创建 accessPackageResourceRoleScope

项目
04/17/2024

命名空间：microsoft.graph

重要

Microsoft Graph /beta 版本下的 API 可能会发生更改。不支持在生产应用程序中使用这些 API。若要确定 API 是否在 v1.0 中可用，请使用版本选择器。

创建新的 accessPackageResourceRoleScope ，用于向访问包添加资源角色。对于组、应用程序或 SharePoint Online 网站，访问包资源必须已存在于访问包目录中，并且从资源角色列表中检索到的资源角色的 originId。将资源角色范围添加到访问包后，用户将通过任何当前和将来的访问包分配接收此资源角色。

此 API 可用于以下国家级云部署。

全局服务	美国政府 L4	美国政府 L5 (DOD)	由世纪互联运营的中国
✅	✅	✅	❌

权限

为此 API 选择标记为最低特权的权限。只有在应用需要它时，才使用更高的特权权限。有关委派权限和应用程序权限的详细信息，请参阅权限类型。要了解有关这些权限的详细信息，请参阅权限参考。

权限类型	最低特权权限	更高特权权限
委派（工作或学校帐户）	EntitlementManagement.ReadWrite.All	不可用。
委派（个人 Microsoft 帐户）	不支持。	不支持。
应用程序	EntitlementManagement.ReadWrite.All	不可用。

HTTP 请求

POST /identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes

请求标头

名称	说明
Authorization	持有者 {token}。必填。详细了解身份验证和授权。
Content-Type	application/json. 必需。

请求正文

在请求正文中，提供 accessPackageResourceRoleScope 对象的 JSON 表示形式。在对象中包括与 accessPackageResourceRole 对象的关系（可从列出目录中资源的访问包资源角色的请求中获取）和 accessPackageResourceScope 对象（该对象可从具有列出访问包资源$expand=accessPackageResourceScopes的请求中获取）。

响应

如果成功，此方法在响应正文中返回 200 系列响应代码和新的 accessPackageResourceRoleScope 对象。

示例

示例 1：将组成员身份作为资源角色添加到访问包

请求

以下示例显示了一个请求。在此请求之前，组b31fe1f1-3651-488f-bd9a-1711887fd4ca的访问包资源1d08498d-72a1-403f-8511-6b1f875746a0必须已添加到包含此访问包的访问包目录中。可以通过创建访问包资源请求将资源添加到目录。

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes
Content-type: application/json

{
  "accessPackageResourceRole":{
    "originId":"Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca",
    "displayName":"Member",
    "originSystem":"AadGroup",
    "accessPackageResource":{"id":"1d08498d-72a1-403f-8511-6b1f875746a0","resourceType":"O365 Group","originId":"b31fe1f1-3651-488f-bd9a-1711887fd4ca","originSystem":"AadGroup"}
  },
 "accessPackageResourceScope":{
   "originId":"b31fe1f1-3651-488f-bd9a-1711887fd4ca","originSystem":"AadGroup"
 }
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new AccessPackageResourceRoleScope
{
	AccessPackageResourceRole = new AccessPackageResourceRole
	{
		OriginId = "Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca",
		DisplayName = "Member",
		OriginSystem = "AadGroup",
		AccessPackageResource = new AccessPackageResource
		{
			Id = "1d08498d-72a1-403f-8511-6b1f875746a0",
			ResourceType = "O365 Group",
			OriginId = "b31fe1f1-3651-488f-bd9a-1711887fd4ca",
			OriginSystem = "AadGroup",
		},
	},
	AccessPackageResourceScope = new AccessPackageResourceScope
	{
		OriginId = "b31fe1f1-3651-488f-bd9a-1711887fd4ca",
		OriginSystem = "AadGroup",
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackages["{accessPackage-id}"].AccessPackageResourceRoleScopes.PostAsync(requestBody);

重要

Microsoft Graph SDK 默认使用 v1.0 版本的 API，并且不支持 beta 版本中提供的所有类型、属性和 API。有关使用 SDK 访问 beta API 的详细信息，请参阅将 Microsoft Graph SDK 与 beta API 配合使用。

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta identity-governance entitlement-management access-packages access-package-resource-role-scopes create --access-package-id {accessPackage-id} --body '{\
  "accessPackageResourceRole":{\
    "originId":"Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca",\
    "displayName":"Member",\
    "originSystem":"AadGroup",\
    "accessPackageResource":{"id":"1d08498d-72a1-403f-8511-6b1f875746a0","resourceType":"O365 Group","originId":"b31fe1f1-3651-488f-bd9a-1711887fd4ca","originSystem":"AadGroup"}\
  },\
 "accessPackageResourceScope":{\
   "originId":"b31fe1f1-3651-488f-bd9a-1711887fd4ca","originSystem":"AadGroup"\
 }\
}\
'

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。



import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewAccessPackageResourceRoleScope()
accessPackageResourceRole := graphmodels.NewAccessPackageResourceRole()
originId := "Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca"
accessPackageResourceRole.SetOriginId(&originId) 
displayName := "Member"
accessPackageResourceRole.SetDisplayName(&displayName) 
originSystem := "AadGroup"
accessPackageResourceRole.SetOriginSystem(&originSystem) 
accessPackageResource := graphmodels.NewAccessPackageResource()
id := "1d08498d-72a1-403f-8511-6b1f875746a0"
accessPackageResource.SetId(&id) 
resourceType := "O365 Group"
accessPackageResource.SetResourceType(&resourceType) 
originId := "b31fe1f1-3651-488f-bd9a-1711887fd4ca"
accessPackageResource.SetOriginId(&originId) 
originSystem := "AadGroup"
accessPackageResource.SetOriginSystem(&originSystem) 
accessPackageResourceRole.SetAccessPackageResource(accessPackageResource)
requestBody.SetAccessPackageResourceRole(accessPackageResourceRole)
accessPackageResourceScope := graphmodels.NewAccessPackageResourceScope()
originId := "b31fe1f1-3651-488f-bd9a-1711887fd4ca"
accessPackageResourceScope.SetOriginId(&originId) 
originSystem := "AadGroup"
accessPackageResourceScope.SetOriginSystem(&originSystem) 
requestBody.SetAccessPackageResourceScope(accessPackageResourceScope)

accessPackageResourceRoleScopes, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackages().ByAccessPackageId("accessPackage-id").AccessPackageResourceRoleScopes().Post(context.Background(), requestBody, nil)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

AccessPackageResourceRoleScope accessPackageResourceRoleScope = new AccessPackageResourceRoleScope();
AccessPackageResourceRole accessPackageResourceRole = new AccessPackageResourceRole();
accessPackageResourceRole.setOriginId("Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca");
accessPackageResourceRole.setDisplayName("Member");
accessPackageResourceRole.setOriginSystem("AadGroup");
AccessPackageResource accessPackageResource = new AccessPackageResource();
accessPackageResource.setId("1d08498d-72a1-403f-8511-6b1f875746a0");
accessPackageResource.setResourceType("O365 Group");
accessPackageResource.setOriginId("b31fe1f1-3651-488f-bd9a-1711887fd4ca");
accessPackageResource.setOriginSystem("AadGroup");
accessPackageResourceRole.setAccessPackageResource(accessPackageResource);
accessPackageResourceRoleScope.setAccessPackageResourceRole(accessPackageResourceRole);
AccessPackageResourceScope accessPackageResourceScope = new AccessPackageResourceScope();
accessPackageResourceScope.setOriginId("b31fe1f1-3651-488f-bd9a-1711887fd4ca");
accessPackageResourceScope.setOriginSystem("AadGroup");
accessPackageResourceRoleScope.setAccessPackageResourceScope(accessPackageResourceScope);
AccessPackageResourceRoleScope result = graphClient.identityGovernance().entitlementManagement().accessPackages().byAccessPackageId("{accessPackage-id}").accessPackageResourceRoleScopes().post(accessPackageResourceRoleScope);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
	authProvider,
};

const client = Client.init(options);

const accessPackageResourceRoleScope = {
  accessPackageResourceRole: {
    originId: 'Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca',
    displayName: 'Member',
    originSystem: 'AadGroup',
    accessPackageResource: {id: '1d08498d-72a1-403f-8511-6b1f875746a0',resourceType: 'O365 Group',originId: 'b31fe1f1-3651-488f-bd9a-1711887fd4ca',originSystem: 'AadGroup'}
  },
 accessPackageResourceScope: {
   originId: 'b31fe1f1-3651-488f-bd9a-1711887fd4ca',originSystem: 'AadGroup'
 }
};

await client.api('/identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes')
	.version('beta')
	.post(accessPackageResourceRoleScope);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageResourceRoleScope;
use Microsoft\Graph\Generated\Models\AccessPackageResourceRole;
use Microsoft\Graph\Generated\Models\AccessPackageResource;
use Microsoft\Graph\Generated\Models\AccessPackageResourceScope;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new AccessPackageResourceRoleScope();
$accessPackageResourceRole = new AccessPackageResourceRole();
$accessPackageResourceRole->setOriginId('Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca');
$accessPackageResourceRole->setDisplayName('Member');
$accessPackageResourceRole->setOriginSystem('AadGroup');
$accessPackageResourceRoleAccessPackageResource = new AccessPackageResource();
$accessPackageResourceRoleAccessPackageResource->setId('1d08498d-72a1-403f-8511-6b1f875746a0');
$accessPackageResourceRoleAccessPackageResource->setResourceType('O365 Group');
$accessPackageResourceRoleAccessPackageResource->setOriginId('b31fe1f1-3651-488f-bd9a-1711887fd4ca');
$accessPackageResourceRoleAccessPackageResource->setOriginSystem('AadGroup');
$accessPackageResourceRole->setAccessPackageResource($accessPackageResourceRoleAccessPackageResource);
$requestBody->setAccessPackageResourceRole($accessPackageResourceRole);
$accessPackageResourceScope = new AccessPackageResourceScope();
$accessPackageResourceScope->setOriginId('b31fe1f1-3651-488f-bd9a-1711887fd4ca');
$accessPackageResourceScope->setOriginSystem('AadGroup');
$requestBody->setAccessPackageResourceScope($accessPackageResourceScope);

$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackages()->byAccessPackageId('accessPackage-id')->accessPackageResourceRoleScopes()->post($requestBody)->wait();

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Beta.Identity.Governance

$params = @{
	accessPackageResourceRole = @{
		originId = "Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca"
		displayName = "Member"
		originSystem = "AadGroup"
		accessPackageResource = @{
			id = "1d08498d-72a1-403f-8511-6b1f875746a0"
			resourceType = "O365 Group"
			originId = "b31fe1f1-3651-488f-bd9a-1711887fd4ca"
			originSystem = "AadGroup"
		}
	}
	accessPackageResourceScope = @{
		originId = "b31fe1f1-3651-488f-bd9a-1711887fd4ca"
		originSystem = "AadGroup"
	}
}

New-MgBetaEntitlementManagementAccessPackageResourceRoleScope -AccessPackageId $accessPackageId -BodyParameter $params

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_resource_role_scope import AccessPackageResourceRoleScope
from msgraph.generated.models.access_package_resource_role import AccessPackageResourceRole
from msgraph.generated.models.access_package_resource import AccessPackageResource
from msgraph.generated.models.access_package_resource_scope import AccessPackageResourceScope

graph_client = GraphServiceClient(credentials, scopes)

request_body = AccessPackageResourceRoleScope(
	access_package_resource_role = AccessPackageResourceRole(
		origin_id = "Member_b31fe1f1-3651-488f-bd9a-1711887fd4ca",
		display_name = "Member",
		origin_system = "AadGroup",
		access_package_resource = AccessPackageResource(
			id = "1d08498d-72a1-403f-8511-6b1f875746a0",
			resource_type = "O365 Group",
			origin_id = "b31fe1f1-3651-488f-bd9a-1711887fd4ca",
			origin_system = "AadGroup",
		),
	),
	access_package_resource_scope = AccessPackageResourceScope(
		origin_id = "b31fe1f1-3651-488f-bd9a-1711887fd4ca",
		origin_system = "AadGroup",
	),
)

result = await graph_client.identity_governance.entitlement_management.access_packages.by_access_package_id('accessPackage-id').access_package_resource_role_scopes.post(request_body)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

注意：为了提高可读性，可能缩短了此处显示的响应对象。

HTTP/1.1 201 Created
Content-type: application/json

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#accessPackageResourceRoleScopes/$entity",
    "id": "ad5c7636-e481-4528-991f-198e3b38dd56_ffd4004a-f4a9-4b22-b027-759e55c0d1db",
    "createdBy": "admin@example.com",
    "createdDateTime": "2019-12-11T01:35:26.4754081Z",
    "modifiedBy": "admin@example.com",
    "modifiedDateTime": "2019-12-11T01:35:26.4754081Z"
}

示例 2：向访问包添加 SharePoint Online 网站角色

请求

以下示例显示了对非根范围资源的请求。站点的访问包资源必须已添加到包含此访问包的访问包目录中。

请求包含 accessPackageResourceRole 对象，该对象可从先前的请求中获取，以列出目录中资源的访问包资源角色。每种类型的资源定义资源角色中的 originId 字段的格式。对于 SharePoint Online 网站，originId 是网站中角色的序列号。

如果从先前请求获取的 accessPackageResourceScope 对象将资源作为根范围 (isRootScope 设置为 true) ，请在请求的 accessPackageResourceScope 对象中包含 isRootScope 属性。

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes
Content-type: application/json

{
    "accessPackageResourceRole": {
        "originId": "4",
        "originSystem": "SharePointOnline",
        "accessPackageResource": {
            "id": "53c71803-a0a8-4777-aecc-075de8ee3991"
        }
    },
    "accessPackageResourceScope": {
        "id": "5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33",
        "originId": "https://microsoft.sharepoint.com/portals/Community",
        "originSystem": "SharePointOnline"
    }
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new AccessPackageResourceRoleScope
{
	AccessPackageResourceRole = new AccessPackageResourceRole
	{
		OriginId = "4",
		OriginSystem = "SharePointOnline",
		AccessPackageResource = new AccessPackageResource
		{
			Id = "53c71803-a0a8-4777-aecc-075de8ee3991",
		},
	},
	AccessPackageResourceScope = new AccessPackageResourceScope
	{
		Id = "5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33",
		OriginId = "https://microsoft.sharepoint.com/portals/Community",
		OriginSystem = "SharePointOnline",
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackages["{accessPackage-id}"].AccessPackageResourceRoleScopes.PostAsync(requestBody);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta identity-governance entitlement-management access-packages access-package-resource-role-scopes create --access-package-id {accessPackage-id} --body '{\
    "accessPackageResourceRole": {\
        "originId": "4",\
        "originSystem": "SharePointOnline",\
        "accessPackageResource": {\
            "id": "53c71803-a0a8-4777-aecc-075de8ee3991"\
        }\
    },\
    "accessPackageResourceScope": {\
        "id": "5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33",\
        "originId": "https://microsoft.sharepoint.com/portals/Community",\
        "originSystem": "SharePointOnline"\
    }\
}\
'

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。



import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewAccessPackageResourceRoleScope()
accessPackageResourceRole := graphmodels.NewAccessPackageResourceRole()
originId := "4"
accessPackageResourceRole.SetOriginId(&originId) 
originSystem := "SharePointOnline"
accessPackageResourceRole.SetOriginSystem(&originSystem) 
accessPackageResource := graphmodels.NewAccessPackageResource()
id := "53c71803-a0a8-4777-aecc-075de8ee3991"
accessPackageResource.SetId(&id) 
accessPackageResourceRole.SetAccessPackageResource(accessPackageResource)
requestBody.SetAccessPackageResourceRole(accessPackageResourceRole)
accessPackageResourceScope := graphmodels.NewAccessPackageResourceScope()
id := "5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33"
accessPackageResourceScope.SetId(&id) 
originId := "https://microsoft.sharepoint.com/portals/Community"
accessPackageResourceScope.SetOriginId(&originId) 
originSystem := "SharePointOnline"
accessPackageResourceScope.SetOriginSystem(&originSystem) 
requestBody.SetAccessPackageResourceScope(accessPackageResourceScope)

accessPackageResourceRoleScopes, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackages().ByAccessPackageId("accessPackage-id").AccessPackageResourceRoleScopes().Post(context.Background(), requestBody, nil)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

AccessPackageResourceRoleScope accessPackageResourceRoleScope = new AccessPackageResourceRoleScope();
AccessPackageResourceRole accessPackageResourceRole = new AccessPackageResourceRole();
accessPackageResourceRole.setOriginId("4");
accessPackageResourceRole.setOriginSystem("SharePointOnline");
AccessPackageResource accessPackageResource = new AccessPackageResource();
accessPackageResource.setId("53c71803-a0a8-4777-aecc-075de8ee3991");
accessPackageResourceRole.setAccessPackageResource(accessPackageResource);
accessPackageResourceRoleScope.setAccessPackageResourceRole(accessPackageResourceRole);
AccessPackageResourceScope accessPackageResourceScope = new AccessPackageResourceScope();
accessPackageResourceScope.setId("5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33");
accessPackageResourceScope.setOriginId("https://microsoft.sharepoint.com/portals/Community");
accessPackageResourceScope.setOriginSystem("SharePointOnline");
accessPackageResourceRoleScope.setAccessPackageResourceScope(accessPackageResourceScope);
AccessPackageResourceRoleScope result = graphClient.identityGovernance().entitlementManagement().accessPackages().byAccessPackageId("{accessPackage-id}").accessPackageResourceRoleScopes().post(accessPackageResourceRoleScope);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
	authProvider,
};

const client = Client.init(options);

const accessPackageResourceRoleScope = {
    accessPackageResourceRole: {
        originId: '4',
        originSystem: 'SharePointOnline',
        accessPackageResource: {
            id: '53c71803-a0a8-4777-aecc-075de8ee3991'
        }
    },
    accessPackageResourceScope: {
        id: '5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33',
        originId: 'https://microsoft.sharepoint.com/portals/Community',
        originSystem: 'SharePointOnline'
    }
};

await client.api('/identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes')
	.version('beta')
	.post(accessPackageResourceRoleScope);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageResourceRoleScope;
use Microsoft\Graph\Generated\Models\AccessPackageResourceRole;
use Microsoft\Graph\Generated\Models\AccessPackageResource;
use Microsoft\Graph\Generated\Models\AccessPackageResourceScope;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new AccessPackageResourceRoleScope();
$accessPackageResourceRole = new AccessPackageResourceRole();
$accessPackageResourceRole->setOriginId('4');
$accessPackageResourceRole->setOriginSystem('SharePointOnline');
$accessPackageResourceRoleAccessPackageResource = new AccessPackageResource();
$accessPackageResourceRoleAccessPackageResource->setId('53c71803-a0a8-4777-aecc-075de8ee3991');
$accessPackageResourceRole->setAccessPackageResource($accessPackageResourceRoleAccessPackageResource);
$requestBody->setAccessPackageResourceRole($accessPackageResourceRole);
$accessPackageResourceScope = new AccessPackageResourceScope();
$accessPackageResourceScope->setId('5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33');
$accessPackageResourceScope->setOriginId('https://microsoft.sharepoint.com/portals/Community');
$accessPackageResourceScope->setOriginSystem('SharePointOnline');
$requestBody->setAccessPackageResourceScope($accessPackageResourceScope);

$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackages()->byAccessPackageId('accessPackage-id')->accessPackageResourceRoleScopes()->post($requestBody)->wait();

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Beta.Identity.Governance

$params = @{
	accessPackageResourceRole = @{
		originId = "4"
		originSystem = "SharePointOnline"
		accessPackageResource = @{
			id = "53c71803-a0a8-4777-aecc-075de8ee3991"
		}
	}
	accessPackageResourceScope = @{
		id = "5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33"
		originId = "https://microsoft.sharepoint.com/portals/Community"
		originSystem = "SharePointOnline"
	}
}

New-MgBetaEntitlementManagementAccessPackageResourceRoleScope -AccessPackageId $accessPackageId -BodyParameter $params

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_resource_role_scope import AccessPackageResourceRoleScope
from msgraph.generated.models.access_package_resource_role import AccessPackageResourceRole
from msgraph.generated.models.access_package_resource import AccessPackageResource
from msgraph.generated.models.access_package_resource_scope import AccessPackageResourceScope

graph_client = GraphServiceClient(credentials, scopes)

request_body = AccessPackageResourceRoleScope(
	access_package_resource_role = AccessPackageResourceRole(
		origin_id = "4",
		origin_system = "SharePointOnline",
		access_package_resource = AccessPackageResource(
			id = "53c71803-a0a8-4777-aecc-075de8ee3991",
		),
	),
	access_package_resource_scope = AccessPackageResourceScope(
		id = "5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33",
		origin_id = "https://microsoft.sharepoint.com/portals/Community",
		origin_system = "SharePointOnline",
	),
)

result = await graph_client.identity_governance.entitlement_management.access_packages.by_access_package_id('accessPackage-id').access_package_resource_role_scopes.post(request_body)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

注意：为了提高可读性，可能缩短了此处显示的响应对象。

HTTP/1.1 201 Created
Content-type: application/json

{
   "id": "6646a29e-da03-49f6-bcd9-dec124492de3_5ae0ae7c-d0a5-42aa-ab37-1f15e9a61d33"
}

示例 3：将Microsoft Entra角色添加为访问包中的资源

请求

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes
Content-type: application/json

{
    "role": {
        "originId": "Eligible",
        "displayName": "Eligible Member",
        "originSystem": "DirectoryRole",
        "resource": {
            "id": "ea036095-57a6-4c90-a640-013edf151eb1"
        }
    },
    "scope": {
        "description": "Root Scope",
        "displayName": "Root",
        "isRootScope": true,
        "originSystem": "DirectoryRole",
        "originId": "c4e39bd9-1100-46d3-8c65-fb160da0071f"
    }
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new AccessPackageResourceRoleScope
{
	AdditionalData = new Dictionary<string, object>
	{
		{
			"role" , new 
			{
				OriginId = "Eligible",
				DisplayName = "Eligible Member",
				OriginSystem = "DirectoryRole",
				Resource = new 
				{
					Id = "ea036095-57a6-4c90-a640-013edf151eb1",
				},
			}
		},
		{
			"scope" , new 
			{
				Description = "Root Scope",
				DisplayName = "Root",
				IsRootScope = true,
				OriginSystem = "DirectoryRole",
				OriginId = "c4e39bd9-1100-46d3-8c65-fb160da0071f",
			}
		},
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AccessPackages["{accessPackage-id}"].AccessPackageResourceRoleScopes.PostAsync(requestBody);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta identity-governance entitlement-management access-packages access-package-resource-role-scopes create --access-package-id {accessPackage-id} --body '{\
    "role": {\
        "originId": "Eligible",\
        "displayName": "Eligible Member",\
        "originSystem": "DirectoryRole",\
        "resource": {\
            "id": "ea036095-57a6-4c90-a640-013edf151eb1"\
        }\
    },\
    "scope": {\
        "description": "Root Scope",\
        "displayName": "Root",\
        "isRootScope": true,\
        "originSystem": "DirectoryRole",\
        "originId": "c4e39bd9-1100-46d3-8c65-fb160da0071f"\
    }\
}\
'

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。



import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewAccessPackageResourceRoleScope()
additionalData := map[string]interface{}{
role := graphmodels.New()
originId := "Eligible"
role.SetOriginId(&originId) 
displayName := "Eligible Member"
role.SetDisplayName(&displayName) 
originSystem := "DirectoryRole"
role.SetOriginSystem(&originSystem) 
resource := graphmodels.New()
id := "ea036095-57a6-4c90-a640-013edf151eb1"
resource.SetId(&id) 
	role.SetResource(resource)
	requestBody.SetRole(role)
scope := graphmodels.New()
description := "Root Scope"
scope.SetDescription(&description) 
displayName := "Root"
scope.SetDisplayName(&displayName) 
	isRootScope := true
scope.SetIsRootScope(&isRootScope) 
originSystem := "DirectoryRole"
scope.SetOriginSystem(&originSystem) 
originId := "c4e39bd9-1100-46d3-8c65-fb160da0071f"
scope.SetOriginId(&originId) 
	requestBody.SetScope(scope)
}
requestBody.SetAdditionalData(additionalData)

accessPackageResourceRoleScopes, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackages().ByAccessPackageId("accessPackage-id").AccessPackageResourceRoleScopes().Post(context.Background(), requestBody, nil)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

AccessPackageResourceRoleScope accessPackageResourceRoleScope = new AccessPackageResourceRoleScope();
HashMap<String, Object> additionalData = new HashMap<String, Object>();
 role = new ();
role.setOriginId("Eligible");
role.setDisplayName("Eligible Member");
role.setOriginSystem("DirectoryRole");
 resource = new ();
resource.setId("ea036095-57a6-4c90-a640-013edf151eb1");
role.setResource(resource);
additionalData.put("role", role);
 scope = new ();
scope.setDescription("Root Scope");
scope.setDisplayName("Root");
scope.setIsRootScope(true);
scope.setOriginSystem("DirectoryRole");
scope.setOriginId("c4e39bd9-1100-46d3-8c65-fb160da0071f");
additionalData.put("scope", scope);
accessPackageResourceRoleScope.setAdditionalData(additionalData);
AccessPackageResourceRoleScope result = graphClient.identityGovernance().entitlementManagement().accessPackages().byAccessPackageId("{accessPackage-id}").accessPackageResourceRoleScopes().post(accessPackageResourceRoleScope);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
	authProvider,
};

const client = Client.init(options);

const accessPackageResourceRoleScope = {
    role: {
        originId: 'Eligible',
        displayName: 'Eligible Member',
        originSystem: 'DirectoryRole',
        resource: {
            id: 'ea036095-57a6-4c90-a640-013edf151eb1'
        }
    },
    scope: {
        description: 'Root Scope',
        displayName: 'Root',
        isRootScope: true,
        originSystem: 'DirectoryRole',
        originId: 'c4e39bd9-1100-46d3-8c65-fb160da0071f'
    }
};

await client.api('/identityGovernance/entitlementManagement/accessPackages/{id}/accessPackageResourceRoleScopes')
	.version('beta')
	.post(accessPackageResourceRoleScope);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AccessPackageResourceRoleScope;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new AccessPackageResourceRoleScope();
$additionalData = [
	'role' => [
		'originId' => 'Eligible',
		'displayName' => 'Eligible Member',
		'originSystem' => 'DirectoryRole',
		'resource' => [
			'id' => 'ea036095-57a6-4c90-a640-013edf151eb1',
		],
	],
	'scope' => [
		'description' => 'Root Scope',
		'displayName' => 'Root',
		'isRootScope' => true,
		'originSystem' => 'DirectoryRole',
		'originId' => 'c4e39bd9-1100-46d3-8c65-fb160da0071f',
	],
];
$requestBody->setAdditionalData($additionalData);

$result = $graphServiceClient->identityGovernance()->entitlementManagement()->accessPackages()->byAccessPackageId('accessPackage-id')->accessPackageResourceRoleScopes()->post($requestBody)->wait();

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Beta.Identity.Governance

$params = @{
	role = @{
		originId = "Eligible"
		displayName = "Eligible Member"
		originSystem = "DirectoryRole"
		resource = @{
			id = "ea036095-57a6-4c90-a640-013edf151eb1"
		}
	}
	scope = @{
		description = "Root Scope"
		displayName = "Root"
		isRootScope = $true
		originSystem = "DirectoryRole"
		originId = "c4e39bd9-1100-46d3-8c65-fb160da0071f"
	}
}

New-MgBetaEntitlementManagementAccessPackageResourceRoleScope -AccessPackageId $accessPackageId -BodyParameter $params

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


from msgraph import GraphServiceClient
from msgraph.generated.models.access_package_resource_role_scope import AccessPackageResourceRoleScope

graph_client = GraphServiceClient(credentials, scopes)

request_body = AccessPackageResourceRoleScope(
	additional_data = {
			"role" : {
					"origin_id" : "Eligible",
					"display_name" : "Eligible Member",
					"origin_system" : "DirectoryRole",
					"resource" : {
							"id" : "ea036095-57a6-4c90-a640-013edf151eb1",
					},
			},
			"scope" : {
					"description" : "Root Scope",
					"display_name" : "Root",
					"is_root_scope" : True,
					"origin_system" : "DirectoryRole",
					"origin_id" : "c4e39bd9-1100-46d3-8c65-fb160da0071f",
			},
	}
)

result = await graph_client.identity_governance.entitlement_management.access_packages.by_access_package_id('accessPackage-id').access_package_resource_role_scopes.post(request_body)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

注意：为了提高可读性，可能缩短了此处显示的响应对象。

HTTP/1.1 201 Created
Content-type: application/json

{
   "id": "ea036095-57a6-4c90-a640-013edf151eb1_c4e39bd9-1100-46d3-8c65-fb160da0071f",
   "createdDateTime": "2023-06-28T01:19:48.4216782Z"
}

创建 accessPackageResourceRoleScope

权限

HTTP 请求

请求标头

请求正文

响应

示例

示例 1：将组成员身份作为资源角色添加到访问包

请求

响应

示例 2：向访问包添加 SharePoint Online 网站角色

请求

响应

示例 3：将Microsoft Entra角色添加为访问包中的资源

请求

响应

反馈

反馈

其他资源