scopedRoleMembership resource type

Namespace: microsoft.graph

A scoped-role membership describes a user's membership of a directory role that is further scoped to an Administrative Unit. Scoped-role membership provides a mechanism to allow a tenant-wide company administrator to delegate administrative privileges to a user, to manage users and groups in a subset of the organization.

Methods

Direct queries to this resource aren't supported. See the administrative units article to see information on how to query for scoped-role memberships, and adding and removing scoped-role memberships.

Properties

Property Type Description
administrativeUnitId string Unique identifier for the administrative unit that the directory role is scoped to
ID string Unique identifier for the scoped-role membership. Read-only.
roleId string Unique identifier for the directory role that the member is in.
roleMemberInfo identity Role member identity information. Represents the user that is a member of this scoped-role.

Relationships

None

JSON representation

The following JSON representation shows the resource type.

{
  "administrativeUnitId": "string",
  "id": "string (identifier)",
  "roleId": "string",
  "roleMemberInfo": {"@odata.type": "microsoft.graph.identity"}
}