GraphRestClient class
Base class that should be used (derived from) to make requests to VSS REST apis
- Extends
Constructors
| Graph |
Properties
| RESOURCE_AREA_ID |
Methods
| add |
Create a new membership between a container and subject. |
| check |
Check to see if a membership relationship between a container and subject exists. |
| create |
Create a new Azure DevOps group or materialize an existing AAD group. |
| create |
|
| create |
Materialize an existing AAD service principal into the ADO account. |
| create |
Materialize an existing AAD or MSA user into the ADO account. |
| delete |
|
| delete |
Removes an Azure DevOps group from all of its parent groups. |
| delete |
|
| delete |
Disables a service principal. |
| delete |
Disables a user. |
| get |
|
| get |
|
| get |
Resolve a storage key to a descriptor |
| get |
Acquires the full set of federated provider authentication data available for the given graph subject and provider name. |
| get |
Get a group by its descriptor. |
| get |
This endpoint returns a result for any member that has ever been valid in the system, even if the member has since been deleted or has had all their memberships deleted. The current validity of the member is indicated through its disabled property, which is omitted when false. |
| get |
Get a membership relationship between a container and subject. |
| get |
Check whether a subject is active or inactive. |
| get |
|
| get |
Get a scope identified by its descriptor |
| get |
Get a service principal by its descriptor. |
| get |
Resolve a descriptor to a storage key. |
| get |
Resolve a descriptor to a user, group or scope. |
| get |
Get a user by its descriptor. |
| list |
Get all the memberships where this descriptor is a member in the relationship. |
| lookup |
Gets all requested members in the current scope (usually organization or account). |
| lookup |
Traverse memberships of the given subject descriptors. |
| lookup |
Resolve descriptors to users, groups or scopes (Subjects) in a batch. |
| query |
Search for Azure Devops users, or/and groups. Results will be returned in a batch with no more than 100 graph subjects. |
| remove |
Deletes a membership between a container and subject. |
| request |
|
| resolve(Identity |
Batch-map a list of users to new users. |
| set |
|
| translate(string, string) | Identity Translation - Translate endpoint is supposed to be used by geneva action. |
| traverse |
Traverse memberships of the given subject descriptor. |
| update |
Update the properties of an Azure DevOps group. |
| update |
|
| update |
Map an existing service principal to a different service principal. |
| update |
Map an existing user to a different user. |
Constructor Details
GraphRestClient(IVssRestClientOptions)
Property Details
RESOURCE_AREA_ID
static RESOURCE_AREA_ID: stringProperty Value
string
Method Details
addMembership(string, string)
Create a new membership between a container and subject.
function addMembership(subjectDescriptor: string, containerDescriptor: string): Promise<GraphMembership>Parameters
- subjectDescriptor
-
string
A descriptor to a group or user that can be the child subject in the relationship.
- containerDescriptor
-
string
A descriptor to a group that can be the container in the relationship.
Returns
Promise<GraphMembership>
checkMembershipExistence(string, string)
Check to see if a membership relationship between a container and subject exists.
function checkMembershipExistence(subjectDescriptor: string, containerDescriptor: string): Promise<boolean>Parameters
- subjectDescriptor
-
string
The group or user that is a child subject of the relationship.
- containerDescriptor
-
string
The group that is the container in the relationship.
Returns
Promise<boolean>
createGroup(GraphGroupCreationContext, string, string[])
Create a new Azure DevOps group or materialize an existing AAD group.
function createGroup(creationContext: GraphGroupCreationContext, scopeDescriptor?: string, groupDescriptors?: string[]): Promise<GraphGroup>Parameters
- creationContext
- GraphGroupCreationContext
The subset of the full graph group used to uniquely find the graph subject in an external provider.
- scopeDescriptor
-
string
A descriptor referencing the scope (collection, project) in which the group should be created. If omitted, will be created in the scope of the enclosing account or organization. Valid only for VSTS groups.
- groupDescriptors
-
string[]
A comma separated list of descriptors referencing groups you want the graph group to join
Returns
Promise<GraphGroup>
createScope(GraphScopeCreationContext, string)
function createScope(creationContext: GraphScopeCreationContext, scopeDescriptor?: string): Promise<GraphScope>Parameters
- creationContext
- GraphScopeCreationContext
- scopeDescriptor
-
string
Returns
Promise<GraphScope>
createServicePrincipal(GraphServicePrincipalCreationContext, string[])
Materialize an existing AAD service principal into the ADO account.
function createServicePrincipal(creationContext: GraphServicePrincipalCreationContext, groupDescriptors?: string[]): Promise<GraphServicePrincipal>Parameters
- creationContext
- GraphServicePrincipalCreationContext
The subset of the full graph service principal used to uniquely find the graph subject in an external provider.
- groupDescriptors
-
string[]
A comma separated list of descriptors of groups you want the graph service principal to join
Returns
Promise<GraphServicePrincipal>
createUser(GraphUserCreationContext, string[])
Materialize an existing AAD or MSA user into the ADO account.
function createUser(creationContext: GraphUserCreationContext, groupDescriptors?: string[]): Promise<GraphUser>Parameters
- creationContext
- GraphUserCreationContext
The subset of the full graph user used to uniquely find the graph subject in an external provider.
- groupDescriptors
-
string[]
A comma separated list of descriptors of groups you want the graph user to join
Returns
Promise<GraphUser>
deleteAvatar(string)
function deleteAvatar(subjectDescriptor: string): Promise<void>Parameters
- subjectDescriptor
-
string
Returns
Promise<void>
deleteGroup(string)
Removes an Azure DevOps group from all of its parent groups.
function deleteGroup(groupDescriptor: string): Promise<void>Parameters
- groupDescriptor
-
string
The descriptor of the group to delete.
Returns
Promise<void>
deleteScope(string)
function deleteScope(scopeDescriptor: string): Promise<void>Parameters
- scopeDescriptor
-
string
Returns
Promise<void>
deleteServicePrincipal(string)
Disables a service principal.
function deleteServicePrincipal(servicePrincipalDescriptor: string): Promise<void>Parameters
- servicePrincipalDescriptor
-
string
The descriptor of the service principal to delete.
Returns
Promise<void>
deleteUser(string)
Disables a user.
function deleteUser(userDescriptor: string): Promise<void>Parameters
- userDescriptor
-
string
The descriptor of the user to delete.
Returns
Promise<void>
getAvatar(string, AvatarSize, string)
function getAvatar(subjectDescriptor: string, size?: AvatarSize, format?: string): Promise<Avatar>Parameters
- subjectDescriptor
-
string
- size
- AvatarSize
- format
-
string
Returns
Promise<Avatar>
getCachePolicies()
getDescriptor(string)
Resolve a storage key to a descriptor
function getDescriptor(storageKey: string): Promise<GraphDescriptorResult>Parameters
- storageKey
-
string
Storage key of the subject (user, group, scope, etc.) to resolve
Returns
Promise<GraphDescriptorResult>
getFederatedProviderData(string, string, number)
Acquires the full set of federated provider authentication data available for the given graph subject and provider name.
function getFederatedProviderData(subjectDescriptor: string, providerName: string, versionHint?: number): Promise<GraphFederatedProviderData>Parameters
- subjectDescriptor
-
string
the descriptor of the graph subject that we should acquire data for
- providerName
-
string
the name of the provider to acquire data for, e.g. "github.com"
- versionHint
-
number
a version hint that can be used for optimistic cache concurrency and to support retries on access token failures; note that this is a hint only and does not guarantee a particular version on the response
Returns
Promise<GraphFederatedProviderData>
getGroup(string)
Get a group by its descriptor.
function getGroup(groupDescriptor: string): Promise<GraphGroup>Parameters
- groupDescriptor
-
string
The descriptor of the desired graph group.
Returns
Promise<GraphGroup>
getMemberByDescriptor(string)
This endpoint returns a result for any member that has ever been valid in the system, even if the member has since been deleted or has had all their memberships deleted. The current validity of the member is indicated through its disabled property, which is omitted when false.
function getMemberByDescriptor(memberDescriptor: string): Promise<GraphMember>Parameters
- memberDescriptor
-
string
The descriptor of the desired member.
Returns
Promise<GraphMember>
getMembership(string, string)
Get a membership relationship between a container and subject.
function getMembership(subjectDescriptor: string, containerDescriptor: string): Promise<GraphMembership>Parameters
- subjectDescriptor
-
string
A descriptor to the child subject in the relationship.
- containerDescriptor
-
string
A descriptor to the container in the relationship.
Returns
Promise<GraphMembership>
getMembershipState(string)
Check whether a subject is active or inactive.
function getMembershipState(subjectDescriptor: string): Promise<GraphMembershipState>Parameters
- subjectDescriptor
-
string
Descriptor of the subject (user, group, scope, etc.) to check state of
Returns
Promise<GraphMembershipState>
getProviderInfo(string)
function getProviderInfo(userDescriptor: string): Promise<GraphProviderInfo>Parameters
- userDescriptor
-
string
Returns
Promise<GraphProviderInfo>
getScope(string)
Get a scope identified by its descriptor
function getScope(scopeDescriptor: string): Promise<GraphScope>Parameters
- scopeDescriptor
-
string
A descriptor that uniquely identifies a scope.
Returns
Promise<GraphScope>
getServicePrincipal(string)
Get a service principal by its descriptor.
function getServicePrincipal(servicePrincipalDescriptor: string): Promise<GraphServicePrincipal>Parameters
- servicePrincipalDescriptor
-
string
The descriptor of the desired service principal.
Returns
Promise<GraphServicePrincipal>
getStorageKey(string)
Resolve a descriptor to a storage key.
function getStorageKey(subjectDescriptor: string): Promise<GraphStorageKeyResult>Parameters
- subjectDescriptor
-
string
Returns
Promise<GraphStorageKeyResult>
getSubject(string)
Resolve a descriptor to a user, group or scope.
function getSubject(subjectDescriptor: string): Promise<GraphSubject>Parameters
- subjectDescriptor
-
string
The descriptor of the desired subject.
Returns
Promise<GraphSubject>
getUser(string)
Get a user by its descriptor.
function getUser(userDescriptor: string): Promise<GraphUser>Parameters
- userDescriptor
-
string
The descriptor of the desired user.
Returns
Promise<GraphUser>
listMemberships(string, GraphTraversalDirection, number)
Get all the memberships where this descriptor is a member in the relationship.
function listMemberships(subjectDescriptor: string, direction?: GraphTraversalDirection, depth?: number): Promise<GraphMembership[]>Parameters
- subjectDescriptor
-
string
Fetch all direct memberships of this descriptor.
- direction
- GraphTraversalDirection
Defaults to Up.
- depth
-
number
The maximum number of edges to traverse up or down the membership tree. Currently the only supported value is '1'.
Returns
Promise<GraphMembership[]>
lookupMembers(GraphSubjectLookup)
Gets all requested members in the current scope (usually organization or account).
function lookupMembers(memberLookup: GraphSubjectLookup): Promise<{[key: string]: Graph.GraphMember}>Parameters
- memberLookup
- GraphSubjectLookup
Returns
Promise<{[key: string]: GraphMember}>
lookupMembershipTraversals(GraphSubjectLookup, GraphTraversalDirection, number)
Traverse memberships of the given subject descriptors.
function lookupMembershipTraversals(membershipTraversalLookup: GraphSubjectLookup, direction?: GraphTraversalDirection, depth?: number): Promise<{[key: string]: Graph.GraphMembershipTraversal}>Parameters
- membershipTraversalLookup
- GraphSubjectLookup
Fetch the descendants/ancestors of the list of descriptors depending on direction.
- direction
- GraphTraversalDirection
The default value is Unknown.
- depth
-
number
The default value is '1'.
Returns
Promise<{[key: string]: GraphMembershipTraversal}>
lookupSubjects(GraphSubjectLookup)
Resolve descriptors to users, groups or scopes (Subjects) in a batch.
function lookupSubjects(subjectLookup: GraphSubjectLookup): Promise<{[key: string]: Graph.GraphSubject}>Parameters
- subjectLookup
- GraphSubjectLookup
A list of descriptors that specifies a subset of subjects to retrieve. Each descriptor uniquely identifies the subject across all instance scopes, but only at a single point in time.
Returns
Promise<{[key: string]: GraphSubject}>
querySubjects(GraphSubjectQuery)
Search for Azure Devops users, or/and groups. Results will be returned in a batch with no more than 100 graph subjects.
function querySubjects(subjectQuery: GraphSubjectQuery): Promise<GraphSubject[]>Parameters
- subjectQuery
- GraphSubjectQuery
The query that we'll be using to search includes the following: Query: the search term. The search will be prefix matching only. SubjectKind: "User" or "Group" can be specified, both or either ScopeDescriptor: Non-default scope can be specified, i.e. project scope descriptor
Returns
Promise<GraphSubject[]>
removeMembership(string, string)
Deletes a membership between a container and subject.
function removeMembership(subjectDescriptor: string, containerDescriptor: string): Promise<void>Parameters
- subjectDescriptor
-
string
A descriptor to a group or user that is the child subject in the relationship.
- containerDescriptor
-
string
A descriptor to a group that is the container in the relationship.
Returns
Promise<void>
requestAccess(any)
function requestAccess(jsondocument: any): Promise<void>Parameters
- jsondocument
-
any
Returns
Promise<void>
resolve(IdentityMappings)
Batch-map a list of users to new users.
function resolve(mappings: IdentityMappings): Promise<ResolveDisconnectedUsersResponse>Parameters
- mappings
- IdentityMappings
A list of mappings.
Returns
Promise<ResolveDisconnectedUsersResponse>
setAvatar(Avatar, string)
function setAvatar(avatar: Avatar, subjectDescriptor: string): Promise<void>Parameters
- avatar
- Avatar
- subjectDescriptor
-
string
Returns
Promise<void>
translate(string, string)
Identity Translation - Translate endpoint is supposed to be used by geneva action.
function translate(masterId?: string, localId?: string): Promise<string>Parameters
- masterId
-
string
- localId
-
string
Returns
Promise<string>
traverseMemberships(string, GraphTraversalDirection, number)
Traverse memberships of the given subject descriptor.
function traverseMemberships(subjectDescriptor: string, direction?: GraphTraversalDirection, depth?: number): Promise<GraphMembershipTraversal>Parameters
- subjectDescriptor
-
string
Fetch the descendants/ancestors of this descriptor depending on direction.
- direction
- GraphTraversalDirection
The default value is Unknown.
- depth
-
number
The default value is '1'.
Returns
Promise<GraphMembershipTraversal>
updateGroup(string, JsonPatchDocument)
Update the properties of an Azure DevOps group.
function updateGroup(groupDescriptor: string, patchDocument: JsonPatchDocument): Promise<GraphGroup>Parameters
- groupDescriptor
-
string
The descriptor of the group to modify.
- patchDocument
- JsonPatchDocument
The JSON+Patch document containing the fields to alter.
Returns
Promise<GraphGroup>
updateScope(string, JsonPatchDocument)
function updateScope(scopeDescriptor: string, patchDocument: JsonPatchDocument): Promise<void>Parameters
- scopeDescriptor
-
string
- patchDocument
- JsonPatchDocument
Returns
Promise<void>
updateServicePrincipal(GraphServicePrincipalUpdateContext, string)
Map an existing service principal to a different service principal.
function updateServicePrincipal(updateContext: GraphServicePrincipalUpdateContext, servicePrincipalDescriptor: string): Promise<GraphServicePrincipal>Parameters
- updateContext
- GraphServicePrincipalUpdateContext
The subset of the full graph service principal used to uniquely find the graph subject in an external provider.
- servicePrincipalDescriptor
-
string
The descriptor of the service principal to update
Returns
Promise<GraphServicePrincipal>
updateUser(GraphUserUpdateContext, string)
Map an existing user to a different user.
function updateUser(updateContext: GraphUserUpdateContext, userDescriptor: string): Promise<GraphUser>Parameters
- updateContext
- GraphUserUpdateContext
The subset of the full graph user used to uniquely find the graph subject in an external provider.
- userDescriptor
-
string
The descriptor of the user to update
Returns
Promise<GraphUser>
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for