本教程提供使用 Microsoft Graph 中的生命周期工作流 API 完成实时员工解雇的分步指南。 在这种情况下,不会计划员工解雇。 有关计划方案,请参阅 使用生命周期工作流 API 计划员工离职任务 。
在本教程中,你将了解如何:
- 配置生命周期工作流以按顺序运行以下任务:
- 从所有组中删除用户
- 从所有 Teams 中删除用户
- 删除用户帐户
- 监视工作流的状态及其关联任务。
若要完成本教程,需要以下资源和特权:
- 此功能需要Microsoft Entra ID 治理许可证。 若要找到适合你的要求的许可证,请参阅Microsoft Entra ID 治理许可基础知识。
- 登录到 API 客户端(如 Graph 资源管理器),使用至少具有生命周期管理员Microsoft Entra角色的帐户调用 Microsoft Graph。
- 向自己授予 LifecycleWorkflows.ReadWrite.All Microsoft Graph 委托的权限。
- 创建一个测试用户帐户,用于表示离开组织的员工。 工作流运行时,会删除此测试用户帐户。 将许可证和 Teams 成员身份分配给测试用户帐户。
以下请求使用以下设置创建卸载工作流:
- 它可以按需运行,但不能按计划运行。
- 工作流不包括执行条件。 对于按需运行的工作流,即使已定义,也会绕过执行条件。
- 启用三个工作流任务以按顺序运行:从所有组中删除用户,然后从所有团队中删除用户,然后删除其用户帐户。
POST https://graph.microsoft.com/v1.0/identityGovernance/LifecycleWorkflows/workflows
Content-type: application/json
{
"category": "Leaver",
"displayName": "Real-time employee termination",
"description": "Execute real-time termination tasks for employees on their last day of work",
"isEnabled": true,
"isSchedulingEnabled": false,
"executionConditions":{
"@odata.type":"#microsoft.graph.identityGovernance.onDemandExecutionOnly"
},
"tasks": [
{
"continueOnError": false,
"description": "Remove user from all Azure AD groups memberships",
"displayName": "Remove user from all groups",
"executionSequence": 1,
"isEnabled": true,
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
"arguments": []
},
{
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 2,
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
},
{
"continueOnError": false,
"description": "Delete user account in Azure AD",
"displayName": "Delete User Account",
"executionSequence": 3,
"isEnabled": true,
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
"arguments": []
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models.IdentityGovernance;
using Microsoft.Graph.Models;
var requestBody = new Workflow
{
Category = LifecycleWorkflowCategory.Leaver,
DisplayName = "Real-time employee termination",
Description = "Execute real-time termination tasks for employees on their last day of work",
IsEnabled = true,
IsSchedulingEnabled = false,
ExecutionConditions = new OnDemandExecutionOnly
{
OdataType = "#microsoft.graph.identityGovernance.onDemandExecutionOnly",
},
Tasks = new List<TaskObject>
{
new TaskObject
{
ContinueOnError = false,
Description = "Remove user from all Azure AD groups memberships",
DisplayName = "Remove user from all groups",
ExecutionSequence = 1,
IsEnabled = true,
TaskDefinitionId = "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
Arguments = new List<KeyValuePair>
{
},
},
new TaskObject
{
ContinueOnError = false,
Description = "Remove user from all Teams memberships",
DisplayName = "Remove user from all Teams",
ExecutionSequence = 2,
IsEnabled = true,
TaskDefinitionId = "81f7b200-2816-4b3b-8c5d-dc556f07b024",
Arguments = new List<KeyValuePair>
{
},
},
new TaskObject
{
ContinueOnError = false,
Description = "Delete user account in Azure AD",
DisplayName = "Delete User Account",
ExecutionSequence = 3,
IsEnabled = true,
TaskDefinitionId = "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
Arguments = new List<KeyValuePair>
{
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows.PostAsync(requestBody);
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
mgc identity-governance lifecycle-workflows workflows create --body '{\
"category": "Leaver",\
"displayName": "Real-time employee termination",\
"description": "Execute real-time termination tasks for employees on their last day of work",\
"isEnabled": true,\
"isSchedulingEnabled": false,\
"executionConditions":{\
"@odata.type":"#microsoft.graph.identityGovernance.onDemandExecutionOnly"\
},\
"tasks": [\
{\
"continueOnError": false,\
"description": "Remove user from all Azure AD groups memberships",\
"displayName": "Remove user from all groups",\
"executionSequence": 1,\
"isEnabled": true,\
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",\
"arguments": []\
},\
{\
"continueOnError": false,\
"description": "Remove user from all Teams memberships",\
"displayName": "Remove user from all Teams",\
"executionSequence": 2,\
"isEnabled": true,\
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",\
"arguments": []\
},\
{\
"continueOnError": false,\
"description": "Delete user account in Azure AD",\
"displayName": "Delete User Account",\
"executionSequence": 3,\
"isEnabled": true,\
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",\
"arguments": []\
}\
]\
}\
'
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodelsidentitygovernance "github.com/microsoftgraph/msgraph-sdk-go/models/identitygovernance"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodelsidentitygovernance.NewWorkflow()
category := graphmodels.LEAVER_LIFECYCLEWORKFLOWCATEGORY
requestBody.SetCategory(&category)
displayName := "Real-time employee termination"
requestBody.SetDisplayName(&displayName)
description := "Execute real-time termination tasks for employees on their last day of work"
requestBody.SetDescription(&description)
isEnabled := true
requestBody.SetIsEnabled(&isEnabled)
isSchedulingEnabled := false
requestBody.SetIsSchedulingEnabled(&isSchedulingEnabled)
executionConditions := graphmodelsidentitygovernance.NewOnDemandExecutionOnly()
requestBody.SetExecutionConditions(executionConditions)
task := graphmodelsidentitygovernance.NewTask()
continueOnError := false
task.SetContinueOnError(&continueOnError)
description := "Remove user from all Azure AD groups memberships"
task.SetDescription(&description)
displayName := "Remove user from all groups"
task.SetDisplayName(&displayName)
executionSequence := int32(1)
task.SetExecutionSequence(&executionSequence)
isEnabled := true
task.SetIsEnabled(&isEnabled)
taskDefinitionId := "b3a31406-2a15-4c9a-b25b-a658fa5f07fc"
task.SetTaskDefinitionId(&taskDefinitionId)
arguments := []graphmodels.KeyValuePairable {
}
task.SetArguments(arguments)
task1 := graphmodelsidentitygovernance.NewTask()
continueOnError := false
task1.SetContinueOnError(&continueOnError)
description := "Remove user from all Teams memberships"
task1.SetDescription(&description)
displayName := "Remove user from all Teams"
task1.SetDisplayName(&displayName)
executionSequence := int32(2)
task1.SetExecutionSequence(&executionSequence)
isEnabled := true
task1.SetIsEnabled(&isEnabled)
taskDefinitionId := "81f7b200-2816-4b3b-8c5d-dc556f07b024"
task1.SetTaskDefinitionId(&taskDefinitionId)
arguments := []graphmodels.KeyValuePairable {
}
task1.SetArguments(arguments)
task2 := graphmodelsidentitygovernance.NewTask()
continueOnError := false
task2.SetContinueOnError(&continueOnError)
description := "Delete user account in Azure AD"
task2.SetDescription(&description)
displayName := "Delete User Account"
task2.SetDisplayName(&displayName)
executionSequence := int32(3)
task2.SetExecutionSequence(&executionSequence)
isEnabled := true
task2.SetIsEnabled(&isEnabled)
taskDefinitionId := "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff"
task2.SetTaskDefinitionId(&taskDefinitionId)
arguments := []graphmodels.KeyValuePairable {
}
task2.SetArguments(arguments)
tasks := []graphmodelsidentitygovernance.Taskable {
task,
task1,
task2,
}
requestBody.SetTasks(tasks)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
workflows, err := graphClient.IdentityGovernance().LifecycleWorkflows().Workflows().Post(context.Background(), requestBody, nil)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.models.identitygovernance.Workflow workflow = new com.microsoft.graph.models.identitygovernance.Workflow();
workflow.setCategory(com.microsoft.graph.models.identitygovernance.LifecycleWorkflowCategory.Leaver);
workflow.setDisplayName("Real-time employee termination");
workflow.setDescription("Execute real-time termination tasks for employees on their last day of work");
workflow.setIsEnabled(true);
workflow.setIsSchedulingEnabled(false);
com.microsoft.graph.models.identitygovernance.OnDemandExecutionOnly executionConditions = new com.microsoft.graph.models.identitygovernance.OnDemandExecutionOnly();
executionConditions.setOdataType("#microsoft.graph.identityGovernance.onDemandExecutionOnly");
workflow.setExecutionConditions(executionConditions);
LinkedList<com.microsoft.graph.models.identitygovernance.Task> tasks = new LinkedList<com.microsoft.graph.models.identitygovernance.Task>();
com.microsoft.graph.models.identitygovernance.Task task = new com.microsoft.graph.models.identitygovernance.Task();
task.setContinueOnError(false);
task.setDescription("Remove user from all Azure AD groups memberships");
task.setDisplayName("Remove user from all groups");
task.setExecutionSequence(1);
task.setIsEnabled(true);
task.setTaskDefinitionId("b3a31406-2a15-4c9a-b25b-a658fa5f07fc");
LinkedList<KeyValuePair> arguments = new LinkedList<KeyValuePair>();
task.setArguments(arguments);
tasks.add(task);
com.microsoft.graph.models.identitygovernance.Task task1 = new com.microsoft.graph.models.identitygovernance.Task();
task1.setContinueOnError(false);
task1.setDescription("Remove user from all Teams memberships");
task1.setDisplayName("Remove user from all Teams");
task1.setExecutionSequence(2);
task1.setIsEnabled(true);
task1.setTaskDefinitionId("81f7b200-2816-4b3b-8c5d-dc556f07b024");
LinkedList<KeyValuePair> arguments1 = new LinkedList<KeyValuePair>();
task1.setArguments(arguments1);
tasks.add(task1);
com.microsoft.graph.models.identitygovernance.Task task2 = new com.microsoft.graph.models.identitygovernance.Task();
task2.setContinueOnError(false);
task2.setDescription("Delete user account in Azure AD");
task2.setDisplayName("Delete User Account");
task2.setExecutionSequence(3);
task2.setIsEnabled(true);
task2.setTaskDefinitionId("8d18588d-9ad3-4c0f-99d0-ec215f0e3dff");
LinkedList<KeyValuePair> arguments2 = new LinkedList<KeyValuePair>();
task2.setArguments(arguments2);
tasks.add(task2);
workflow.setTasks(tasks);
com.microsoft.graph.models.identitygovernance.Workflow result = graphClient.identityGovernance().lifecycleWorkflows().workflows().post(workflow);
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
const options = {
authProvider,
};
const client = Client.init(options);
const workflow = {
category: 'Leaver',
displayName: 'Real-time employee termination',
description: 'Execute real-time termination tasks for employees on their last day of work',
isEnabled: true,
isSchedulingEnabled: false,
executionConditions: {
'@odata.type':'#microsoft.graph.identityGovernance.onDemandExecutionOnly'
},
tasks: [
{
continueOnError: false,
description: 'Remove user from all Azure AD groups memberships',
displayName: 'Remove user from all groups',
executionSequence: 1,
isEnabled: true,
taskDefinitionId: 'b3a31406-2a15-4c9a-b25b-a658fa5f07fc',
arguments: []
},
{
continueOnError: false,
description: 'Remove user from all Teams memberships',
displayName: 'Remove user from all Teams',
executionSequence: 2,
isEnabled: true,
taskDefinitionId: '81f7b200-2816-4b3b-8c5d-dc556f07b024',
arguments: []
},
{
continueOnError: false,
description: 'Delete user account in Azure AD',
displayName: 'Delete User Account',
executionSequence: 3,
isEnabled: true,
taskDefinitionId: '8d18588d-9ad3-4c0f-99d0-ec215f0e3dff',
arguments: []
}
]
};
await client.api('/identityGovernance/LifecycleWorkflows/workflows')
.post(workflow);
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\IdentityGovernance\Workflow;
use Microsoft\Graph\Generated\Models\IdentityGovernance\LifecycleWorkflowCategory;
use Microsoft\Graph\Generated\Models\IdentityGovernance\OnDemandExecutionOnly;
use Microsoft\Graph\Generated\Models\IdentityGovernance\Task;
use Microsoft\Graph\Generated\Models\KeyValuePair;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new Workflow();
$requestBody->setCategory(new LifecycleWorkflowCategory('leaver'));
$requestBody->setDisplayName('Real-time employee termination');
$requestBody->setDescription('Execute real-time termination tasks for employees on their last day of work');
$requestBody->setIsEnabled(true);
$requestBody->setIsSchedulingEnabled(false);
$executionConditions = new OnDemandExecutionOnly();
$executionConditions->setOdataType('#microsoft.graph.identityGovernance.onDemandExecutionOnly');
$requestBody->setExecutionConditions($executionConditions);
$tasksTask1 = new Task();
$tasksTask1->setContinueOnError(false);
$tasksTask1->setDescription('Remove user from all Azure AD groups memberships');
$tasksTask1->setDisplayName('Remove user from all groups');
$tasksTask1->setExecutionSequence(1);
$tasksTask1->setIsEnabled(true);
$tasksTask1->setTaskDefinitionId('b3a31406-2a15-4c9a-b25b-a658fa5f07fc');
$tasksTask1->setArguments([ ]);
$tasksArray []= $tasksTask1;
$tasksTask2 = new Task();
$tasksTask2->setContinueOnError(false);
$tasksTask2->setDescription('Remove user from all Teams memberships');
$tasksTask2->setDisplayName('Remove user from all Teams');
$tasksTask2->setExecutionSequence(2);
$tasksTask2->setIsEnabled(true);
$tasksTask2->setTaskDefinitionId('81f7b200-2816-4b3b-8c5d-dc556f07b024');
$tasksTask2->setArguments([ ]);
$tasksArray []= $tasksTask2;
$tasksTask3 = new Task();
$tasksTask3->setContinueOnError(false);
$tasksTask3->setDescription('Delete user account in Azure AD');
$tasksTask3->setDisplayName('Delete User Account');
$tasksTask3->setExecutionSequence(3);
$tasksTask3->setIsEnabled(true);
$tasksTask3->setTaskDefinitionId('8d18588d-9ad3-4c0f-99d0-ec215f0e3dff');
$tasksTask3->setArguments([ ]);
$tasksArray []= $tasksTask3;
$requestBody->setTasks($tasksArray);
$result = $graphServiceClient->identityGovernance()->lifecycleWorkflows()->workflows()->post($requestBody)->wait();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
Import-Module Microsoft.Graph.Identity.Governance
$params = @{
category = "Leaver"
displayName = "Real-time employee termination"
description = "Execute real-time termination tasks for employees on their last day of work"
isEnabled = $true
isSchedulingEnabled = $false
executionConditions = @{
"@odata.type" = "#microsoft.graph.identityGovernance.onDemandExecutionOnly"
}
tasks = @(
@{
continueOnError = $false
description = "Remove user from all Azure AD groups memberships"
displayName = "Remove user from all groups"
executionSequence = 1
isEnabled = $true
taskDefinitionId = "b3a31406-2a15-4c9a-b25b-a658fa5f07fc"
arguments = @(
)
}
@{
continueOnError = $false
description = "Remove user from all Teams memberships"
displayName = "Remove user from all Teams"
executionSequence = 2
isEnabled = $true
taskDefinitionId = "81f7b200-2816-4b3b-8c5d-dc556f07b024"
arguments = @(
)
}
@{
continueOnError = $false
description = "Delete user account in Azure AD"
displayName = "Delete User Account"
executionSequence = 3
isEnabled = $true
taskDefinitionId = "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff"
arguments = @(
)
}
)
}
New-MgIdentityGovernanceLifecycleWorkflow -BodyParameter $params
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.identity_governance.workflow import Workflow
from msgraph.generated.models.lifecycle_workflow_category import LifecycleWorkflowCategory
from msgraph.generated.models.identity_governance.on_demand_execution_only import OnDemandExecutionOnly
from msgraph.generated.models.identity_governance.task import Task
from msgraph.generated.models.key_value_pair import KeyValuePair
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = Workflow(
category = LifecycleWorkflowCategory.Leaver,
display_name = "Real-time employee termination",
description = "Execute real-time termination tasks for employees on their last day of work",
is_enabled = True,
is_scheduling_enabled = False,
execution_conditions = OnDemandExecutionOnly(
odata_type = "#microsoft.graph.identityGovernance.onDemandExecutionOnly",
),
tasks = [
Task(
continue_on_error = False,
description = "Remove user from all Azure AD groups memberships",
display_name = "Remove user from all groups",
execution_sequence = 1,
is_enabled = True,
task_definition_id = "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
arguments = [
],
),
Task(
continue_on_error = False,
description = "Remove user from all Teams memberships",
display_name = "Remove user from all Teams",
execution_sequence = 2,
is_enabled = True,
task_definition_id = "81f7b200-2816-4b3b-8c5d-dc556f07b024",
arguments = [
],
),
Task(
continue_on_error = False,
description = "Delete user account in Azure AD",
display_name = "Delete User Account",
execution_sequence = 3,
is_enabled = True,
task_definition_id = "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
arguments = [
],
),
],
)
result = await graph_client.identity_governance.lifecycle_workflows.workflows.post(request_body)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
HTTP/1.1 201 Created
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflows/$entity",
"category": "leaver",
"description": "Execute real-time termination tasks for employees on their last day of work",
"displayName": "Real-time employee termination",
"lastModifiedDateTime": "2024-03-03T08:33:01.0619748Z",
"createdDateTime": "2024-03-03T08:33:01.0619653Z",
"deletedDateTime": null,
"id": "368dfba3-2303-4e02-b258-87d742187e1b",
"isEnabled": true,
"isSchedulingEnabled": false,
"nextScheduleRunDateTime": null,
"version": 1,
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.onDemandExecutionOnly"
}
}
在以下请求中,将按 ID 8930f0c7-cdd7-4885-9260-3b4a8111de5c标识工作流目标的用户。
请求返回 204 No Content 响应。
POST https://graph.microsoft.com/v1.0/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/activate
{
"subjects": [
{
"id": "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.IdentityGovernance.LifecycleWorkflows.Workflows.Item.MicrosoftGraphIdentityGovernanceActivate;
using Microsoft.Graph.Models;
var requestBody = new ActivatePostRequestBody
{
Subjects = new List<User>
{
new User
{
Id = "8930f0c7-cdd7-4885-9260-3b4a8111de5c",
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows["{workflow-id}"].MicrosoftGraphIdentityGovernanceActivate.PostAsync(requestBody);
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
mgc identity-governance lifecycle-workflows workflows microsoft-graph-identity-governance-activate post --workflow-id {workflow-id}
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphidentitygovernance "github.com/microsoftgraph/msgraph-sdk-go/identitygovernance"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphidentitygovernance.NewActivatePostRequestBody()
user := graphmodels.NewUser()
id := "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
user.SetId(&id)
subjects := []graphmodels.Userable {
user,
}
requestBody.SetSubjects(subjects)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
graphClient.IdentityGovernance().LifecycleWorkflows().Workflows().ByWorkflowId("workflow-id").MicrosoftGraphIdentityGovernanceActivate().Post(context.Background(), requestBody, nil)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.identitygovernance.lifecycleworkflows.workflows.item.microsoftgraphidentitygovernanceactivate.ActivatePostRequestBody activatePostRequestBody = new com.microsoft.graph.identitygovernance.lifecycleworkflows.workflows.item.microsoftgraphidentitygovernanceactivate.ActivatePostRequestBody();
LinkedList<User> subjects = new LinkedList<User>();
User user = new User();
user.setId("8930f0c7-cdd7-4885-9260-3b4a8111de5c");
subjects.add(user);
activatePostRequestBody.setSubjects(subjects);
graphClient.identityGovernance().lifecycleWorkflows().workflows().byWorkflowId("{workflow-id}").microsoftGraphIdentityGovernanceActivate().post(activatePostRequestBody);
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
const options = {
authProvider,
};
const client = Client.init(options);
const activate = {
subjects: [
{
id: '8930f0c7-cdd7-4885-9260-3b4a8111de5c'
}
]
};
await client.api('/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/activate')
.post(activate);
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\IdentityGovernance\LifecycleWorkflows\Workflows\Item\MicrosoftGraphIdentityGovernanceActivate\ActivatePostRequestBody;
use Microsoft\Graph\Generated\Models\User;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new ActivatePostRequestBody();
$subjectsUser1 = new User();
$subjectsUser1->setId('8930f0c7-cdd7-4885-9260-3b4a8111de5c');
$subjectsArray []= $subjectsUser1;
$requestBody->setSubjects($subjectsArray);
$graphServiceClient->identityGovernance()->lifecycleWorkflows()->workflows()->byWorkflowId('workflow-id')->microsoftGraphIdentityGovernanceActivate()->post($requestBody)->wait();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
Import-Module Microsoft.Graph.Identity.Governance
$params = @{
subjects = @(
@{
id = "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
}
)
}
Initialize-MgIdentityGovernanceLifecycleWorkflow -WorkflowId $workflowId -BodyParameter $params
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.identitygovernance.lifecycleworkflows.workflows.item.microsoft_graph_identity_governance_activate.activate_post_request_body import ActivatePostRequestBody
from msgraph.generated.models.user import User
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = ActivatePostRequestBody(
subjects = [
User(
id = "8930f0c7-cdd7-4885-9260-3b4a8111de5c",
),
],
)
await graph_client.identity_governance.lifecycle_workflows.workflows.by_workflow_id('workflow-id').microsoft_graph_identity_governance_activate.post(request_body)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
在三个级别监视工作流和任务的状态:
- 监视用户级别的任务。
- 在指定时间段内监视工作流的用户级结果的聚合高级摘要。
- 检索工作流中为特定用户执行的所有任务的详细日志。
GET https://graph.microsoft.com/v1.0/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/userProcessingResults
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows["{workflow-id}"].UserProcessingResults.GetAsync();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
mgc identity-governance lifecycle-workflows workflows user-processing-results list --workflow-id {workflow-id}
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
//other-imports
)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
userProcessingResults, err := graphClient.IdentityGovernance().LifecycleWorkflows().Workflows().ByWorkflowId("workflow-id").UserProcessingResults().Get(context.Background(), nil)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.models.identitygovernance.UserProcessingResultCollectionResponse result = graphClient.identityGovernance().lifecycleWorkflows().workflows().byWorkflowId("{workflow-id}").userProcessingResults().get();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
const options = {
authProvider,
};
const client = Client.init(options);
let userProcessingResults = await client.api('/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/userProcessingResults')
.get();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
<?php
use Microsoft\Graph\GraphServiceClient;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$result = $graphServiceClient->identityGovernance()->lifecycleWorkflows()->workflows()->byWorkflowId('workflow-id')->userProcessingResults()->get()->wait();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
Import-Module Microsoft.Graph.Identity.Governance
Get-MgIdentityGovernanceLifecycleWorkflowUserProcessingResult -WorkflowId $workflowId
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
result = await graph_client.identity_governance.lifecycle_workflows.workflows.by_workflow_id('workflow-id').user_processing_results.get()
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflows('368dfba3-2303-4e02-b258-87d742187e1b')/userProcessingResults",
"value": [
{
"id": "bc5b9d36-55fb-4036-8551-582668a6b78e",
"completedDateTime": "2024-03-03T08:37:47.3197648Z",
"failedTasksCount": 0,
"processingStatus": "completed",
"scheduledDateTime": "2024-03-03T08:37:28.3040665Z",
"startedDateTime": "2024-03-03T08:37:32.1018797Z",
"totalTasksCount": 3,
"totalUnprocessedTasksCount": 0,
"workflowExecutionType": "onDemand",
"workflowVersion": 1,
"subject": {
"id": "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
}
}
]
}
选项 2:获取指定时间段内工作流的用户级结果的聚合高级摘要
GET https://graph.microsoft.com/v1.0/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/userProcessingResults/summary(startDateTime=2022-10-01T00:00:00Z,endDateTime=2022-10-30T00:00:00Z)
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows["{workflow-id}"].UserProcessingResults.MicrosoftGraphIdentityGovernanceSummaryWithStartDateTimeWithEndDateTime(DateTimeOffset.Parse("{endDateTime}"),DateTimeOffset.Parse("{startDateTime}")).GetAsync();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
mgc identity-governance lifecycle-workflows workflows user-processing-results microsoft-graph-identity-governance-summary-with-start-date-time-with-end-date-time get --start-date-time {start-date-time-id} --end-date-time {end-date-time-id} --workflow-id {workflow-id}
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
//other-imports
)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
startDateTime , err := time.Parse(time.RFC3339, "{startDateTime}")
endDateTime , err := time.Parse(time.RFC3339, "{endDateTime}")
microsoftGraphIdentityGovernanceSummary, err := graphClient.IdentityGovernance().LifecycleWorkflows().Workflows().ByWorkflowId("workflow-id").UserProcessingResults().MicrosoftGraphIdentityGovernanceSummaryWithStartDateTimeWithEndDateTime(&startDateTime, &endDateTime).Get(context.Background(), nil)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
var result = graphClient.identityGovernance().lifecycleWorkflows().workflows().byWorkflowId("{workflow-id}").userProcessingResults().microsoftGraphIdentityGovernanceSummaryWithStartDateTimeWithEndDateTime(OffsetDateTime.parse("{endDateTime}"), OffsetDateTime.parse("{startDateTime}")).get();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
const options = {
authProvider,
};
const client = Client.init(options);
let userSummary = await client.api('/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/userProcessingResults/summary(startDateTime=2022-10-01T00:00:00Z,endDateTime=2022-10-30T00:00:00Z)')
.get();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
<?php
use Microsoft\Graph\GraphServiceClient;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$result = $graphServiceClient->identityGovernance()->lifecycleWorkflows()->workflows()->byWorkflowId('workflow-id')->userProcessingResults()->microsoftGraphIdentityGovernanceSummaryWithStartDateTimeWithEndDateTime(new \DateTime('{endDateTime}'),new \DateTime('{startDateTime}'))->get()->wait();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
Import-Module Microsoft.Graph.Identity.Governance
Invoke-MgSummaryIdentityGovernanceLifecycleWorkflowUserProcessingResult -WorkflowId $workflowId
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
result = await graph_client.identity_governance.lifecycle_workflows.workflows.by_workflow_id('workflow-id').user_processing_results.microsoft_graph_identity_governance_summary_with_start_date_time_with_end_date_time("{endDateTime}","{startDateTime}").get()
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.identityGovernance.userSummary",
"failedTasks": 0,
"failedUsers": 0,
"successfulUsers": 1,
"totalTasks": 3,
"totalUsers": 1
}
选项 3:检索工作流中为特定用户执行的所有任务的详细日志
检索工作流中为特定用户执行的所有任务的详细日志。
GET https://graph.microsoft.com/v1.0/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/userProcessingResults/bc5b9d36-55fb-4036-8551-582668a6b78e/taskProcessingResults
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.LifecycleWorkflows.Workflows["{workflow-id}"].UserProcessingResults["{userProcessingResult-id}"].TaskProcessingResults.GetAsync();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
mgc identity-governance lifecycle-workflows workflows user-processing-results task-processing-results list --workflow-id {workflow-id} --user-processing-result-id {userProcessingResult-id}
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
//other-imports
)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
taskProcessingResults, err := graphClient.IdentityGovernance().LifecycleWorkflows().Workflows().ByWorkflowId("workflow-id").UserProcessingResults().ByUserProcessingResultId("userProcessingResult-id").TaskProcessingResults().Get(context.Background(), nil)
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.models.identitygovernance.TaskProcessingResultCollectionResponse result = graphClient.identityGovernance().lifecycleWorkflows().workflows().byWorkflowId("{workflow-id}").userProcessingResults().byUserProcessingResultId("{userProcessingResult-id}").taskProcessingResults().get();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
const options = {
authProvider,
};
const client = Client.init(options);
let taskProcessingResults = await client.api('/identityGovernance/LifecycleWorkflows/workflows/368dfba3-2303-4e02-b258-87d742187e1b/userProcessingResults/bc5b9d36-55fb-4036-8551-582668a6b78e/taskProcessingResults')
.get();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
<?php
use Microsoft\Graph\GraphServiceClient;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$result = $graphServiceClient->identityGovernance()->lifecycleWorkflows()->workflows()->byWorkflowId('workflow-id')->userProcessingResults()->byUserProcessingResultId('userProcessingResult-id')->taskProcessingResults()->get()->wait();
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
Import-Module Microsoft.Graph.Identity.Governance
Get-MgIdentityGovernanceLifecycleWorkflowUserProcessingResultTaskProcessingResult -WorkflowId $workflowId -UserProcessingResultId $userProcessingResultId
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
result = await graph_client.identity_governance.lifecycle_workflows.workflows.by_workflow_id('workflow-id').user_processing_results.by_user_processing_result_id('userProcessingResult-id').task_processing_results.get()
请阅读 SDK 文档,了解如何将 SDK 添加到项目并创建 authProvider 实例的详细信息。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflows('368dfba3-2303-4e02-b258-87d742187e1b')/userProcessingResults('bc5b9d36-55fb-4036-8551-582668a6b78e')/taskProcessingResults",
"value": [
{
"completedDateTime": "2024-03-03T08:37:37.1440809Z",
"createdDateTime": "2024-03-03T08:37:32.6985496Z",
"id": "0819ee66-f85c-49a2-bdbd-3bbdbb3c1797",
"processingStatus": "completed",
"startedDateTime": "2024-03-03T08:37:36.2260254Z",
"failureReason": null,
"subject": {
"id": "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
},
"task": {
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Azure AD groups memberships",
"displayName": "Remove user from all groups",
"executionSequence": 1,
"id": "ab400768-ff1e-4a2f-ac0e-bae5d8419613",
"isEnabled": true,
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
"arguments": []
}
},
{
"completedDateTime": "2024-03-03T08:37:42.8173083Z",
"createdDateTime": "2024-03-03T08:37:32.76041Z",
"id": "f1e16080-0117-41ba-9632-74eb60a4b005",
"processingStatus": "completed",
"startedDateTime": "2024-03-03T08:37:38.383087Z",
"failureReason": null,
"subject": {
"id": "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
},
"task": {
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 2,
"id": "b49e306a-17ad-4bed-89cb-f312b9d30eb3",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
}
},
{
"completedDateTime": "2024-03-03T08:37:46.8305324Z",
"createdDateTime": "2024-03-03T08:37:33.0279549Z",
"id": "21d40600-259a-4581-a011-0a56d2ee6e7a",
"processingStatus": "completed",
"startedDateTime": "2024-03-03T08:37:46.3131624Z",
"failureReason": null,
"subject": {
"id": "8930f0c7-cdd7-4885-9260-3b4a8111de5c"
},
"task": {
"category": "leaver",
"continueOnError": false,
"description": "Delete user account in Azure AD",
"displayName": "Delete User Account",
"executionSequence": 3,
"id": "ce568616-5615-4783-a519-6bec9f13514e",
"isEnabled": true,
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
"arguments": []
}
}
]
}