Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Create a user permission object, which adds this permission to a fileStorageContainerType. Only existing owners (users with the owner role in the permissions collection of the container type), SharePoint Embedded Administrators, or Global Administrators can add permissions.
The following constraints apply:
- A maximum of 3 permissions per container type is allowed. Adding a fourth permission returns a
400 Bad Requesterror. - Duplicate permissions are treated as idempotent. If the specified user already has a permission on the container type, the service makes no changes and returns the existing permission resource in the response body with a
201 Createdstatus, even though no new permission is created. - Currently only the
ownerrole is supported.
Note
- Guest users can't be recipients of container type permissions.
- Guest users can't perform this operation.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
|---|---|---|---|
| ✅ | ❌ | ❌ | ❌ |
Permissions
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
| Permission type | Least privileged permission | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | FileStorageContainerType.Manage.All | Not available. |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | Not supported. | Not supported. |
HTTP request
POST /storage/fileStorage/containerTypes/{fileStorageContainerTypeId}/permissions
Request headers
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
| Content-Type | application/json. Required. |
Request body
In the request body, supply a JSON representation of the permission object.
You can specify the following properties when you create a permission.
| Property | Type | Description |
|---|---|---|
| grantedToV2 | sharePointIdentitySet | The identity of the user to grant the permission to. Only the user property with the user's id is supported; group and application identities aren't supported. Required. |
| roles | String collection | The roles granted to the user. Currently only owner is supported. Required. |
Response
If successful, this method returns a 201 Created response code and a permission object in the response body.
If the request exceeds the limit of three permissions per container type, this method returns a 400 Bad Request response code.
Examples
Request
The following example shows a request to add an owner permission to a container type.
POST https://graph.microsoft.com/beta/storage/fileStorage/containerTypes/de988700-d700-020e-0a00-0831f3042f00/permissions
Content-Type: application/json
{
"roles": ["owner"],
"grantedToV2": {
"user": {
"id": "11111111-1111-1111-1111-111111111111"
}
}
}
Response
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 201 Created
Content-Type: application/json
{
"@odata.type": "#microsoft.graph.permission",
"id": "b3duZXJfMTExMTExMTEtMTExMS0xMTExLTExMTEtMTExMTExMTExMTEx",
"roles": ["owner"],
"grantedToV2": {
"user": {
"id": "11111111-1111-1111-1111-111111111111"
}
}
}