Get a list of user roles for a customer
This guide covers how to retrieve a list of roles that users of a particular customer hold. You can accomplish this task with the C# or REST APIs.
Retrieve roles by using C#
To retrieve all the directory roles for a specified customer, take the following steps:
- Retrieve the specified customer ID. Then use the IAggregatePartner.Customers collection followed by the ById() method.
- Call the DirectoryRoles property, followed by the Get() or GetAsync() method.
// string selectedCustomerId;
// IAggregatePartner partnerOperations;
var directoryRoles = partnerOperations.Customers.ById(selectedCustomerId).DirectoryRoles.Get();
To retrieve a list of customer users that have a given role, take the following steps:
- Retrieve the specified customer ID and the directory role ID.
- Use the IAggregatePartner.Customers collection to call the ById() method.
- Call the DirectoryRoles property, followed by the ById() method.
- Call the UserMembers property, followed by the Get() or GetAsync() method.
// string selectedCustomerId;
// IAggregatePartner partnerOperations;
// string selectedDirectoryRoleId;
var userMembers = partnerOperations.Customers.ById(selectedCustomerId).DirectoryRoles.ById(selectedDirectoryRoleId).UserMembers.Get();
Retrieve roles by using the REST API
Request syntax
Method | Request URI |
---|---|
GET | {baseURL}/v1/customers/{customer-tenant-id}/users/{user-id}/directoryroles HTTP/1.1 |
GET | {baseURL}/v1/customers/{customer-tenant-id}/directoryroles HTTP/1.1 |
GET | {baseURL}/v1/customers/{customer-tenant-id}/directoryroles/{role-ID}/usermembers |
Request parameters
Name | Type | Description |
---|---|---|
customer-tenant-id | GUID | Allows the reseller to filter the results for a given customer that belongs to the reseller. |
user-id | GUID | Belongs to a single user account. |
role-id | GUID | Belongs to a type of role. You can get these IDs by querying all the directory roles for a customer, across all user accounts (as described earlier in the second scenario). |
Request example
GET https://api.partnercenter.microsoft.com/v1/customers/<customer-tenant-id>/users/<user-id>/directoryroles HTTP/1.1
Authorization: Bearer <token>
Accept: application/json
MS-RequestId: b1317092-f087-471e-a637-f66523b2b94c
MS-CorrelationId: 8a53b025-d5be-4d98-ab20-229d1813de76
Response example
If the request is successful, this method returns a list of the roles that are associated with the given user account.
HTTP/1.1 200 OK
Content-Length: 31942
Content-Type: application/json
MS-CorrelationId: 8a53b025-d5be-4d98-ab20-229d1813de76
MS-RequestId: b1317092-f087-471e-a637-f66523b2b94c
Date: June 24 2016 22:00:25 PST
{
"totalCount": 2,
"items": [
{
"name": "Helpdesk Administrator",
"id": "729827e3-9c14-49f7-bb1b-9608f156bbb8",
"attributes": { "objectType": "DirectoryRole" }
},
{
"name": "User Account Administrator",
"id": "fe930be7-5e62-47db-91af-98c3a49a38b1",
"attributes": { "objectType": "DirectoryRole" }
}
],
"attributes": { "objectType": "Collection" }
}
Next steps
- Learn about APIs for Azure CSP integration.
- See the list of Azure CSP integration scenarios.