(预览版) 管理自定义安全属性分配

重要

自定义安全属性功能目前为预览版。 有关适用于 Beta 版、预览版或其他尚未正式发布的 Azure 功能的法律条款，请参阅 Microsoft Azure 预览版补充使用条款 。

Azure Active Directory (Azure AD) 中的自定义安全属性是特定于业务的属性， (键值对) 可以定义和分配给 Azure AD 对象。 这些属性可用于存储信息、对对象进行分类，或者通过 Azure 基于属性的访问控制 (Azure ABAC) 对特定 Azure 资源强制实施精细访问控制。

自定义安全属性仅支持用户和服务主体。 本文举例说明如何使用 Microsoft Graph 为用户和应用程序分配、更新、列出或删除不同类型的自定义安全属性。

先决条件

• 创建自定义安全属性。 有关如何定义和管理自定义安全属性定义的详细信息，请参阅 使用 Microsoft Graph 的自定义安全属性概述。
• 对于委托方案，必须为调用分配以下权限和管理角色。
  • 分配、更新或删除：
    • Azure AD 角色： 属性分配管理员
    • Microsoft Graph 权限:
      • 用户：CustomSecAttributeAssignment.ReadWrite.All 和 User.Read.All
      • 服务主体：CustomSecAttributeAssignment.ReadWrite.All 和 Application.Read.All
  • 更改为：
    • Azure AD 角色： 属性分配读取者 或 属性分配管理员
    • Microsoft Graph 权限:
      • 用户：CustomSecAttributeAssignment.Read.All 和 User.Read.All
      • 服务主体：CustomSecAttributeAssignment.Read.All 和 Application.Read.All

分配自定义安全属性

示例 1：向用户分配具有字符串值的自定义安全属性

以下示例演示如何使用 更新用户 API 将具有字符串值的自定义安全属性分配给用户。

• 属性集：Engineering
• 属性：ProjectDate
• 属性数据类型：字符串
• 属性值："2022-10-01"

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "ProjectDate":"2022-10-01"
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					ProjectDate = "2022-10-01",
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            ProjectDate: '2022-10-01'
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
projectDate := "2022-10-01"
engineering.SetProjectDate(&projectDate) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			ProjectDate = "2022-10-01"
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$		customSecurityAttributes->setProjectDate('2022-10-01');


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 2：将具有字符串值的自定义安全属性分配给服务主体

以下示例演示如何使用 更新用户 API 将具有字符串值的自定义安全属性分配给服务主体。

• 属性集：Engineering
• 属性：ProjectDate
• 属性数据类型：字符串
• 属性值："2022-10-01"

请求

HTTP

PATCH https://graph.microsoft.com/beta/servicePrincipals/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "ProjectDate":"2022-10-01"
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new ServicePrincipal
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					ProjectDate = "2022-10-01",
				}
			},
		},
	},
};
var result = await graphClient.ServicePrincipals["{servicePrincipal-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const servicePrincipal = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            ProjectDate: '2022-10-01'
        }
    }
};

await client.api('/servicePrincipals/{id}')
	.version('beta')
	.update(servicePrincipal);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewServicePrincipal()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
projectDate := "2022-10-01"
engineering.SetProjectDate(&projectDate) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.ServicePrincipalsById("servicePrincipal-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Applications

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			ProjectDate = "2022-10-01"
		}
	}
}

Update-MgServicePrincipal -ServicePrincipalId $servicePrincipalId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new ServicePrincipal();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$		customSecurityAttributes->setProjectDate('2022-10-01');


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->servicePrincipalsById('servicePrincipal-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 3：向用户分配具有多字符串值的自定义安全属性

以下示例演示如何使用 Update 用户 API 向用户分配具有多字符串值的自定义安全属性。

• 属性集：Engineering
• 属性：Project
• 属性数据类型：字符串集合
• 属性值：["Baker","Cascade"]

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "Project@odata.type":"#Collection(String)",
            "Project":["Baker","Cascade"]
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					ProjectOdataType = "#Collection(String)",
					Project = new List<string>
					{
						"Baker",
						"Cascade",
					},
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            'Project@odata.type':'#Collection(String)',
            Project: ['Baker','Cascade']
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
odataType := "#Collection(String)"
engineering.SetOdataType(&odataType) 
	project := []string {
		"Baker",
		"Cascade",

	}
	engineering.SetProject(project)
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			"Project@odata.type" = "#Collection(String)"
			Project = @(
				"Baker"
				"Cascade"
			)
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$		customSecurityAttributes->setProject@odatatype('#Collection(String)');

$customSecurityAttributes->setProject(['Baker', 'Cascade', ]);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 4：向用户分配具有整数值的自定义安全属性

以下示例演示如何使用 更新用户 API 向用户分配具有整数值的自定义安全属性。

• 属性集：Engineering
• 属性：NumVendors
• 属性数据类型：整数
• 属性值：4

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "NumVendors@odata.type":"#Int32",
            "NumVendors":4
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					NumVendorsOdataType = "#Int32",
					NumVendors = 4,
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            'NumVendors@odata.type':'#Int32',
            NumVendors: 4
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
odataType := "#Int32"
engineering.SetOdataType(&odataType) 
numVendors := int32(4)
engineering.SetNumVendors(&numVendors) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			"NumVendors@odata.type" = "#Int32"
			NumVendors = 
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$		customSecurityAttributes->setNumVendors@odatatype('#Int32');

		$customSecurityAttributes->setNumVendors(4);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 5：向用户分配具有多整数值的自定义安全属性

以下示例演示如何使用 更新用户 API 向用户分配具有多整数值的自定义安全属性。

• 属性集：Engineering
• 属性：CostCenter
• 属性数据类型：整数集合
• 属性值：[1001,1003]

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "CostCenter@odata.type":"#Collection(Int32)",
            "CostCenter":[1001,1003]
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					CostCenterOdataType = "#Collection(Int32)",
					CostCenter = new List<1001>
					{
						1001,
						1003,
					},
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            'CostCenter@odata.type':'#Collection(Int32)',
            CostCenter: [1001,1003]
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
odataType := "#Collection(Int32)"
engineering.SetOdataType(&odataType) 
	costCenter := []graphmodels.Numberable {
 := int32(1001)
engineering.Set(&) 
 := int32(1003)
engineering.Set(&) 

	}
	engineering.SetCostCenter(costCenter)
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			"CostCenter@odata.type" = "#Collection(Int32)"
			CostCenter = @(
				
				
			)
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$		customSecurityAttributes->setCostCenter@odatatype('#Collection(Int32)');

$customSecurityAttributes->setCostCenter([1001,1003,]);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 6：向用户分配具有布尔值的自定义安全属性

以下示例演示如何使用 Update 用户 API 向用户分配具有布尔值的自定义安全属性。

• 属性集：Engineering
• 属性：Certification
• 属性数据类型：布尔
• 属性值：true

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "Certification":true
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					Certification = true,
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            Certification: true
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
	certification := true
engineering.SetCertification(&certification) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			Certification = $true
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

		$customSecurityAttributes->setCertification(true);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

更新自定义安全属性分配

示例 1：使用用户的整数值更新自定义安全属性分配

以下示例演示如何使用 更新用户 API 更新具有用户整数值的自定义安全属性分配。

• 属性集：Engineering
• 属性：NumVendors
• 属性数据类型：整数
• 属性值：8

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "NumVendors@odata.type":"#Int32",
            "NumVendors":8
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					NumVendorsOdataType = "#Int32",
					NumVendors = 8,
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            'NumVendors@odata.type':'#Int32',
            NumVendors: 8
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
odataType := "#Int32"
engineering.SetOdataType(&odataType) 
numVendors := int32(8)
engineering.SetNumVendors(&numVendors) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			"NumVendors@odata.type" = "#Int32"
			NumVendors = 
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$		customSecurityAttributes->setNumVendors@odatatype('#Int32');

		$customSecurityAttributes->setNumVendors(8);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 2：使用用户的布尔值更新自定义安全属性分配

以下示例演示如何使用 更新用户 API 使用用户的布尔值更新自定义安全属性分配。

• 属性集：Engineering
• 属性：Certification
• 属性数据类型：布尔
• 属性值：false

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "Certification":false
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					Certification = false,
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            Certification: false
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
	certification := false
engineering.SetCertification(&certification) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			Certification = $false
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

		$customSecurityAttributes->setCertification(false);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

列出自定义安全属性分配

示例 1：获取用户的自定义安全属性分配

以下示例演示如何使用 获取用户 API 获取用户的自定义安全属性分配。

属性 #1

• 属性集：Engineering
• 属性：Project
• 属性数据类型：字符串集合
• 属性值：["Baker","Cascade"]

属性 #2

• 属性集：Engineering
• 属性：CostCenter
• 属性数据类型：整数集合
• 属性值：[1001]

属性 #3

• 属性集：Engineering
• 属性：Certification
• 属性数据类型：布尔
• 属性值：true

属性 #4

• 属性集：Marketing
• 属性：EmployeeId
• 属性数据类型：字符串
• 属性值："QN26904"

请求

HTTP

GET https://graph.microsoft.com/beta/users/{id}?$select=customSecurityAttributes

C#

var graphClient = new GraphServiceClient(requestAdapter);

var result = await graphClient.Users["{user-id}"].GetAsync((requestConfiguration) =>
{
	requestConfiguration.QueryParameters.Select = new string []{ "customSecurityAttributes" };
});

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

let user = await client.api('/users/{id}')
	.version('beta')
	.select('customSecurityAttributes')
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

User user = graphClient.users("{id}")
	.buildRequest()
	.select("customSecurityAttributes")
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphconfig "github.com/microsoftgraph/msgraph-beta-sdk-go/users"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestParameters := &graphconfig.UserItemRequestBuilderGetQueryParameters{
	Select: [] string {"customSecurityAttributes"},
}
configuration := &graphconfig.UserItemRequestBuilderGetRequestConfiguration{
	QueryParameters: requestParameters,
}

result, err := graphClient.UsersById("user-id").Get(context.Background(), configuration)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

Get-MgUser -UserId $userId -Property "customSecurityAttributes" 

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestConfiguration = new UserRequestBuilderGetRequestConfiguration();

$queryParameters = new UserRequestBuilderGetQueryParameters();
$queryParameters->select = ["customSecurityAttributes"];

$requestConfiguration->queryParameters = $queryParameters;


$requestResult = $graphServiceClient->usersById('user-id')->get($requestConfiguration);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 200 OK

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#users(customSecurityAttributes)/$entity",
    "customSecurityAttributes": {
        "Marketing": {
            "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
            "EmployeeId": "QN26904"
        },
        "Engineering": {
            "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
            "Project@odata.type": "#Collection(String)",
            "Project": [
                "Baker",
                "Cascade"
            ],
            "CostCenter@odata.type": "#Collection(Int32)",
            "CostCenter": [
                1001
            ],
            "Certification": true
        }
    }
}

如果没有为用户分配自定义安全属性，或者调用主体没有访问权限，则响应如下：

HTTP/1.1 200 OK
Content-type: application/json

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#users(customSecurityAttributes)/$entity",
    "customSecurityAttributes": null
}

示例 2：列出具有等于值的自定义安全属性分配的所有用户

以下示例演示如何使用 列表用户 API 列出具有等于值的自定义安全属性分配的所有用户。 该示例检索具有名为 AppCountry 且值等于 Canada的自定义安全属性的用户。 筛选器值区分大小写。 必须在 ConsistencyLevel=eventual 请求或标头中添加 。 还必须包含 $count=true 以确保正确路由请求。

用户 #1

• 属性集：Marketing
• 属性：AppCountry
• 属性数据类型：字符串集合
• 属性值：["India","Canada"]

用户 #2

• 属性集：Marketing
• 属性：AppCountry
• 属性数据类型：字符串集合
• 属性值：["Canada","Mexico"]

请求

HTTP

GET https://graph.microsoft.com/beta/users?$count=true&$select=id,displayName,customSecurityAttributes&$filter=customSecurityAttributes/Marketing/AppCountry eq 'Canada'
ConsistencyLevel: eventual

C#

var graphClient = new GraphServiceClient(requestAdapter);

var result = await graphClient.Users.GetAsync((requestConfiguration) =>
{
	requestConfiguration.QueryParameters.Count = true;
	requestConfiguration.QueryParameters.Select = new string []{ "id","displayName","customSecurityAttributes" };
	requestConfiguration.QueryParameters.Filter = "customSecurityAttributes/Marketing/AppCountry eq 'Canada'";
	requestConfiguration.Headers.Add("ConsistencyLevel", "eventual");
});

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

let users = await client.api('/users')
	.version('beta')
	.header('ConsistencyLevel','eventual')
	.filter('customSecurityAttributes/Marketing/AppCountry eq \'Canada\'')
	.select('id,displayName,customSecurityAttributes')
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

LinkedList<Option> requestOptions = new LinkedList<Option>();
requestOptions.add(new HeaderOption("ConsistencyLevel", "eventual"));

UserCollectionPage users = graphClient.users()
	.buildRequest( requestOptions )
	.filter("customSecurityAttributes/Marketing/AppCountry eq 'Canada'")
	.select("id,displayName,customSecurityAttributes")
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  abstractions "github.com/microsoft/kiota-abstractions-go"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphconfig "github.com/microsoftgraph/msgraph-beta-sdk-go/users"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


headers := abstractions.NewRequestHeaders()
headers.Add("ConsistencyLevel", "eventual")


requestCount := true
requestFilter := "customSecurityAttributes/Marketing/AppCountry eq 'Canada'"

requestParameters := &graphconfig.UsersRequestBuilderGetQueryParameters{
	Count: &requestCount,
	Select: [] string {"id","displayName","customSecurityAttributes"},
	Filter: &requestFilter,
}
configuration := &graphconfig.UsersRequestBuilderGetRequestConfiguration{
	Headers: headers,
	QueryParameters: requestParameters,
}

result, err := graphClient.Users().Get(context.Background(), configuration)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

Get-MgUser -CountVariable CountVar -Property "id,displayName,customSecurityAttributes" -Filter "customSecurityAttributes/Marketing/AppCountry eq 'Canada'" -ConsistencyLevel eventual 

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestConfiguration = new UsersRequestBuilderGetRequestConfiguration();

$queryParameters = new UsersRequestBuilderGetQueryParameters();
$queryParameters->count = true;
$queryParameters->select = ["id","displayName","customSecurityAttributes"];
$queryParameters->filter = "customSecurityAttributes/Marketing/AppCountry eq 'Canada'";

$headers = [
'ConsistencyLevel' => 'eventual',
];

$requestConfiguration->queryParameters = $queryParameters;
$requestConfiguration->headers = $headers;


$requestResult = $graphServiceClient->users()->get($requestConfiguration);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 200 OK

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#users(id,displayName,customSecurityAttributes)",
    "@odata.count": 2,
    "value": [
        {
            "id": "dbaf3778-4f81-4ea0-ac1c-502a293c12ac",
            "displayName": "Jiya",
            "customSecurityAttributes": {
                "Engineering": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "Datacenter@odata.type": "#Collection(String)",
                    "Datacenter": [
                        "India"
                    ]
                },
                "Marketing": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "AppCountry@odata.type": "#Collection(String)",
                    "AppCountry": [
                        "India",
                        "Canada"
                    ],
                    "EmployeeId": "KX19476"
                }
            }
        },
        {
            "id": "6bac433c-48c6-4213-a316-1428de32701b",
            "displayName": "Jana",
            "customSecurityAttributes": {
                "Marketing": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "AppCountry@odata.type": "#Collection(String)",
                    "AppCountry": [
                        "Canada",
                        "Mexico"
                    ],
                    "EmployeeId": "GS46982"
                }
            }
        }
    ]
}

示例 3：列出具有以值开头的自定义安全属性分配的所有用户

以下示例演示如何使用 列表用户 API 列出具有以 值开头的自定义安全属性分配的所有用户。 该示例检索具有名为 EmployeeId 的自定义安全属性的用户，其值以 GS开头。 筛选器值区分大小写。 必须在 ConsistencyLevel=eventual 请求或标头中添加 。 还必须包含 $count=true 以确保正确路由请求。

用户 #1

• 属性集：Marketing
• 属性：EmployeeId
• 属性数据类型：字符串
• 属性值："KX19476"

用户 #2

• 属性集：Marketing
• 属性：EmployeeId
• 属性数据类型：字符串
• 属性值："GS46982"

请求

HTTP

GET https://graph.microsoft.com/beta/users?$count=true&$select=id,displayName,customSecurityAttributes&$filter=startsWith(customSecurityAttributes/Marketing/EmployeeId,'GS')
ConsistencyLevel: eventual

C#

var graphClient = new GraphServiceClient(requestAdapter);

var result = await graphClient.Users.GetAsync((requestConfiguration) =>
{
	requestConfiguration.QueryParameters.Count = true;
	requestConfiguration.QueryParameters.Select = new string []{ "id","displayName","customSecurityAttributes" };
	requestConfiguration.QueryParameters.Filter = "startsWith(customSecurityAttributes/Marketing/EmployeeId,'GS')";
	requestConfiguration.Headers.Add("ConsistencyLevel", "eventual");
});

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

let users = await client.api('/users')
	.version('beta')
	.header('ConsistencyLevel','eventual')
	.filter('startsWith(customSecurityAttributes/Marketing/EmployeeId,\'GS\')')
	.select('id,displayName,customSecurityAttributes')
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

LinkedList<Option> requestOptions = new LinkedList<Option>();
requestOptions.add(new HeaderOption("ConsistencyLevel", "eventual"));

UserCollectionPage users = graphClient.users()
	.buildRequest( requestOptions )
	.filter("startsWith(customSecurityAttributes/Marketing/EmployeeId,'GS')")
	.select("id,displayName,customSecurityAttributes")
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  abstractions "github.com/microsoft/kiota-abstractions-go"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphconfig "github.com/microsoftgraph/msgraph-beta-sdk-go/users"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


headers := abstractions.NewRequestHeaders()
headers.Add("ConsistencyLevel", "eventual")


requestCount := true
requestFilter := "startsWith(customSecurityAttributes/Marketing/EmployeeId,'GS')"

requestParameters := &graphconfig.UsersRequestBuilderGetQueryParameters{
	Count: &requestCount,
	Select: [] string {"id","displayName","customSecurityAttributes"},
	Filter: &requestFilter,
}
configuration := &graphconfig.UsersRequestBuilderGetRequestConfiguration{
	Headers: headers,
	QueryParameters: requestParameters,
}

result, err := graphClient.Users().Get(context.Background(), configuration)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

Get-MgUser -CountVariable CountVar -Property "id,displayName,customSecurityAttributes" -Filter "startsWith(customSecurityAttributes/Marketing/EmployeeId,'GS')" -ConsistencyLevel eventual 

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestConfiguration = new UsersRequestBuilderGetRequestConfiguration();

$queryParameters = new UsersRequestBuilderGetQueryParameters();
$queryParameters->count = true;
$queryParameters->select = ["id","displayName","customSecurityAttributes"];
$queryParameters->filter = "startsWith(customSecurityAttributes/Marketing/EmployeeId,'GS')";

$headers = [
'ConsistencyLevel' => 'eventual',
];

$requestConfiguration->queryParameters = $queryParameters;
$requestConfiguration->headers = $headers;


$requestResult = $graphServiceClient->users()->get($requestConfiguration);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 200 OK

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#users(id,displayName,customSecurityAttributes)",
    "@odata.count": 1,
    "value": [
        {
            "id": "6bac433c-48c6-4213-a316-1428de32701b",
            "displayName": "Jana",
            "customSecurityAttributes": {
                "Marketing": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "AppCountry@odata.type": "#Collection(String)",
                    "AppCountry": [
                        "Canada",
                        "Mexico"
                    ],
                    "EmployeeId": "GS46982"
                }
            }
        }
    ]
}

示例 4：列出具有不等于值的自定义安全属性分配的所有用户

以下示例演示如何使用 列表用户 API 列出具有不等于值的自定义安全属性分配的所有用户。 该示例检索具有名为 AppCountry 且值不等于 Canada的自定义安全属性的用户。 筛选器值区分大小写。 必须在 ConsistencyLevel=eventual 请求或标头中添加 。 还必须包含 $count=true 以确保正确路由请求。

用户 #1

• 属性集：Marketing
• 属性：AppCountry
• 属性数据类型：字符串集合
• 属性值：["France"]

所有其他用户

• AppCountry 未添加属性

请求

HTTP

GET https://graph.microsoft.com/beta/users?$count=true&$select=id,displayName,customSecurityAttributes&$filter=customSecurityAttributes/Marketing/AppCountry ne 'Canada'
ConsistencyLevel: eventual

C#

var graphClient = new GraphServiceClient(requestAdapter);

var result = await graphClient.Users.GetAsync((requestConfiguration) =>
{
	requestConfiguration.QueryParameters.Count = true;
	requestConfiguration.QueryParameters.Select = new string []{ "id","displayName","customSecurityAttributes" };
	requestConfiguration.QueryParameters.Filter = "customSecurityAttributes/Marketing/AppCountry ne 'Canada'";
	requestConfiguration.Headers.Add("ConsistencyLevel", "eventual");
});

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

let users = await client.api('/users')
	.version('beta')
	.header('ConsistencyLevel','eventual')
	.filter('customSecurityAttributes/Marketing/AppCountry ne \'Canada\'')
	.select('id,displayName,customSecurityAttributes')
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

LinkedList<Option> requestOptions = new LinkedList<Option>();
requestOptions.add(new HeaderOption("ConsistencyLevel", "eventual"));

UserCollectionPage users = graphClient.users()
	.buildRequest( requestOptions )
	.filter("customSecurityAttributes/Marketing/AppCountry ne 'Canada'")
	.select("id,displayName,customSecurityAttributes")
	.get();

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  abstractions "github.com/microsoft/kiota-abstractions-go"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphconfig "github.com/microsoftgraph/msgraph-beta-sdk-go/users"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


headers := abstractions.NewRequestHeaders()
headers.Add("ConsistencyLevel", "eventual")


requestCount := true
requestFilter := "customSecurityAttributes/Marketing/AppCountry ne 'Canada'"

requestParameters := &graphconfig.UsersRequestBuilderGetQueryParameters{
	Count: &requestCount,
	Select: [] string {"id","displayName","customSecurityAttributes"},
	Filter: &requestFilter,
}
configuration := &graphconfig.UsersRequestBuilderGetRequestConfiguration{
	Headers: headers,
	QueryParameters: requestParameters,
}

result, err := graphClient.Users().Get(context.Background(), configuration)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

Get-MgUser -CountVariable CountVar -Property "id,displayName,customSecurityAttributes" -Filter "customSecurityAttributes/Marketing/AppCountry ne 'Canada'" -ConsistencyLevel eventual 

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestConfiguration = new UsersRequestBuilderGetRequestConfiguration();

$queryParameters = new UsersRequestBuilderGetQueryParameters();
$queryParameters->count = true;
$queryParameters->select = ["id","displayName","customSecurityAttributes"];
$queryParameters->filter = "customSecurityAttributes/Marketing/AppCountry ne 'Canada'";

$headers = [
'ConsistencyLevel' => 'eventual',
];

$requestConfiguration->queryParameters = $queryParameters;
$requestConfiguration->headers = $headers;


$requestResult = $graphServiceClient->users()->get($requestConfiguration);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 200 OK

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#users(id,displayName,customSecurityAttributes)",
    "@odata.count": 32,
    "value": [
        {
            "id": "c4f9ecd3-d3c1-4544-b49a-bc9bb62beb67",
            "displayName": "Alain",
            "customSecurityAttributes": null
        },
        {
            "id": "de4f1218-b0fb-4449-b3a0-1e1dd193e6e7",
            "displayName": "Joe",
            "customSecurityAttributes": {
                "Engineering": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "Project3@odata.type": "#Collection(String)",
                    "Project3": [
                        "Baker",
                        "Cascade"
                    ],
                    "CostCenter@odata.type": "#Collection(Int32)",
                    "CostCenter": [
                        1001
                    ],
                    "Certification": true
                },
                "Marketing": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "EmployeeId": "QN26904"
                }
            }
        },
        {
            "id": "f24d1474-ded5-432d-be08-8abd39921aac",
            "displayName": "Isabella",
            "customSecurityAttributes": {
                "Marketing": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "AppCountry@odata.type": "#Collection(String)",
                    "AppCountry": [
                        "France"
                    ]
                }
            }
        },
        {
            "id": "849e81fe-1109-4d57-9536-a25d537eec1f",
            "displayName": "Dara",
            "customSecurityAttributes": {
                "Engineering": {
                    "@odata.type": "#microsoft.graph.customSecurityAttributeValue",
                    "ProjectDate": "2023-04-12"
                }
            }
        },
        {
            "id": "42c88239-db99-45f0-85af-cbb6c8acb2a3",
            "displayName": "Chandra",
            "customSecurityAttributes": null
        }
    ]
}

删除自定义安全属性分配

示例 1：从用户中删除单值自定义安全属性分配

以下示例演示如何使用 更新用户 API 从用户中删除支持单个值的自定义安全属性分配。

• 属性集：Engineering
• 属性：ProjectDate
• 属性值：null

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "ProjectDate":null
        }
    }
}

C#

var graphClient = new GraphServiceClient(requestAdapter);

var requestBody = new User
{
	CustomSecurityAttributes = new CustomSecurityAttributeValue
	{
		AdditionalData = new Dictionary<string, object>
		{
			{
				"Engineering" , new 
				{
					OdataType = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
					ProjectDate = null,
				}
			},
		},
	},
};
var result = await graphClient.Users["{user-id}"].PatchAsync(requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            ProjectDate: null
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
	projectDate := null
engineering.SetProjectDate(&projectDate) 
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			ProjectDate = $null
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

		$customSecurityAttributes->setProjectDate(null);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

示例 2：从用户中删除多值自定义安全属性分配

以下示例演示如何使用 更新用户 API 从用户中删除支持多个值的自定义安全属性分配。

• 属性集：Engineering
• 属性：Project
• 属性值：[]

请求

HTTP

PATCH https://graph.microsoft.com/beta/users/{id}
Content-type: application/json

{
    "customSecurityAttributes":
    {
        "Engineering":
        {
            "@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
            "Project":[]
        }
    }
}

C#

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const user = {
    customSecurityAttributes: 
    {
        Engineering: 
        {
            '@odata.type':'#Microsoft.DirectoryServices.CustomSecurityAttributeValue',
            Project: []
        }
    }
};

await client.api('/users/{id}')
	.version('beta')
	.update(user);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

Java

Snippet not available

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

转到

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewUser()
customSecurityAttributes := graphmodels.NewCustomSecurityAttributeValue()
additionalData := map[string]interface{}{
engineering := graphmodels.New()
	project := []graphmodels.able {

	}
	engineering.SetProject(project)
	customSecurityAttributes.SetEngineering(engineering)
}
customSecurityAttributes.SetAdditionalData(additionalData)
requestBody.SetCustomSecurityAttributes(customSecurityAttributes)

result, err := graphClient.UsersById("user-id").Patch(context.Background(), requestBody, nil)

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PowerShell

Import-Module Microsoft.Graph.Users

$params = @{
	CustomSecurityAttributes = @{
		Engineering = @{
			"@odata.type" = "#Microsoft.DirectoryServices.CustomSecurityAttributeValue"
			Project = @(
			)
		}
	}
}

Update-MgUser -UserId $userId -BodyParameter $params

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);

$requestBody = new User();
$customSecurityAttributes = new CustomSecurityAttributeValue();
$additionalData = [
'Engineering' => $customSecurityAttributes = new Engineering();
$		customSecurityAttributes->set@odatatype('#Microsoft.DirectoryServices.CustomSecurityAttributeValue');

$customSecurityAttributes->setProject([]);


$customSecurityAttributes->setEngineering($engineering);

];
$customSecurityAttributes->setAdditionalData($additionalData);



$requestBody->setCustomSecurityAttributes($customSecurityAttributes);


$requestResult = $graphServiceClient->usersById('user-id')->patch($requestBody);

阅读 SDK 文档 ，详细了解如何将 SDK 添加到 项目并 创建 authProvider 实例。

响应

HTTP/1.1 204 No Content

后续步骤

• 使用 Microsoft 图形 API (预览版) 的自定义安全属性概述
• Azure AD 中的自定义安全属性是什么？