roleAssignment resource type

Namespace: microsoft.graph

Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.

The Role Assignment resource. Role assignments tie together a role definition with members and scopes. There can be one or more role assignments per role. This applies to custom and built-in roles.


Method Return Type Description
List roleAssignments roleAssignment collection List properties and relationships of the roleAssignment objects.
Get roleAssignment roleAssignment Read properties and relationships of the roleAssignment object.
Create roleAssignment roleAssignment Create a new roleAssignment object.
Delete roleAssignment None Deletes a roleAssignment.
Update roleAssignment roleAssignment Update the properties of a roleAssignment object.


Property Type Description
id String Key of the entity. This is read-only and automatically generated.
displayName String The display or friendly name of the role Assignment.
description String Description of the Role Assignment.
resourceScopes String collection List of ids of role scope member security groups. These are IDs from Azure Active Directory.


Relationship Type Description
roleDefinition roleDefinition Role definition this assignment is part of.

JSON Representation

Here is a JSON representation of the resource.

  "@odata.type": "#microsoft.graph.roleAssignment",
  "id": "String (identifier)",
  "displayName": "String",
  "description": "String",
  "resourceScopes": [