Registration Definitions - List
Gets a list of the registration definitions.
GET https://management.azure.com/{scope}/providers/Microsoft.ManagedServices/registrationDefinitions?api-version=2022-10-01
GET https://management.azure.com/{scope}/providers/Microsoft.ManagedServices/registrationDefinitions?api-version=2022-10-01&$filter={$filter}
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
scope
|
path | True |
string |
The scope of the resource. |
api-version
|
query | True |
string |
The API version to use for this operation. |
$filter
|
query |
string |
The filter query parameter to filter managed services resources by. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK - Returns a list of the registration definitions. |
|
Other Status Codes |
The error response describing why the operation failed. |
Security
azure_auth
The Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Get Registration Definitions |
Get Registration Definitions with Managed |
Get Registration Definitions with Managed |
Get Registration Definitions
Sample Request
Sample Response
{
"value": [
{
"properties": {
"description": "Test",
"managedByTenantId": "83ace5cd-bcc3-441a-hd86-e6a75360cecc",
"registrationDefinitionName": "DefinitionName",
"authorizations": [
{
"principalId": "f98g86a2-4cc4-4e6d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7"
},
{
"principalId": "f98d86a2-4cc4-4e9d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "User Access Administrator",
"roleDefinitionId": "18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
"delegatedRoleDefinitionIds": [
"b24988ac-6180-42a0-ab88-20f7382dd24c"
]
}
],
"eligibleAuthorizations": [
{
"justInTimeAccessPolicy": {
"multiFactorAuthProvider": "Azure",
"maximumActivationDuration": "PT8H",
"managedByTenantApprovers": [
{
"principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
"principalIdDisplayName": "Approver Group"
}
]
},
"principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "ae349356-3a1b-4a5e-921d-050484c6347e"
}
],
"provisioningState": "Succeeded",
"manageeTenantId": "0e06d6a3-55ae-40a3-ac29-350808980808",
"manageeTenantName": "Test customer",
"managedByTenantName": "Test Tenant"
},
"plan": {
"name": "addesai-plan",
"product": "test",
"publisher": "marketplace-test",
"version": "1.0.0"
},
"id": "/subscriptions/0afefe50-734e-4610-8a82-a144ahf49dea/providers/Microsoft.ManagedServices/registrationDefinitions/26c128c2-fefa-4340-9bb1-6e081c90ada2",
"type": "Microsoft.ManagedServices/registrationDefinitions",
"name": "26c128c2-fefa-4340-9bb1-6e081c90ada2"
}
]
}
Get Registration Definitions with ManagedByTenantId eq filter
Sample Request
Sample Response
{
"value": [
{
"properties": {
"description": "Test",
"registrationDefinitionName": "DefinitionName",
"authorizations": [
{
"principalId": "f98g86a2-4cc4-4e6d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7"
},
{
"principalId": "f98d86a2-4cc4-4e9d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "User Access Administrator",
"roleDefinitionId": "18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
"delegatedRoleDefinitionIds": [
"b24988ac-6180-42a0-ab88-20f7382dd24c"
]
}
],
"eligibleAuthorizations": [
{
"justInTimeAccessPolicy": {
"multiFactorAuthProvider": "Azure",
"maximumActivationDuration": "PT8H",
"managedByTenantApprovers": [
{
"principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
"principalIdDisplayName": "Approver Group"
}
]
},
"principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "ae349356-3a1b-4a5e-921d-050484c6347e"
}
],
"provisioningState": "Succeeded",
"manageeTenantId": "01c0bcd5-4f47-4e4b-b492-418b7e2a8854",
"manageeTenantName": "test_test_aad_SbtFhyGiLHPFm",
"managedByTenantId": "83ace5cd-bcc3-441a-hd86-e6a75360cecc",
"managedByTenantName": "Contoso Corp."
},
"plan": {
"name": "addesai-plan",
"product": "test",
"publisher": "marketplace-test",
"version": "1.0.0"
},
"id": "/subscriptions/0afefe50-734e-4610-8a82-a144ahf49dea/providers/Microsoft.ManagedServices/registrationDefinitions/26c128c2-fefa-4340-9bb1-6e081c90ada2",
"type": "Microsoft.ManagedServices/registrationDefinitions",
"name": "26c128c2-fefa-4340-9bb1-6e081c90ada2",
"systemData": {
"createdBy": "testuser@outlook.com",
"createdByType": "User",
"createdAt": "2021-11-22T19:56:05.0703382Z",
"lastModifiedBy": "testuser@outlook.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-11-22T19:56:05.0703382Z"
}
}
]
}
Get Registration Definitions with ManagedByTenantId in filter
Sample Request
GET https://management.azure.com/subscription/0afefe50-734e-4610-8a82-a144ahf49dea/providers/Microsoft.ManagedServices/registrationDefinitions?api-version=2022-10-01&$filter=%24filter%3DmanagedByTenantId+in+%28%2783ace5cd-bcc3-441a-hd86-e6a75360cecc%27%2C+%27de83f4a9-a76a-4025-a91a-91171923eac7%27%29
Sample Response
{
"value": [
{
"properties": {
"description": "Test",
"registrationDefinitionName": "DefinitionName",
"authorizations": [
{
"principalId": "f98g86a2-4cc4-4e6d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7"
},
{
"principalId": "f98d86a2-4cc4-4e9d-ad47-b3e80a1bcdfc",
"principalIdDisplayName": "User Access Administrator",
"roleDefinitionId": "18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
"delegatedRoleDefinitionIds": [
"b24988ac-6180-42a0-ab88-20f7382dd24c"
]
}
],
"eligibleAuthorizations": [
{
"justInTimeAccessPolicy": {
"multiFactorAuthProvider": "Azure",
"maximumActivationDuration": "PT8H",
"managedByTenantApprovers": [
{
"principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
"principalIdDisplayName": "Approver Group"
}
]
},
"principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "ae349356-3a1b-4a5e-921d-050484c6347e"
}
],
"provisioningState": "Succeeded",
"manageeTenantId": "01c0bcd5-4f47-4e4b-b492-418b7e2a8854",
"manageeTenantName": "test_test_aad_SbtFhyGiLHPFm",
"managedByTenantId": "83ace5cd-bcc3-441a-hd86-e6a75360cecc",
"managedByTenantName": "Contoso Corp."
},
"plan": {
"name": "addesai-plan",
"product": "test",
"publisher": "marketplace-test",
"version": "1.0.0"
},
"id": "/subscriptions/0afefe50-734e-4610-8a82-a144ahf49dea/providers/Microsoft.ManagedServices/registrationDefinitions/26c128c2-fefa-4340-9bb1-6e081c90ada2",
"type": "Microsoft.ManagedServices/registrationDefinitions",
"name": "26c128c2-fefa-4340-9bb1-6e081c90ada2",
"systemData": {
"createdBy": "testuser@outlook.com",
"createdByType": "User",
"createdAt": "2021-11-22T19:56:05.0703382Z",
"lastModifiedBy": "testuser@outlook.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-11-22T19:56:05.0703382Z"
}
},
{
"properties": {
"description": "Test 2",
"registrationDefinitionName": "DefinitionName",
"authorizations": [
{
"principalId": "a2e38003-c234-42dc-a769-3ca55be53098",
"principalIdDisplayName": "Support User",
"roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7"
}
],
"provisioningState": "Succeeded",
"manageeTenantId": "01c0bcd5-4f47-4e4b-b492-418b7e2a8854",
"manageeTenantName": "test_test_aad_SbtFhyGiLHPFm",
"managedByTenantId": "de83f4a9-a76a-4025-a91a-91171923eac7",
"managedByTenantName": "Test Corp."
},
"id": "/subscriptions/0afefe50-734e-4610-8a82-a144ahf49dea/providers/Microsoft.ManagedServices/registrationDefinitions/2a60751f-03d6-45a1-8797-24678246d54d",
"type": "Microsoft.ManagedServices/registrationDefinitions",
"name": "2a60751f-03d6-45a1-8797-24678246d54d",
"systemData": {
"createdBy": "testuser@msp.com",
"createdByType": "User",
"createdAt": "2021-11-21T08:56:05.0703382Z",
"lastModifiedBy": "testuser@msp.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-11-22T08:56:05.0703382Z"
}
}
]
}
Definitions
Name | Description |
---|---|
Authorization |
The Azure Active Directory principal identifier and Azure built-in role that describes the access the principal will receive on the delegated resource in the managed tenant. |
created |
The type of identity that created the resource. |
Eligible |
Defines the Azure Active Directory principal that can approve any just-in-time access requests by the principal defined in the EligibleAuthorization. |
Eligible |
The Azure Active Directory principal identifier, Azure built-in role, and just-in-time access policy that describes the just-in-time access the principal will receive on the delegated resource in the managed tenant. |
Error |
The error response indicating why the incoming request wasn’t able to be processed |
Error |
Error response. |
Just |
Just-in-time access policy setting. |
Multi |
The multi-factor authorization provider to be used for just-in-time access requests. |
Plan |
The details for the Managed Services offer’s plan in Azure Marketplace. |
Provisioning |
The current provisioning state of the registration definition. |
Registration |
The registration definition. |
Registration |
The list of registration definitions. |
Registration |
The properties of a registration definition. |
system |
Metadata pertaining to creation and last modification of the resource. |
Authorization
The Azure Active Directory principal identifier and Azure built-in role that describes the access the principal will receive on the delegated resource in the managed tenant.
Name | Type | Description |
---|---|---|
delegatedRoleDefinitionIds |
string[] |
The delegatedRoleDefinitionIds field is required when the roleDefinitionId refers to the User Access Administrator Role. It is the list of role definition ids which define all the permissions that the user in the authorization can assign to other principals. |
principalId |
string |
The identifier of the Azure Active Directory principal. |
principalIdDisplayName |
string |
The display name of the Azure Active Directory principal. |
roleDefinitionId |
string |
The identifier of the Azure built-in role that defines the permissions that the Azure Active Directory principal will have on the projected scope. |
createdByType
The type of identity that created the resource.
Name | Type | Description |
---|---|---|
Application |
string |
|
Key |
string |
|
ManagedIdentity |
string |
|
User |
string |
EligibleApprover
Defines the Azure Active Directory principal that can approve any just-in-time access requests by the principal defined in the EligibleAuthorization.
Name | Type | Description |
---|---|---|
principalId |
string |
The identifier of the Azure Active Directory principal. |
principalIdDisplayName |
string |
The display name of the Azure Active Directory principal. |
EligibleAuthorization
The Azure Active Directory principal identifier, Azure built-in role, and just-in-time access policy that describes the just-in-time access the principal will receive on the delegated resource in the managed tenant.
Name | Type | Description |
---|---|---|
justInTimeAccessPolicy |
The just-in-time access policy setting. |
|
principalId |
string |
The identifier of the Azure Active Directory principal. |
principalIdDisplayName |
string |
The display name of the Azure Active Directory principal. |
roleDefinitionId |
string |
The identifier of the Azure built-in role that defines the permissions that the Azure Active Directory principal will have on the projected scope. |
ErrorDefinition
The error response indicating why the incoming request wasn’t able to be processed
Name | Type | Description |
---|---|---|
code |
string |
The error code. |
details |
The internal error details. |
|
message |
string |
The error message indicating why the operation failed. |
ErrorResponse
Error response.
Name | Type | Description |
---|---|---|
error |
The error details. |
JustInTimeAccessPolicy
Just-in-time access policy setting.
Name | Type | Default Value | Description |
---|---|---|---|
managedByTenantApprovers |
The list of managedByTenant approvers for the eligible authorization. |
||
maximumActivationDuration |
string |
PT8H |
The maximum access duration in ISO 8601 format for just-in-time access requests. |
multiFactorAuthProvider | None |
The multi-factor authorization provider to be used for just-in-time access requests. |
MultiFactorAuthProvider
The multi-factor authorization provider to be used for just-in-time access requests.
Name | Type | Description |
---|---|---|
Azure |
string |
|
None |
string |
Plan
The details for the Managed Services offer’s plan in Azure Marketplace.
Name | Type | Description |
---|---|---|
name |
string |
Azure Marketplace plan name. |
product |
string |
Azure Marketplace product code. |
publisher |
string |
Azure Marketplace publisher ID. |
version |
string |
Azure Marketplace plan's version. |
ProvisioningState
The current provisioning state of the registration definition.
Name | Type | Description |
---|---|---|
Accepted |
string |
|
Canceled |
string |
|
Created |
string |
|
Creating |
string |
|
Deleted |
string |
|
Deleting |
string |
|
Failed |
string |
|
NotSpecified |
string |
|
Ready |
string |
|
Running |
string |
|
Succeeded |
string |
|
Updating |
string |
RegistrationDefinition
The registration definition.
Name | Type | Description |
---|---|---|
id |
string |
The fully qualified path of the registration definition. |
name |
string |
The name of the registration definition. |
plan |
The details for the Managed Services offer’s plan in Azure Marketplace. |
|
properties |
The properties of a registration definition. |
|
systemData |
The metadata for the registration assignment resource. |
|
type |
string |
The type of the Azure resource (Microsoft.ManagedServices/registrationDefinitions). |
RegistrationDefinitionList
The list of registration definitions.
Name | Type | Description |
---|---|---|
nextLink |
string |
The link to the next page of registration definitions. |
value |
The list of registration definitions. |
RegistrationDefinitionProperties
The properties of a registration definition.
Name | Type | Description |
---|---|---|
authorizations |
The collection of authorization objects describing the access Azure Active Directory principals in the managedBy tenant will receive on the delegated resource in the managed tenant. |
|
description |
string |
The description of the registration definition. |
eligibleAuthorizations |
The collection of eligible authorization objects describing the just-in-time access Azure Active Directory principals in the managedBy tenant will receive on the delegated resource in the managed tenant. |
|
managedByTenantId |
string |
The identifier of the managedBy tenant. |
managedByTenantName |
string |
The name of the managedBy tenant. |
manageeTenantId |
string |
The identifier of the managed tenant. |
manageeTenantName |
string |
The name of the managed tenant. |
provisioningState |
The current provisioning state of the registration definition. |
|
registrationDefinitionName |
string |
The name of the registration definition. |
systemData
Metadata pertaining to creation and last modification of the resource.
Name | Type | Description |
---|---|---|
createdAt |
string |
The timestamp of resource creation (UTC). |
createdBy |
string |
The identity that created the resource. |
createdByType |
The type of identity that created the resource. |
|
lastModifiedAt |
string |
The timestamp of resource last modification (UTC) |
lastModifiedBy |
string |
The identity that last modified the resource. |
lastModifiedByType |
The type of identity that last modified the resource. |