GetAssignedLicensesAsync |
Cloud Solution Provider (CSP) partners can't get licenses of the given customer user |
Partners can use any one of the below roles. Directory Reader, Directory Writer, User Admin, License Admin |
GetSubscribedSkus |
CSP partners can't view the licenses available for a given customer tenant. |
Partners can use any one of the below roles. Directory Reader, Global Reader, User Admin, License Admin |
AssignUserLicensesAsync |
CSP partners can't assign licenses to the customer users |
Partners can use any one of the below roles. Directory Writer, User Admin, License Admin |
Get DirectoryRoles |
No impact |
Directory Reader |
GetCustomerDirectoryRoleUserMembers |
CSP partners can't get Directory roles User Members for a customer |
Partners can use any one of the below roles. Directory Reader, Global Reader, Directory Writer, Privileged Role Admin |
AddUserMember |
CSP partner can't add a customer user to a given directory role |
Privileged Role Admin |
RemoveUserMember |
CSP partner can't remove a customer user from a given directory role |
Privileged Role Admin |
GetCustomerUsersAsync |
CSP partner user can't view/get the details of all the users in the customer tenant |
Partners can use any one of the below roles. Directory Reader, Global reader, User Admin |
GetCustomerUserDetailsAsync |
CSP partner can't view/get the details about a user in customer tenant |
Partners can use any one of the below roles. Directory Reader, Global reader, User Admin |
GetUserDirectoryRolesAsync |
CSP partner can't view/get the directory roles which the customer user is part of. |
Partners can use any one of the below roles. Directory Reader, Global reader, User Admin |
CreateCustomerUserAsync |
CSP partner can't create new users in customer tenant |
Partners can use any one of the below roles. Directory Writer, User Admin |
DeleteCustomerUserAsync |
CSP partner can't delete users in customer tenant |
User Admin |
UpdateCustomerUserAsync |
CSP partner can't update properties of a user in customer tenant. (Don't use this API to reset passwords, look for the new ResetPassword API for GDAP) |
Partners can use any one of the below roles. Directory Writer, User Admin |
ResetPassword (no API docs available) |
CSP partners can't reset the passwords of users in customer tenant |
User Admin / Privileged Authentication Admin to reset password for license management users Privileged Authentication Admin to reset password for all other users |
Get all service requests for a customer |
Unable to view support tickets for the customer |
Any role that supports microsoft.office365.supportTickets /allEntities/allTasks or microsoft.azure.supportTickets /allEntities/allTasks Permissions reference |
Get the customer service requests by ID |
Unable to view support tickets for the customer |
Any role that supports microsoft.office365.supportTickets /allEntities/allTasks or microsoft.azure.supportTickets /allEntities/allTasks Permissions reference |
GetSubscribedSku |
Partner can't see all the available licenses on customer tenant across different channels. |
Partners can use any one of the below roles. Directory Reader, Global reader |
Update Qualification |
DAP isn't required for accessing this API |
No GDAP Role Required |
Get Customer ID |
The following attributes don't return: CustomDomain, CompanyProfileEmail, CompanyProfileAddress. |
New APIs created that support GDAP GetCustomerDomains GetCustomerOrganization Directory Reader |
GetCustomerCompanyProfile |
The following attributes don't return: CustomDomain, CompanyProfileEmail, CompanyProfileAddress. |
New APIs created that support GDAP GetCustomerDomains GetCustomerOrganization Directory Reader |
Get Upgrades |
CSP partners can't see if they're eligible for upgrades with license transfer. |
Partners can use any one of the below roles. Directory Reader, Global reader |
Get Transition Eligibilities |
CSP partners can't see if they're eligible for transitions with license transfer. |
Partners can use any one of the below roles. Directory Reader, Global reader Note: While this API is available for legacy and new commerce experience (NCE), GDAP is only required for legacy. |
Upgrade |
CSP partners can't conduct a license transfer during an upgrade. |
Directory Reader or Global reader (upgrade only) Directory Writer (upgrade with license transfer) |
Create Transition |
CSP partners can't conduct a license transfer during transition. |
Directory Reader or Global reader (transition only) Directory Writer (transition with license transfer) Note: While this API is available for legacy and NCE, GDAP is only required for legacy. |
Get Provisioning Status by Subscription by ID |
CSP partners can't see the provisioning status for their subscriptions. |
Partners can use any one of the below roles. Directory Reader, Global reader |
Get the managed services for a customer by ID |
CSP partners are unauthorized. |
Partners can use the new Graph API. List serviceManagementDetails |
Update a customer's qualifications asynchronously |
CSP partners are unauthorized. |
For Government Community Cloud (GCC) qualifications only. Partners can use any one of the below roles. Directory Reader, Directory Writer, User Admin, License Admin |