Registration Definitions - Get
Gets the registration definition details.
GET https://management.azure.com/{scope}/providers/Microsoft.ManagedServices/registrationDefinitions/{registrationDefinitionId}?api-version=2022-10-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
registration
|
path | True |
string |
The GUID of the registration definition. |
scope
|
path | True |
string |
The scope of the resource. |
api-version
|
query | True |
string |
The API version to use for this operation. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK - Returns the complete registration definition with plan details. |
|
Other Status Codes |
The error response describing why the operation failed. |
Security
azure_auth
The Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Get Registration Definition
Sample Request
Sample Response
{
"properties": {
"description": "Test",
"registrationDefinitionName": "DefinitionName",
"managedByTenantId": "83ace5cd-bcc3-441a-hd86-e6a75360cecc",
"authorizations": [
{
"principalId": "f98g86a2-4cc4-4e6d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7"
},
{
"principalId": "f98d86a2-4cc4-4e9d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "User Access Administrator",
"roleDefinitionId": "18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
"delegatedRoleDefinitionIds": [
"b24988ac-6180-42a0-ab88-20f7382dd24c"
]
}
],
"eligibleAuthorizations": [
{
"justInTimeAccessPolicy": {
"multiFactorAuthProvider": "Azure",
"maximumActivationDuration": "PT8H",
"managedByTenantApprovers": [
{
"principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
"principalIdDisplayName": "Approver Group"
}
]
},
"principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "ae349356-3a1b-4a5e-921d-050484c6347e"
}
],
"provisioningState": "Succeeded",
"manageeTenantId": "0e06d6a3-55ae-40a3-ac29-350808980808",
"manageeTenantName": "Test customer",
"managedByTenantName": "Test Tenant"
},
"plan": {
"name": "addesai-plan",
"product": "test",
"publisher": "marketplace-test",
"version": "1.0.0"
},
"id": "/subscriptions/0afefe50-734e-4610-8a82-a144ahf49dea/providers/Microsoft.ManagedServices/registrationDefinitions/26c128c2-fefa-4340-9bb1-6e081c90ada2",
"type": "Microsoft.ManagedServices/registrationDefinitions",
"name": "26c128c2-fefa-4340-9bb1-6e081c90ada2"
}
Definitions
Name | Description |
---|---|
Authorization |
The Azure Active Directory principal identifier and Azure built-in role that describes the access the principal will receive on the delegated resource in the managed tenant. |
created |
The type of identity that created the resource. |
Eligible |
Defines the Azure Active Directory principal that can approve any just-in-time access requests by the principal defined in the EligibleAuthorization. |
Eligible |
The Azure Active Directory principal identifier, Azure built-in role, and just-in-time access policy that describes the just-in-time access the principal will receive on the delegated resource in the managed tenant. |
Error |
The error response indicating why the incoming request wasn’t able to be processed |
Error |
Error response. |
Just |
Just-in-time access policy setting. |
Multi |
The multi-factor authorization provider to be used for just-in-time access requests. |
Plan |
The details for the Managed Services offer’s plan in Azure Marketplace. |
Provisioning |
The current provisioning state of the registration definition. |
Registration |
The registration definition. |
Registration |
The properties of a registration definition. |
system |
Metadata pertaining to creation and last modification of the resource. |
Authorization
The Azure Active Directory principal identifier and Azure built-in role that describes the access the principal will receive on the delegated resource in the managed tenant.
Name | Type | Description |
---|---|---|
delegatedRoleDefinitionIds |
string[] |
The delegatedRoleDefinitionIds field is required when the roleDefinitionId refers to the User Access Administrator Role. It is the list of role definition ids which define all the permissions that the user in the authorization can assign to other principals. |
principalId |
string |
The identifier of the Azure Active Directory principal. |
principalIdDisplayName |
string |
The display name of the Azure Active Directory principal. |
roleDefinitionId |
string |
The identifier of the Azure built-in role that defines the permissions that the Azure Active Directory principal will have on the projected scope. |
createdByType
The type of identity that created the resource.
Name | Type | Description |
---|---|---|
Application |
string |
|
Key |
string |
|
ManagedIdentity |
string |
|
User |
string |
EligibleApprover
Defines the Azure Active Directory principal that can approve any just-in-time access requests by the principal defined in the EligibleAuthorization.
Name | Type | Description |
---|---|---|
principalId |
string |
The identifier of the Azure Active Directory principal. |
principalIdDisplayName |
string |
The display name of the Azure Active Directory principal. |
EligibleAuthorization
The Azure Active Directory principal identifier, Azure built-in role, and just-in-time access policy that describes the just-in-time access the principal will receive on the delegated resource in the managed tenant.
Name | Type | Description |
---|---|---|
justInTimeAccessPolicy |
The just-in-time access policy setting. |
|
principalId |
string |
The identifier of the Azure Active Directory principal. |
principalIdDisplayName |
string |
The display name of the Azure Active Directory principal. |
roleDefinitionId |
string |
The identifier of the Azure built-in role that defines the permissions that the Azure Active Directory principal will have on the projected scope. |
ErrorDefinition
The error response indicating why the incoming request wasn’t able to be processed
Name | Type | Description |
---|---|---|
code |
string |
The error code. |
details |
The internal error details. |
|
message |
string |
The error message indicating why the operation failed. |
ErrorResponse
Error response.
Name | Type | Description |
---|---|---|
error |
The error details. |
JustInTimeAccessPolicy
Just-in-time access policy setting.
Name | Type | Default Value | Description |
---|---|---|---|
managedByTenantApprovers |
The list of managedByTenant approvers for the eligible authorization. |
||
maximumActivationDuration |
string |
PT8H |
The maximum access duration in ISO 8601 format for just-in-time access requests. |
multiFactorAuthProvider | None |
The multi-factor authorization provider to be used for just-in-time access requests. |
MultiFactorAuthProvider
The multi-factor authorization provider to be used for just-in-time access requests.
Name | Type | Description |
---|---|---|
Azure |
string |
|
None |
string |
Plan
The details for the Managed Services offer’s plan in Azure Marketplace.
Name | Type | Description |
---|---|---|
name |
string |
Azure Marketplace plan name. |
product |
string |
Azure Marketplace product code. |
publisher |
string |
Azure Marketplace publisher ID. |
version |
string |
Azure Marketplace plan's version. |
ProvisioningState
The current provisioning state of the registration definition.
Name | Type | Description |
---|---|---|
Accepted |
string |
|
Canceled |
string |
|
Created |
string |
|
Creating |
string |
|
Deleted |
string |
|
Deleting |
string |
|
Failed |
string |
|
NotSpecified |
string |
|
Ready |
string |
|
Running |
string |
|
Succeeded |
string |
|
Updating |
string |
RegistrationDefinition
The registration definition.
Name | Type | Description |
---|---|---|
id |
string |
The fully qualified path of the registration definition. |
name |
string |
The name of the registration definition. |
plan |
The details for the Managed Services offer’s plan in Azure Marketplace. |
|
properties |
The properties of a registration definition. |
|
systemData |
The metadata for the registration assignment resource. |
|
type |
string |
The type of the Azure resource (Microsoft.ManagedServices/registrationDefinitions). |
RegistrationDefinitionProperties
The properties of a registration definition.
Name | Type | Description |
---|---|---|
authorizations |
The collection of authorization objects describing the access Azure Active Directory principals in the managedBy tenant will receive on the delegated resource in the managed tenant. |
|
description |
string |
The description of the registration definition. |
eligibleAuthorizations |
The collection of eligible authorization objects describing the just-in-time access Azure Active Directory principals in the managedBy tenant will receive on the delegated resource in the managed tenant. |
|
managedByTenantId |
string |
The identifier of the managedBy tenant. |
managedByTenantName |
string |
The name of the managedBy tenant. |
manageeTenantId |
string |
The identifier of the managed tenant. |
manageeTenantName |
string |
The name of the managed tenant. |
provisioningState |
The current provisioning state of the registration definition. |
|
registrationDefinitionName |
string |
The name of the registration definition. |
systemData
Metadata pertaining to creation and last modification of the resource.
Name | Type | Description |
---|---|---|
createdAt |
string |
The timestamp of resource creation (UTC). |
createdBy |
string |
The identity that created the resource. |
createdByType |
The type of identity that created the resource. |
|
lastModifiedAt |
string |
The timestamp of resource last modification (UTC) |
lastModifiedBy |
string |
The identity that last modified the resource. |
lastModifiedByType |
The type of identity that last modified the resource. |