unifiedRoleAssignment resource type
Namespace: microsoft.graph
Represents a role definition assigned to a principal at a particular scope. Supported principals are users, role-assignable groups, and service principals.
Inherits from entity.
Methods
Method | Return Type | Description |
---|---|---|
List | unifiedRoleAssignment collection | Get a list of the unifiedRoleAssignment objects and their properties. |
Create | unifiedRoleAssignment | Create a new unifiedRoleAssignment object. |
Get | unifiedRoleAssignment | Read the properties and relationships of an unifiedRoleAssignment object. |
Delete | None | Deletes an unifiedRoleAssignment object. |
Properties
Property | Type | Description |
---|---|---|
appScopeId | String | Identifier of the app specific scope when the assignment scope is app specific. The scope of an assignment determines the set of resources for which the principal has been granted access. App scopes are scopes that are defined and understood by a resource application only. For the entitlement management provider, use this property to specify a catalog. For example, /AccessPackageCatalog/beedadfe-01d5-4025-910b-84abb9369997 . Supports $filter (eq , in ). For example, /roleManagement/entitlementManagement/roleAssignments?$filter=appScopeId eq '/AccessPackageCatalog/{catalog id}' . |
directoryScopeId | String | Identifier of the directory object representing the scope of the assignment. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications, unlike app scopes that are defined and understood by a resource application only. Supports $filter (eq , in ). |
id | String | The unique identifier for the unifiedRoleAssignment. Key, not nullable, Read-only. |
principalId | String | Identifier of the principal to which the assignment is granted. Supported principals are users, role-assignable groups, and service principals. Supports $filter (eq , in ). |
roleDefinitionId | String | Identifier of the unifiedRoleDefinition the assignment is for. Read-only. Supports $filter (eq , in ). |
Relationships
Relationship | Type | Description |
---|---|---|
appScope | appScope | Read-only property with details of the app specific scope when the assignment scope is app specific. Containment entity. Supports $expand for the entitlement provider only. |
directoryScope | directoryObject | The directory object that is the scope of the assignment. Read-only. Supports $expand . |
principal | directoryObject | Referencing the assigned principal. Read-only. Supports $expand . |
roleDefinition | unifiedRoleDefinition | The roleDefinition the assignment is for. Supports $expand . |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.unifiedRoleAssignment",
"id": "String (identifier)",
"appScopeId": "String",
"directoryScopeId": "String",
"principalId": "String",
"roleDefinitionId": "String"
}
피드백
https://aka.ms/ContentUserFeedback
출시 예정: 2024년 내내 콘텐츠에 대한 피드백 메커니즘으로 GitHub 문제를 단계적으로 폐지하고 이를 새로운 피드백 시스템으로 바꿀 예정입니다. 자세한 내용은 다음을 참조하세요.다음에 대한 사용자 의견 제출 및 보기