privilegedOperationEvent resource type (deprecated)
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Caution
This version of the Privileged Identity Management (PIM) API for Azure Active Directory (Azure AD) roles is deprecated and stopped returning data on May 31, 2021. Use the new PIM v3 API for managing Azure AD roles or learn how to migrate.
Represents an audit event that is generated by Privileged Identity Management for the role operations, such as an administrator manages privileged roles, a user activates his role, and a user deactivates his role.
Methods
| Method | Return Type | Description |
|---|---|---|
| List privilegedOperationEvent | privilegedOperationEvent collection. | Get collection of privilegedOperationEvent objects. |
Properties
| Property | Type | Description |
|---|---|---|
| additionalInformation | string | Detailed human readable information for the event. |
| creationDateTime | DateTimeOffset | Indicates the time when the event is created. |
| expirationDateTime | DateTimeOffset | This is only used when the requestType is Activate, and it indicates the expiration time for the role activation. |
| id | string | The unique identifier for privilegedOperationEvent. Read-only. |
| referenceKey | string | Incident/Request ticket number during role activation. The value is presented only if the ticket number is provided during role activation. |
| referenceSystem | string | Incident/Request ticketing system provided during tole activation. The value is presented only if the ticket system is provided during role activation. |
| requestType | String | The request operation type. The requestType value can be: Assign (role assignment), Activate (role activation), Unassign (remove role assignment), Deactivate (role deactivation), ScanAlertsNow (scan security alerts), DismissAlert (dismiss security alert), FixAlertItem (fix a security alert issue), AccessReview_Review (review an Access Review), AccessReview_Create (create an Access Review) , AccessReview_Update (update an Access Review), AccessReview_Delete (delete an Access Review). |
| requestorId | string | The user id of the requestor who initiates the operation. |
| requestorName | string | The user name of the requestor who initiates the operation. |
| roleId | string | The id of the role that is associated with the operation. |
| roleName | string | The name of the role. |
| tenantId | string | The tenant (organization) id. |
| userId | string | The id of the user that is associated with the operation. |
| userMail | string | The user's email. |
| userName | string | The user's display name. |
Relationships
None
JSON representation
Here is a JSON representation of the resource.
{
"additionalInformation": "string",
"creationDateTime": "String (timestamp)",
"expirationDateTime": "String (timestamp)",
"id": "string (identifier)",
"requestType": "string",
"requestorId": "string",
"requestorName": "string",
"roleId": "string",
"roleName": "string",
"tenantId": "string",
"userId": "string",
"userMail": "string",
"userName": "string",
"referenceKey": "string",
"referenceSystem": "string"
}
Feedback
Submit and view feedback for