Create permission
Article
08/23/2022
2 minutes to read
5 contributors
Feedback
In this article
Namespace: microsoft.graph
Create a new permission object on a site.
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions .
Permission type
Permissions (from least to most privileged)
Delegated (work or school account)
Not supported.
Delegated (personal Microsoft account)
Not supported.
Application
Sites.FullControl.All
HTTP request
POST /sites/{sitesId}/permissions
Name
Description
Authorization
Bearer {token}. Required.
Content-Type
application/json. Required.
Request body
In the request body, supply a JSON representation of the permission object.
Response
If successful, this method returns a 201 Created response code and a permission object in the response body.
Examples
Request
POST https://graph.microsoft.com/v1.0/sites/{sitesId}/permissions
Content-Type: application/json
{
"roles": ["write"],
"grantedToIdentities": [{
"application": {
"id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
"displayName": "Contoso Time Manager App"
}
}]
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var permission = new Permission
{
Roles = new List<String>()
{
"write"
},
GrantedToIdentities = new List<IdentitySet>()
{
new IdentitySet
{
Application = new Identity
{
Id = "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
DisplayName = "Contoso Time Manager App"
}
}
}
};
await graphClient.Sites["{site-id}"].Permissions
.Request()
.AddAsync(permission);
For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation .
const options = {
authProvider,
};
const client = Client.init(options);
const permission = {
roles: ['write'],
grantedToIdentities: [{
application: {
id: '89ea5c94-7736-4e25-95ad-3fa95f62b66e',
displayName: 'Contoso Time Manager App'
}
}]
};
await client.api('/sites/{sitesId}/permissions')
.post(permission);
For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation .
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
Permission permission = new Permission();
LinkedList<String> rolesList = new LinkedList<String>();
rolesList.add("write");
permission.roles = rolesList;
LinkedList<IdentitySet> grantedToIdentitiesList = new LinkedList<IdentitySet>();
IdentitySet grantedToIdentities = new IdentitySet();
Identity application = new Identity();
application.id = "89ea5c94-7736-4e25-95ad-3fa95f62b66e";
application.displayName = "Contoso Time Manager App";
grantedToIdentities.application = application;
grantedToIdentitiesList.add(grantedToIdentities);
permission.grantedToIdentities = grantedToIdentitiesList;
graphClient.sites("{sitesId}").permissions()
.buildRequest()
.post(permission);
For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation .
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := graphmodels.NewPermission()
roles := []string {
"write",
}
requestBody.SetRoles(roles)
identitySet := graphmodels.NewIdentitySet()
application := graphmodels.NewIdentity()
id := "89ea5c94-7736-4e25-95ad-3fa95f62b66e"
application.SetId(&id)
displayName := "Contoso Time Manager App"
application.SetDisplayName(&displayName)
identitySet.SetApplication(application)
grantedToIdentities := []graphmodels.IdentitySetable {
identitySet,
}
requestBody.SetGrantedToIdentities(grantedToIdentities)
result, err := graphClient.SitesById("site-id").Permissions().Post(context.Background(), requestBody, nil)
For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation .
Import-Module Microsoft.Graph.Sites
$params = @{
Roles = @(
"write"
)
GrantedToIdentities = @(
@{
Application = @{
Id = "89ea5c94-7736-4e25-95ad-3fa95f62b66e"
DisplayName = "Contoso Time Manager App"
}
}
)
}
New-MgSitePermission -SiteId $siteId -BodyParameter $params
For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation .
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new Permission();
$requestBody->setRoles(['write', ]);
$grantedToIdentitiesIdentitySet1 = new IdentitySet();
$grantedToIdentitiesIdentitySet1Application = new Identity();
$grantedToIdentitiesIdentitySet1Application->setId('89ea5c94-7736-4e25-95ad-3fa95f62b66e');
$grantedToIdentitiesIdentitySet1Application->setDisplayName('Contoso Time Manager App');
$grantedToIdentitiesIdentitySet1->setApplication($grantedToIdentitiesIdentitySet1Application);
$grantedToIdentitiesArray []= $grantedToIdentitiesIdentitySet1;
$requestBody->setGrantedToIdentities($grantedToIdentitiesArray);
$requestResult = $graphServiceClient->sitesById('site-id')->permissions()->post($requestBody);
For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation .
Response
HTTP/1.1 201 Created
Content-Type: application/json
{
"id": "1",
"@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
"roles": ["write"],
"grantedToIdentities": [{
"application": {
"id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
"displayName": "Contoso Time Manager App"
}
}],
"grantedToIdentitiesV2": [{
"application": {
"id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
"displayName": "Contoso Time Manager App"
}
}]
}