Выберите разрешение или разрешения, помеченные как наименее привилегированные для этого API. Используйте более привилегированное разрешение или разрешения только в том случае, если это требуется приложению. Дополнительные сведения о делегированных разрешениях и разрешениях приложений см. в разделе Типы разрешений. Дополнительные сведения об этих разрешениях см. в справочнике по разрешениям.
Тип разрешения
Разрешения с наименьшими привилегиями
Более высокие привилегированные разрешения
Делегированные (рабочая или учебная учетная запись)
LifecycleWorkflows.ReadWrite.All
Недоступно.
Делегированные (личная учетная запись Майкрософт)
Не поддерживается.
Не поддерживается.
Приложение
LifecycleWorkflows.ReadWrite.All
Недоступно.
В делегированных сценариях с рабочими или учебными учетными записями вошедшему пользователю должна быть назначена поддерживаемая роль Microsoft Entra или настраиваемая роль с разрешением поддерживаемой роли.
Администратор рабочих процессов жизненного цикла — это наименее привилегированная роль, поддерживаемая для этой операции.
HTTP-запрос
POST /identityGovernance/lifecycleWorkflows/workflows/{workflowId}/createNewVersion
POST https://graph.microsoft.com/v1.0/identityGovernance/lifecycleWorkflows/workflows/{workflowId}/createNewVersion
Content-Type: application/json
Content-length: 631
{
"workflow":{
"category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day",
"displayName": "Global onboard new hire employee",
"isEnabled": true,
"isSchedulingEnabled": false,
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "(department eq 'Marketing')"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeHireDate",
"offsetInDays": 1
}
},
"tasks": [
{
"continueOnError": false,
"description": "Enable user account in the directory",
"displayName": "Enable User Account",
"isEnabled": true,
"taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
"arguments": []
},
{
"continueOnError": false,
"description": "Send welcome email to new hire",
"displayName": "Send Welcome Email",
"isEnabled": true,
"taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
"arguments": []
}
]
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.IdentityGovernance.LifecycleWorkflows.Workflows.Item.MicrosoftGraphIdentityGovernanceCreateNewVersion;
using Microsoft.Graph.Models.IdentityGovernance;
using Microsoft.Graph.Models;
var requestBody = new CreateNewVersionPostRequestBody
{
Workflow = new Workflow
{
Category = LifecycleWorkflowCategory.Joiner,
Description = "Configure new hire tasks for onboarding employees on their first day",
DisplayName = "Global onboard new hire employee",
IsEnabled = true,
IsSchedulingEnabled = false,
ExecutionConditions = new TriggerAndScopeBasedConditions
{
OdataType = "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
Scope = new RuleBasedSubjectSet
{
OdataType = "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
Rule = "(department eq 'Marketing')",
},
Trigger = new TimeBasedAttributeTrigger
{
OdataType = "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
TimeBasedAttribute = WorkflowTriggerTimeBasedAttribute.EmployeeHireDate,
OffsetInDays = 1,
},
},
Tasks = new List<TaskObject>
{
new TaskObject
{
ContinueOnError = false,
Description = "Enable user account in the directory",
DisplayName = "Enable User Account",
IsEnabled = true,
TaskDefinitionId = "6fc52c9d-398b-4305-9763-15f42c1676fc",
Arguments = new List<KeyValuePair>
{
},
},
new TaskObject
{
ContinueOnError = false,
Description = "Send welcome email to new hire",
DisplayName = "Send Welcome Email",
IsEnabled = true,
TaskDefinitionId = "70b29d51-b59a-4773-9280-8841dfd3f2ea",
Arguments = new List<KeyValuePair>
{
},
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows["{workflow-id}"].MicrosoftGraphIdentityGovernanceCreateNewVersion.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.identitygovernance.lifecycleworkflows.workflows.item.microsoftgraphidentitygovernancecreatenewversion.CreateNewVersionPostRequestBody createNewVersionPostRequestBody = new com.microsoft.graph.identitygovernance.lifecycleworkflows.workflows.item.microsoftgraphidentitygovernancecreatenewversion.CreateNewVersionPostRequestBody();
com.microsoft.graph.models.identitygovernance.Workflow workflow = new com.microsoft.graph.models.identitygovernance.Workflow();
workflow.setCategory(com.microsoft.graph.models.identitygovernance.LifecycleWorkflowCategory.Joiner);
workflow.setDescription("Configure new hire tasks for onboarding employees on their first day");
workflow.setDisplayName("Global onboard new hire employee");
workflow.setIsEnabled(true);
workflow.setIsSchedulingEnabled(false);
com.microsoft.graph.models.identitygovernance.TriggerAndScopeBasedConditions executionConditions = new com.microsoft.graph.models.identitygovernance.TriggerAndScopeBasedConditions();
executionConditions.setOdataType("#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions");
com.microsoft.graph.models.identitygovernance.RuleBasedSubjectSet scope = new com.microsoft.graph.models.identitygovernance.RuleBasedSubjectSet();
scope.setOdataType("#microsoft.graph.identityGovernance.ruleBasedSubjectSet");
scope.setRule("(department eq 'Marketing')");
executionConditions.setScope(scope);
com.microsoft.graph.models.identitygovernance.TimeBasedAttributeTrigger trigger = new com.microsoft.graph.models.identitygovernance.TimeBasedAttributeTrigger();
trigger.setOdataType("#microsoft.graph.identityGovernance.timeBasedAttributeTrigger");
trigger.setTimeBasedAttribute(com.microsoft.graph.models.identitygovernance.WorkflowTriggerTimeBasedAttribute.EmployeeHireDate);
trigger.setOffsetInDays(1);
executionConditions.setTrigger(trigger);
workflow.setExecutionConditions(executionConditions);
LinkedList<com.microsoft.graph.models.identitygovernance.Task> tasks = new LinkedList<com.microsoft.graph.models.identitygovernance.Task>();
com.microsoft.graph.models.identitygovernance.Task task = new com.microsoft.graph.models.identitygovernance.Task();
task.setContinueOnError(false);
task.setDescription("Enable user account in the directory");
task.setDisplayName("Enable User Account");
task.setIsEnabled(true);
task.setTaskDefinitionId("6fc52c9d-398b-4305-9763-15f42c1676fc");
LinkedList<KeyValuePair> arguments = new LinkedList<KeyValuePair>();
task.setArguments(arguments);
tasks.add(task);
com.microsoft.graph.models.identitygovernance.Task task1 = new com.microsoft.graph.models.identitygovernance.Task();
task1.setContinueOnError(false);
task1.setDescription("Send welcome email to new hire");
task1.setDisplayName("Send Welcome Email");
task1.setIsEnabled(true);
task1.setTaskDefinitionId("70b29d51-b59a-4773-9280-8841dfd3f2ea");
LinkedList<KeyValuePair> arguments1 = new LinkedList<KeyValuePair>();
task1.setArguments(arguments1);
tasks.add(task1);
workflow.setTasks(tasks);
createNewVersionPostRequestBody.setWorkflow(workflow);
var result = graphClient.identityGovernance().lifecycleWorkflows().workflows().byWorkflowId("{workflow-id}").microsoftGraphIdentityGovernanceCreateNewVersion().post(createNewVersionPostRequestBody);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\IdentityGovernance\LifecycleWorkflows\Workflows\Item\MicrosoftGraphIdentityGovernanceCreateNewVersion\CreateNewVersionPostRequestBody;
use Microsoft\Graph\Generated\Models\IdentityGovernance\Workflow;
use Microsoft\Graph\Generated\Models\IdentityGovernance\LifecycleWorkflowCategory;
use Microsoft\Graph\Generated\Models\IdentityGovernance\TriggerAndScopeBasedConditions;
use Microsoft\Graph\Generated\Models\IdentityGovernance\RuleBasedSubjectSet;
use Microsoft\Graph\Generated\Models\IdentityGovernance\TimeBasedAttributeTrigger;
use Microsoft\Graph\Generated\Models\IdentityGovernance\WorkflowTriggerTimeBasedAttribute;
use Microsoft\Graph\Generated\Models\IdentityGovernance\Task;
use Microsoft\Graph\Generated\Models\KeyValuePair;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CreateNewVersionPostRequestBody();
$workflow = new Workflow();
$workflow->setCategory(new LifecycleWorkflowCategory('joiner'));
$workflow->setDescription('Configure new hire tasks for onboarding employees on their first day');
$workflow->setDisplayName('Global onboard new hire employee');
$workflow->setIsEnabled(true);
$workflow->setIsSchedulingEnabled(false);
$workflowExecutionConditions = new TriggerAndScopeBasedConditions();
$workflowExecutionConditions->setOdataType('#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions');
$workflowExecutionConditionsScope = new RuleBasedSubjectSet();
$workflowExecutionConditionsScope->setOdataType('#microsoft.graph.identityGovernance.ruleBasedSubjectSet');
$workflowExecutionConditionsScope->setRule('(department eq \'Marketing\')');
$workflowExecutionConditions->setScope($workflowExecutionConditionsScope);
$workflowExecutionConditionsTrigger = new TimeBasedAttributeTrigger();
$workflowExecutionConditionsTrigger->setOdataType('#microsoft.graph.identityGovernance.timeBasedAttributeTrigger');
$workflowExecutionConditionsTrigger->setTimeBasedAttribute(new WorkflowTriggerTimeBasedAttribute('employeeHireDate'));
$workflowExecutionConditionsTrigger->setOffsetInDays(1);
$workflowExecutionConditions->setTrigger($workflowExecutionConditionsTrigger);
$workflow->setExecutionConditions($workflowExecutionConditions);
$tasksTask1 = new Task();
$tasksTask1->setContinueOnError(false);
$tasksTask1->setDescription('Enable user account in the directory');
$tasksTask1->setDisplayName('Enable User Account');
$tasksTask1->setIsEnabled(true);
$tasksTask1->setTaskDefinitionId('6fc52c9d-398b-4305-9763-15f42c1676fc');
$tasksTask1->setArguments([ ]);
$tasksArray []= $tasksTask1;
$tasksTask2 = new Task();
$tasksTask2->setContinueOnError(false);
$tasksTask2->setDescription('Send welcome email to new hire');
$tasksTask2->setDisplayName('Send Welcome Email');
$tasksTask2->setIsEnabled(true);
$tasksTask2->setTaskDefinitionId('70b29d51-b59a-4773-9280-8841dfd3f2ea');
$tasksTask2->setArguments([ ]);
$tasksArray []= $tasksTask2;
$workflow->setTasks($tasksArray);
$requestBody->setWorkflow($workflow);
$result = $graphServiceClient->identityGovernance()->lifecycleWorkflows()->workflows()->byWorkflowId('workflow-id')->microsoftGraphIdentityGovernanceCreateNewVersion()->post($requestBody)->wait();
POST https://graph.microsoft.com/v1.0/identityGovernance/lifecycleWorkflows/workflows/{workflowId}/createNewVersion
Content-Type: application/json
Content-length: 631
{
"category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day",
"displayName": "custom email marketing API test",
"isEnabled": true,
"isSchedulingEnabled": false,
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "(department eq 'Marketing')"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeHireDate",
"offsetInDays": 0
}
},
"tasks": [
{
"continueOnError": false,
"description": "Enable user account in the directory",
"displayName": "Enable User Account",
"isEnabled": true,
"taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
"arguments": []
},
{
"continueOnError": false,
"description": "Send welcome email to new hire",
"displayName": "Send Welcome Email",
"isEnabled": true,
"taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
"arguments": [
{
"name": "cc",
"value": "1baa57fa-3c4e-4526-ba5a-db47a9df95f0"
},
{
"name": "customSubject",
"value": "Welcome to the organization {{userDisplayName}}!"
},
{
"name": "customBody",
"value": "Welcome to our organization {{userGivenName}}!"
},
{
"name": "locale",
"value": "en-us"
}
]
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.IdentityGovernance.LifecycleWorkflows.Workflows.Item.MicrosoftGraphIdentityGovernanceCreateNewVersion;
using Microsoft.Graph.Models.IdentityGovernance;
var requestBody = new CreateNewVersionPostRequestBody
{
AdditionalData = new Dictionary<string, object>
{
{
"category" , "joiner"
},
{
"description" , "Configure new hire tasks for onboarding employees on their first day"
},
{
"displayName" , "custom email marketing API test"
},
{
"isEnabled" , true
},
{
"isSchedulingEnabled" , false
},
{
"executionConditions" , new TriggerAndScopeBasedConditions
{
OdataType = "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
Scope = new RuleBasedSubjectSet
{
OdataType = "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
Rule = "(department eq 'Marketing')",
},
Trigger = new TimeBasedAttributeTrigger
{
OdataType = "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
TimeBasedAttribute = WorkflowTriggerTimeBasedAttribute.EmployeeHireDate,
OffsetInDays = 0,
},
}
},
{
"tasks" , new List<object>
{
new
{
ContinueOnError = false,
Description = "Enable user account in the directory",
DisplayName = "Enable User Account",
IsEnabled = true,
TaskDefinitionId = "6fc52c9d-398b-4305-9763-15f42c1676fc",
Arguments = new List<object>
{
},
},
new
{
ContinueOnError = false,
Description = "Send welcome email to new hire",
DisplayName = "Send Welcome Email",
IsEnabled = true,
TaskDefinitionId = "70b29d51-b59a-4773-9280-8841dfd3f2ea",
Arguments = new List<object>
{
new
{
Name = "cc",
Value = "1baa57fa-3c4e-4526-ba5a-db47a9df95f0",
},
new
{
Name = "customSubject",
Value = "Welcome to the organization {{userDisplayName}}!",
},
new
{
Name = "customBody",
Value = "Welcome to our organization {{userGivenName}}!",
},
new
{
Name = "locale",
Value = "en-us",
},
},
},
}
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows["{workflow-id}"].MicrosoftGraphIdentityGovernanceCreateNewVersion.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.identitygovernance.lifecycleworkflows.workflows.item.microsoftgraphidentitygovernancecreatenewversion.CreateNewVersionPostRequestBody createNewVersionPostRequestBody = new com.microsoft.graph.identitygovernance.lifecycleworkflows.workflows.item.microsoftgraphidentitygovernancecreatenewversion.CreateNewVersionPostRequestBody();
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("category", "joiner");
additionalData.put("description", "Configure new hire tasks for onboarding employees on their first day");
additionalData.put("displayName", "custom email marketing API test");
additionalData.put("isEnabled", true);
additionalData.put("isSchedulingEnabled", false);
com.microsoft.graph.models.identitygovernance.TriggerAndScopeBasedConditions executionConditions = new com.microsoft.graph.models.identitygovernance.TriggerAndScopeBasedConditions();
executionConditions.setOdataType("#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions");
com.microsoft.graph.models.identitygovernance.RuleBasedSubjectSet scope = new com.microsoft.graph.models.identitygovernance.RuleBasedSubjectSet();
scope.setOdataType("#microsoft.graph.identityGovernance.ruleBasedSubjectSet");
scope.setRule("(department eq 'Marketing')");
executionConditions.setScope(scope);
com.microsoft.graph.models.identitygovernance.TimeBasedAttributeTrigger trigger = new com.microsoft.graph.models.identitygovernance.TimeBasedAttributeTrigger();
trigger.setOdataType("#microsoft.graph.identityGovernance.timeBasedAttributeTrigger");
trigger.setTimeBasedAttribute(com.microsoft.graph.models.identitygovernance.WorkflowTriggerTimeBasedAttribute.EmployeeHireDate);
trigger.setOffsetInDays(0);
executionConditions.setTrigger(trigger);
additionalData.put("executionConditions", executionConditions);
LinkedList<Object> tasks = new LinkedList<Object>();
property = new ();
property.setContinueOnError(false);
property.setDescription("Enable user account in the directory");
property.setDisplayName("Enable User Account");
property.setIsEnabled(true);
property.setTaskDefinitionId("6fc52c9d-398b-4305-9763-15f42c1676fc");
LinkedList<Object> arguments = new LinkedList<Object>();
property.setArguments(arguments);
tasks.add(property);
property1 = new ();
property1.setContinueOnError(false);
property1.setDescription("Send welcome email to new hire");
property1.setDisplayName("Send Welcome Email");
property1.setIsEnabled(true);
property1.setTaskDefinitionId("70b29d51-b59a-4773-9280-8841dfd3f2ea");
LinkedList<Object> arguments1 = new LinkedList<Object>();
property2 = new ();
property2.setName("cc");
property2.setValue("1baa57fa-3c4e-4526-ba5a-db47a9df95f0");
arguments1.add(property2);
property3 = new ();
property3.setName("customSubject");
property3.setValue("Welcome to the organization {{userDisplayName}}!");
arguments1.add(property3);
property4 = new ();
property4.setName("customBody");
property4.setValue("Welcome to our organization {{userGivenName}}!");
arguments1.add(property4);
property5 = new ();
property5.setName("locale");
property5.setValue("en-us");
arguments1.add(property5);
property1.setArguments(arguments1);
tasks.add(property1);
additionalData.put("tasks", tasks);
createNewVersionPostRequestBody.setAdditionalData(additionalData);
var result = graphClient.identityGovernance().lifecycleWorkflows().workflows().byWorkflowId("{workflow-id}").microsoftGraphIdentityGovernanceCreateNewVersion().post(createNewVersionPostRequestBody);
Ожидается в ближайшее время: в течение 2024 года мы постепенно откажемся от GitHub Issues как механизма обратной связи для контента и заменим его новой системой обратной связи. Дополнительные сведения см. в разделе https://aka.ms/ContentUserFeedback.