更新 delegatedAdminAccessAssignment
本文内容
命名空间:microsoft.graph
重要
Microsoft Graph /beta 版本下的 API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
更新 delegatedAdminAccessAssignment 对象的属性。
此 API 可用于以下国家级云部署 。
全局服务
美国政府 L4
美国政府 L5 (DOD)
由世纪互联运营的中国
✅
❌
❌
❌
权限
为此 API 选择标记为最低特权的权限。 只有在应用需要它时 ,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型 。 要了解有关这些权限的详细信息,请参阅 权限参考 。
权限类型
最低特权权限
更高特权权限
委派(工作或学校帐户)
DelegatedAdminRelationship.ReadWrite.All
不可用。
委派(个人 Microsoft 帐户)
不支持。
不支持。
应用程序
DelegatedAdminRelationship.ReadWrite.All
不可用。
HTTP 请求
PATCH /tenantRelationships/delegatedAdminRelationships/{delegatedAdminRelationshipId}/accessAssignments/{delegatedAdminAccessAssignmentId}
名称
说明
Authorization
持有者 {token}。 必填。 详细了解 身份验证和授权 。
If-Match
If-match: etag}。 要更新的 delegatedAdminAccessAssignment 的最后一个已知 ETag 值。 必填。
Content-Type
application/json. 必需。
请求正文
在请求正文中,仅 提供应更新的属性的值。 请求正文中未包含的现有属性会保留其以前的值,或者根据对其他属性值的更改重新计算。
下表指定可更新的属性。
响应
如果成功,此方法将 200 OK 返回 或 202 Accepted 响应代码。
名称
说明
Content-Type
application/json.
位置
长时间运行的操作的位置。
Retry-After
之后,可以对位置 URL 进行后续 API 调用,以检查长时间运行的操作的状态。
此方法通常返回一个响应代码, 202 Accepted 其中包含 位置响应标头 中长时间运行的操作的 URL,该操作可监视其完成情况。 如果在调用中指定的值与现有对象中的值相同,则 API 在响应正文中返回响应 200 OK 代码,其中包含原始 delegatedAdminAccessAssignment 对象。
示例
请求
PATCH https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/5e5594d3-6f82-458b-b567-77db4811f0cd-00000000-0000-0000-0000-000000001234/accessAssignments/da9d6cf90-083a-47dc-ace2-1da98be3f344
If-Match: W/"JyI0NzAwNjg0NS0wMDAwLTE5MDAtMDAwMC02MGY0Yjg4MzAwMDAiJw=="
Content-Type: application/json
{
"accessDetails": {
"unifiedRoles": [
{
"roleDefinitionId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
},
{
"roleDefinitionId": "44367163-eba1-44c3-98af-f5787879f96a"
},
{
"roleDefinitionId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"
}
]
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new DelegatedAdminAccessAssignment
{
AccessDetails = new DelegatedAdminAccessDetails
{
UnifiedRoles = new List<UnifiedRole>
{
new UnifiedRole
{
RoleDefinitionId = "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
},
new UnifiedRole
{
RoleDefinitionId = "44367163-eba1-44c3-98af-f5787879f96a",
},
new UnifiedRole
{
RoleDefinitionId = "729827e3-9c14-49f7-bb1b-9608f156bbb8",
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.TenantRelationships.DelegatedAdminRelationships["{delegatedAdminRelationship-id}"].AccessAssignments["{delegatedAdminAccessAssignment-id}"].PatchAsync(requestBody, (requestConfiguration) =>
{
requestConfiguration.Headers.Add("If-Match", "W/\"JyI0NzAwNjg0NS0wMDAwLTE5MDAtMDAwMC02MGY0Yjg4MzAwMDAiJw==\"");
});
mgc-beta tenant-relationships delegated-admin-relationships access-assignments patch --delegated-admin-relationship-id {delegatedAdminRelationship-id} --delegated-admin-access-assignment-id {delegatedAdminAccessAssignment-id} --body '{\
"accessDetails": {\
"unifiedRoles": [\
{\
"roleDefinitionId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"\
},\
{\
"roleDefinitionId": "44367163-eba1-44c3-98af-f5787879f96a"\
},\
{\
"roleDefinitionId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"\
}\
]\
}\
}\
'
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
abstractions "github.com/microsoft/kiota-abstractions-go"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
graphtenantrelationships "github.com/microsoftgraph/msgraph-beta-sdk-go/tenantrelationships"
//other-imports
)
headers := abstractions.NewRequestHeaders()
headers.Add("If-Match", "W/\"JyI0NzAwNjg0NS0wMDAwLTE5MDAtMDAwMC02MGY0Yjg4MzAwMDAiJw==\"")
configuration := &graphtenantrelationships.TenantRelationshipsDelegatedAdminRelationshipItemAccessAssignmentItemRequestBuilderPatchRequestConfiguration{
Headers: headers,
}
requestBody := graphmodels.NewDelegatedAdminAccessAssignment()
accessDetails := graphmodels.NewDelegatedAdminAccessDetails()
unifiedRole := graphmodels.NewUnifiedRole()
roleDefinitionId := "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
unifiedRole.SetRoleDefinitionId(&roleDefinitionId)
unifiedRole1 := graphmodels.NewUnifiedRole()
roleDefinitionId := "44367163-eba1-44c3-98af-f5787879f96a"
unifiedRole1.SetRoleDefinitionId(&roleDefinitionId)
unifiedRole2 := graphmodels.NewUnifiedRole()
roleDefinitionId := "729827e3-9c14-49f7-bb1b-9608f156bbb8"
unifiedRole2.SetRoleDefinitionId(&roleDefinitionId)
unifiedRoles := []graphmodels.UnifiedRoleable {
unifiedRole,
unifiedRole1,
unifiedRole2,
}
accessDetails.SetUnifiedRoles(unifiedRoles)
requestBody.SetAccessDetails(accessDetails)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
accessAssignments, err := graphClient.TenantRelationships().DelegatedAdminRelationships().ByDelegatedAdminRelationshipId("delegatedAdminRelationship-id").AccessAssignments().ByDelegatedAdminAccessAssignmentId("delegatedAdminAccessAssignment-id").Patch(context.Background(), requestBody, configuration)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
DelegatedAdminAccessAssignment delegatedAdminAccessAssignment = new DelegatedAdminAccessAssignment();
DelegatedAdminAccessDetails accessDetails = new DelegatedAdminAccessDetails();
LinkedList<UnifiedRole> unifiedRoles = new LinkedList<UnifiedRole>();
UnifiedRole unifiedRole = new UnifiedRole();
unifiedRole.setRoleDefinitionId("88d8e3e3-8f55-4a1e-953a-9b9898b8876b");
unifiedRoles.add(unifiedRole);
UnifiedRole unifiedRole1 = new UnifiedRole();
unifiedRole1.setRoleDefinitionId("44367163-eba1-44c3-98af-f5787879f96a");
unifiedRoles.add(unifiedRole1);
UnifiedRole unifiedRole2 = new UnifiedRole();
unifiedRole2.setRoleDefinitionId("729827e3-9c14-49f7-bb1b-9608f156bbb8");
unifiedRoles.add(unifiedRole2);
accessDetails.setUnifiedRoles(unifiedRoles);
delegatedAdminAccessAssignment.setAccessDetails(accessDetails);
DelegatedAdminAccessAssignment result = graphClient.tenantRelationships().delegatedAdminRelationships().byDelegatedAdminRelationshipId("{delegatedAdminRelationship-id}").accessAssignments().byDelegatedAdminAccessAssignmentId("{delegatedAdminAccessAssignment-id}").patch(delegatedAdminAccessAssignment, requestConfiguration -> {
requestConfiguration.headers.add("If-Match", "W/\"JyI0NzAwNjg0NS0wMDAwLTE5MDAtMDAwMC02MGY0Yjg4MzAwMDAiJw==\"");
});
const options = {
authProvider,
};
const client = Client.init(options);
const delegatedAdminAccessAssignment = {
accessDetails: {
unifiedRoles: [
{
roleDefinitionId: '88d8e3e3-8f55-4a1e-953a-9b9898b8876b'
},
{
roleDefinitionId: '44367163-eba1-44c3-98af-f5787879f96a'
},
{
roleDefinitionId: '729827e3-9c14-49f7-bb1b-9608f156bbb8'
}
]
}
};
await client.api('/tenantRelationships/delegatedAdminRelationships/5e5594d3-6f82-458b-b567-77db4811f0cd-00000000-0000-0000-0000-000000001234/accessAssignments/da9d6cf90-083a-47dc-ace2-1da98be3f344')
.version('beta')
.update(delegatedAdminAccessAssignment);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\TenantRelationships\DelegatedAdminRelationships\Item\AccessAssignments\Item\DelegatedAdminAccessAssignmentItemRequestBuilderPatchRequestConfiguration;
use Microsoft\Graph\Generated\Models\DelegatedAdminAccessAssignment;
use Microsoft\Graph\Generated\Models\DelegatedAdminAccessDetails;
use Microsoft\Graph\Generated\Models\UnifiedRole;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new DelegatedAdminAccessAssignment();
$accessDetails = new DelegatedAdminAccessDetails();
$unifiedRolesUnifiedRole1 = new UnifiedRole();
$unifiedRolesUnifiedRole1->setRoleDefinitionId('88d8e3e3-8f55-4a1e-953a-9b9898b8876b');
$unifiedRolesArray []= $unifiedRolesUnifiedRole1;
$unifiedRolesUnifiedRole2 = new UnifiedRole();
$unifiedRolesUnifiedRole2->setRoleDefinitionId('44367163-eba1-44c3-98af-f5787879f96a');
$unifiedRolesArray []= $unifiedRolesUnifiedRole2;
$unifiedRolesUnifiedRole3 = new UnifiedRole();
$unifiedRolesUnifiedRole3->setRoleDefinitionId('729827e3-9c14-49f7-bb1b-9608f156bbb8');
$unifiedRolesArray []= $unifiedRolesUnifiedRole3;
$accessDetails->setUnifiedRoles($unifiedRolesArray);
$requestBody->setAccessDetails($accessDetails);
$requestConfiguration = new DelegatedAdminAccessAssignmentItemRequestBuilderPatchRequestConfiguration();
$headers = [
'If-Match' => 'W/"JyI0NzAwNjg0NS0wMDAwLTE5MDAtMDAwMC02MGY0Yjg4MzAwMDAiJw=="',
];
$requestConfiguration->headers = $headers;
$result = $graphServiceClient->tenantRelationships()->delegatedAdminRelationships()->byDelegatedAdminRelationshipId('delegatedAdminRelationship-id')->accessAssignments()->byDelegatedAdminAccessAssignmentId('delegatedAdminAccessAssignment-id')->patch($requestBody, $requestConfiguration)->wait();
Import-Module Microsoft.Graph.Beta.Identity.Partner
$params = @{
accessDetails = @{
unifiedRoles = @(
@{
roleDefinitionId = "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
}
@{
roleDefinitionId = "44367163-eba1-44c3-98af-f5787879f96a"
}
@{
roleDefinitionId = "729827e3-9c14-49f7-bb1b-9608f156bbb8"
}
)
}
}
Update-MgBetaTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $delegatedAdminRelationshipId -DelegatedAdminAccessAssignmentId $delegatedAdminAccessAssignmentId -BodyParameter $params
from msgraph import GraphServiceClient
from msgraph.generated.tenant_relationships.delegated_admin_relationships.item.access_assignments.item.delegated_admin_access_assignment_item_request_builder import DelegatedAdminAccessAssignmentItemRequestBuilder
from msgraph.generated.models.delegated_admin_access_assignment import DelegatedAdminAccessAssignment
from msgraph.generated.models.delegated_admin_access_details import DelegatedAdminAccessDetails
from msgraph.generated.models.unified_role import UnifiedRole
graph_client = GraphServiceClient(credentials, scopes)
request_body = DelegatedAdminAccessAssignment(
access_details = DelegatedAdminAccessDetails(
unified_roles = [
UnifiedRole(
role_definition_id = "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
),
UnifiedRole(
role_definition_id = "44367163-eba1-44c3-98af-f5787879f96a",
),
UnifiedRole(
role_definition_id = "729827e3-9c14-49f7-bb1b-9608f156bbb8",
),
],
),
)
request_configuration = DelegatedAdminAccessAssignmentItemRequestBuilder.DelegatedAdminAccessAssignmentItemRequestBuilderPatchRequestConfiguration()
request_configuration.headers.add("If-Match", "W/\"JyI0NzAwNjg0NS0wMDAwLTE5MDAtMDAwMC02MGY0Yjg4MzAwMDAiJw==\"")
result = await graph_client.tenant_relationships.delegated_admin_relationships.by_delegated_admin_relationship_id('delegatedAdminRelationship-id').access_assignments.by_delegated_admin_access_assignment_id('delegatedAdminAccessAssignment-id').patch(request_body, request_configuration = request_configuration)
响应
下面是返回响应代码以及 Location 和 Retry-After 标头的示例202 Accepted响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 202 Accepted
Location: https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/5e5594d3-6f82-458b-b567-77db4811f0cd-00000000-0000-0000-0000-000000001234/operations/d8dbb27b-7fe7-4523-a3df-f766355fe0f2
Retry-After: 10
Content-Type: application/json
{
}