequest",
Id = "7a6ab703-0780-4b37-8445-81f679b2d75c",
RequestType = AccessPackageRequestType.AdminUpdate,
Answers = new List<AccessPackageAnswer>
{
new AccessPackageAnswer
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
AnsweredQuestion = new AccessPackageQuestion
{
OdataType = "#microsoft.graph.accessPackageMultipleChoiceQuestion",
Id = "8fe745e7-80b2-490d-bd22-4e708c77288c",
},
AdditionalData = new Dictionary<string, object>
{
{
"value" , "UpdatedAnswerValue"
},
},
},
new AccessPackageAnswer
{
OdataType = "#microsoft.graph.accessPackageAnswerString",
DisplayValue = "This is my updated answer to the question.",
AnsweredQuestion = new AccessPackageQuestion
{
OdataType = "#microsoft.graph.accessPackageTextInputQuestion",
Id = "7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6",
},
AdditionalData = new Dictionary<string, object>
{
{
"value" , "My updated answer."
},
},
},
},
Assignment = new AccessPackageAssignment
{
Id = "44c741c1-2cf4-40db-83b6-e0112f8e5a83",
},
};
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests.PostAsync(requestBody);
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new AccessPackageAssignmentRequest();
$requestBody->set@odatatype('#microsoft.graph.accessPackageAssignmentRequest');
$requestBody->setId('7a6ab703-0780-4b37-8445-81f679b2d75c');
$requestBody->setRequestType(new AccessPackageRequestType('adminupdate'));
$answersAccessPackageAnswer1 = new AccessPackageAnswer();
$answersAccessPackageAnswer1->set@odatatype('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer1AnsweredQuestion = new AccessPackageQuestion();
$answersAccessPackageAnswer1AnsweredQuestion->set@odatatype('#microsoft.graph.accessPackageMultipleChoiceQuestion');
$answersAccessPackageAnswer1AnsweredQuestion->setId('8fe745e7-80b2-490d-bd22-4e708c77288c');
$answersAccessPackageAnswer1->setAnsweredQuestion($answersAccessPackageAnswer1AnsweredQuestion);
$additionalData = [
'value' => 'UpdatedAnswerValue',
];
$answersAccessPackageAnswer1->setAdditionalData($additionalData);
$answersArray []= $answersAccessPackageAnswer1;
$answersAccessPackageAnswer2 = new AccessPackageAnswer();
$answersAccessPackageAnswer2->set@odatatype('#microsoft.graph.accessPackageAnswerString');
$answersAccessPackageAnswer2->setDisplayValue('This is my updated answer to the question.');
$answersAccessPackageAnswer2AnsweredQuestion = new AccessPackageQuestion();
$answersAccessPackageAnswer2AnsweredQuestion->set@odatatype('#microsoft.graph.accessPackageTextInputQuestion');
$answersAccessPackageAnswer2AnsweredQuestion->setId('7aaa18c9-8e4f-440f-bd5a-3a7ce312cbe6');
$answersAccessPackageAnswer2->setAnsweredQuestion($answersAccessPackageAnswer2AnsweredQuestion);
$additionalData = [
'value' => 'My updated answer.',
];
$answersAccessPackageAnswer2->setAdditionalData($additionalData);
$answersArray []= $answersAccessPackageAnswer2;
$requestBody->setAnswers($answersArray);
$assignment = new AccessPackageAssignment();
$assignment->setId('44c741c1-2cf4-40db-83b6-e0112f8e5a83');
$requestBody->setAssignment($assignment);
$requestResult = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->post($requestBody);