accessPackageAssignmentRequest：resume

命名空间：microsoft.graph

在Microsoft Entra权利管理中，如果启用了访问包策略来调用自定义扩展，并且请求处理正在等待客户的回调，则客户可以启动恢复操作。 它在 accessPackageAssignmentRequest 对象（其 requestStatus 处于状态） WaitingForCallback 上执行。

此 API 可用于以下国家级云部署。

全局服务	美国政府 L4	美国政府 L5 (DOD)	由世纪互联运营的中国
✅	❌	❌	❌

权限

为此 API 选择标记为最低特权的权限。 只有在应用需要它时，才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息，请参阅权限类型。 要了解有关这些权限的详细信息，请参阅 权限参考。

权限类型	最低特权权限	更高特权权限
委派（工作或学校帐户）	EntitlementManagement.ReadWrite.All	不可用。
委派（个人 Microsoft 帐户）	不支持。	不支持。
应用程序	EntitlementManagement.ReadWrite.All	不可用。

HTTP 请求

POST /identityGovernance/entitlementManagement/assignmentRequests/{accessPackageAssignmentRequestId}/resume

请求标头

名称	说明
Authorization	持有者 {token}。 必填。 详细了解 身份验证和授权。
Content-Type	application/json. 必需。

请求正文

在请求正文中，提供参数的 JSON 表示形式。

下表显示了可用于此操作的参数。

参数	类型	说明
source	String	来自客户尝试恢复请求的源，请求可以存储在服务中，并且有助于审核。
type	String	指示在哪个阶段执行自定义标注扩展。 可能的值为： microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated、 microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestApproved、、 microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestGranted、 microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestRemoved
data	accessPackageAssignmentRequestCallbackData	包含有关对客户终结点进行的标注实例的信息。

响应

如果成功，此操作返回 204 No Content 响应代码。

示例

示例 1：恢复访问包分配请求

请求

下面是一个调用示例，用于恢复正在等待回调的访问包分配请求。

HTTP

POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests/0e60f18c-b2a0-4887-9da8-da2e30a39d99/resume
Content-Type: application/json

{
  "source": "Contoso.SodCheckProcess",
  "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
  "data": {
    "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",
    "stage": "assignmentRequestCreated",
    "customExtensionStageInstanceId": "957d0c50-466b-4840-bb5b-c92cea7141ff",
    "customExtensionStageInstanceDetail": "This user is all verified"
  }
}

C#

// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.IdentityGovernance.EntitlementManagement.AssignmentRequests.Item.Resume;
using Microsoft.Graph.Models;

var requestBody = new ResumePostRequestBody
{
	Source = "Contoso.SodCheckProcess",
	Type = "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
	Data = new AccessPackageAssignmentRequestCallbackData
	{
		OdataType = "microsoft.graph.accessPackageAssignmentRequestCallbackData",
		Stage = AccessPackageCustomExtensionStage.AssignmentRequestCreated,
		CustomExtensionStageInstanceId = "957d0c50-466b-4840-bb5b-c92cea7141ff",
		CustomExtensionStageInstanceDetail = "This user is all verified",
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
await graphClient.IdentityGovernance.EntitlementManagement.AssignmentRequests["{accessPackageAssignmentRequest-id}"].Resume.PostAsync(requestBody);

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

CLI

// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc identity-governance entitlement-management assignment-requests resume post --access-package-assignment-request-id {accessPackageAssignmentRequest-id} --body '{\
  "source": "Contoso.SodCheckProcess",\
  "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",\
  "data": {\
    "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",\
    "stage": "assignmentRequestCreated",\
    "customExtensionStageInstanceId": "957d0c50-466b-4840-bb5b-c92cea7141ff",\
    "customExtensionStageInstanceDetail": "This user is all verified"\
  }\
}\
'

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

Go

import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  graphidentitygovernance "github.com/microsoftgraph/msgraph-sdk-go/identitygovernance"
	  graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphidentitygovernance.NewResumePostRequestBody()
source := "Contoso.SodCheckProcess"
requestBody.SetSource(&source) 
type := "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated"
requestBody.SetType(&type) 
data := graphmodels.NewAccessPackageAssignmentRequestCallbackData()
stage := graphmodels.ASSIGNMENTREQUESTCREATED_ACCESSPACKAGECUSTOMEXTENSIONSTAGE 
data.SetStage(&stage) 
customExtensionStageInstanceId := "957d0c50-466b-4840-bb5b-c92cea7141ff"
data.SetCustomExtensionStageInstanceId(&customExtensionStageInstanceId) 
customExtensionStageInstanceDetail := "This user is all verified"
data.SetCustomExtensionStageInstanceDetail(&customExtensionStageInstanceDetail) 
requestBody.SetData(data)

graphClient.IdentityGovernance().EntitlementManagement().AssignmentRequests().ByAccessPackageAssignmentRequestId("accessPackageAssignmentRequest-id").Resume().Post(context.Background(), requestBody, nil)

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

Java

// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

com.microsoft.graph.identitygovernance.entitlementmanagement.assignmentrequests.item.resume.ResumePostRequestBody resumePostRequestBody = new com.microsoft.graph.identitygovernance.entitlementmanagement.assignmentrequests.item.resume.ResumePostRequestBody();
resumePostRequestBody.setSource("Contoso.SodCheckProcess");
resumePostRequestBody.setType("microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated");
AccessPackageAssignmentRequestCallbackData data = new AccessPackageAssignmentRequestCallbackData();
data.setOdataType("microsoft.graph.accessPackageAssignmentRequestCallbackData");
data.setStage(AccessPackageCustomExtensionStage.AssignmentRequestCreated);
data.setCustomExtensionStageInstanceId("957d0c50-466b-4840-bb5b-c92cea7141ff");
data.setCustomExtensionStageInstanceDetail("This user is all verified");
resumePostRequestBody.setData(data);
graphClient.identityGovernance().entitlementManagement().assignmentRequests().byAccessPackageAssignmentRequestId("{accessPackageAssignmentRequest-id}").resume().post(resumePostRequestBody);

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const resume = {
  source: 'Contoso.SodCheckProcess',
  type: 'microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated',
  data: {
    '@odata.type': 'microsoft.graph.accessPackageAssignmentRequestCallbackData',
    stage: 'assignmentRequestCreated',
    customExtensionStageInstanceId: '957d0c50-466b-4840-bb5b-c92cea7141ff',
    customExtensionStageInstanceDetail: 'This user is all verified'
  }
};

await client.api('/identityGovernance/entitlementManagement/assignmentRequests/0e60f18c-b2a0-4887-9da8-da2e30a39d99/resume')
	.post(resume);

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

PHP

<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\ResumePostRequestBody;
use Microsoft\Graph\Generated\Models\AccessPackageAssignmentRequestCallbackData;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new ResumePostRequestBody();
$requestBody->setSource('Contoso.SodCheckProcess');
$requestBody->setType('microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated');
$data = new AccessPackageAssignmentRequestCallbackData();
$data->setOdataType('microsoft.graph.accessPackageAssignmentRequestCallbackData');
$data->setStage(new AccessPackageCustomExtensionStage('assignmentRequestCreated'));
$data->setCustomExtensionStageInstanceId('957d0c50-466b-4840-bb5b-c92cea7141ff');
$data->setCustomExtensionStageInstanceDetail('This user is all verified');
$requestBody->setData($data);

$graphServiceClient->identityGovernance()->entitlementManagement()->assignmentRequests()->byAccessPackageAssignmentRequestId('accessPackageAssignmentRequest-id')->resume()->post($requestBody)->wait();

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

PowerShell

Import-Module Microsoft.Graph.Identity.Governance

$params = @{
	source = "Contoso.SodCheckProcess"
	type = "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated"
	data = @{
		"@odata.type" = "microsoft.graph.accessPackageAssignmentRequestCallbackData"
		stage = "assignmentRequestCreated"
		customExtensionStageInstanceId = "957d0c50-466b-4840-bb5b-c92cea7141ff"
		customExtensionStageInstanceDetail = "This user is all verified"
	}
}

Resume-MgEntitlementManagementAssignmentRequest -AccessPackageAssignmentRequestId $accessPackageAssignmentRequestId -BodyParameter $params

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

Python

from msgraph import GraphServiceClient
from msgraph.generated.identitygovernance.entitlementmanagement.assignmentrequests.item.resume.resume_post_request_body import ResumePostRequestBody
from msgraph.generated.models.access_package_assignment_request_callback_data import AccessPackageAssignmentRequestCallbackData

graph_client = GraphServiceClient(credentials, scopes)

request_body = ResumePostRequestBody(
	source = "Contoso.SodCheckProcess",
	type = "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
	data = AccessPackageAssignmentRequestCallbackData(
		odata_type = "microsoft.graph.accessPackageAssignmentRequestCallbackData",
		stage = AccessPackageCustomExtensionStage.AssignmentRequestCreated,
		custom_extension_stage_instance_id = "957d0c50-466b-4840-bb5b-c92cea7141ff",
		custom_extension_stage_instance_detail = "This user is all verified",
	),
)

await graph_client.identity_governance.entitlement_management.assignment_requests.by_access_package_assignment_request_id('accessPackageAssignmentRequest-id').resume.post(request_body)

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

HTTP/1.1 204 No Content

示例 2：恢复和拒绝访问包分配请求

请求

下面是通过拒绝正在等待回调的请求来继续处理访问包分配请求的示例。 不能在 assignmentRequestCreated 标注阶段拒绝请求。

POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentRequests/9e60f18c-b2a0-4887-9da8-da2e30a39d99/resume
Content-Type: application/json

{
  "source": "Contoso.SodCheckProcess",
  "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
  "data": {
    "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",
    "stage": "AssignmentRequestCreated",
    "customExtensionStageInstanceId": "857d0c50-466b-4840-bb5b-c92cea7141ff",
    "state": "denied",
    "customExtensionStageInstanceDetail": "Potential risk user based on the SOD check"
  }
}

响应

以下示例显示了相应的响应。

HTTP/1.1 204 No Content