accessPackageAssignmentPolicy erstellen

Namespace: microsoft.graph

Wichtig

APIs unter der /beta Version in Microsoft Graph können geändert werden. Die Verwendung dieser APIs in Produktionsanwendungen wird nicht unterstützt. Um festzustellen, ob eine API in Version 1.0 verfügbar ist, verwenden Sie die Versionsauswahl .

Erstellen Sie in Azure AD Berechtigungsverwaltung ein neues accessPackageAssignmentPolicy-Objekt.

Berechtigungen

Eine der nachfolgenden Berechtigungen ist erforderlich, um diese API aufrufen zu können. Weitere Informationen, unter anderem zur Auswahl von Berechtigungen, finden Sie im Artikel zum Thema Berechtigungen.

Berechtigungstyp	Berechtigungen (von der Berechtigung mit den wenigsten Rechten zu der mit den meisten Rechten)
Delegiert (Geschäfts-, Schul- oder Unikonto)	EntitlementManagement.ReadWrite.All
Delegiert (persönliches Microsoft-Konto)	Nicht unterstützt
Anwendung	EntitlementManagement.ReadWrite.All

HTTP-Anforderung

POST /identityGovernance/entitlementManagement/accessPackageAssignmentPolicies

Anforderungsheader

Name	Beschreibung
Authorization	Bearer {token}. Erforderlich.
Content-Type	application/json. Erforderlich.

Anforderungstext

Geben Sie im Anforderungstext eine JSON-Darstellung eines accessPackageAssignmentPolicy-Objekts an.

Antwort

Bei erfolgreicher Ausführung gibt die Methode den Antwortcode der Serie 200 und ein neues AccessPackageAssignmentPolicy-Objekt im Antworttext zurück.

Beispiele

Beispiel 1: Erstellen einer Direktzuweisungsrichtlinie

Eine Richtlinie für direkte Zuweisungen ist nützlich, wenn Zugriffspaket-Zuweisungsanforderungen nur von einem Administrator erstellt werden, nicht von Benutzern selbst.

Anforderung

Das folgende Beispiel zeigt eine Anforderung zum Erstellen einer Zuweisungsrichtlinie für Zugriffspakete. In dieser Richtlinie können keine Benutzer anfordern, es ist keine Genehmigung erforderlich, und es gibt keine Zugriffsüberprüfungen.

HTTP

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json

{
  "accessPackageId": "56ff43fd-6b05-48df-9634-956a777fce6d",
  "displayName": "direct",
  "description": "direct assignments by administrator",
  "accessReviewSettings": null,
  "requestorSettings": {
    "scopeType": "NoSubjects",
    "acceptRequests": true,
    "allowedRequestors": []
  },
  "requestApprovalSettings": {
    "isApprovalRequired": false,
    "isApprovalRequiredForExtension": false,
    "isRequestorJustificationRequired": false,
    "approvalMode": "NoApproval",
    "approvalStages": []
  }
}

C#

GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
    AccessPackageId = "56ff43fd-6b05-48df-9634-956a777fce6d",
    DisplayName = "direct",
    Description = "direct assignments by administrator",
    AccessReviewSettings = null,
    RequestorSettings = new RequestorSettings
    {
        ScopeType = "NoSubjects",
        AcceptRequests = true,
        AllowedRequestors = new List<UserSet>()
        {
        }
    },
    RequestApprovalSettings = new ApprovalSettings
    {
        IsApprovalRequired = false,
        IsApprovalRequiredForExtension = false,
        IsRequestorJustificationRequired = false,
        ApprovalMode = "NoApproval",
        ApprovalStages = new List<ApprovalStage>()
        {
        }
    }
};

await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies
    .Request()
    .AddAsync(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

JavaScript

const options = {
    authProvider,
};

const client = Client.init(options);

const accessPackageAssignmentPolicy = {
  accessPackageId: '56ff43fd-6b05-48df-9634-956a777fce6d',
  displayName: 'direct',
  description: 'direct assignments by administrator',
  accessReviewSettings: null,
  requestorSettings: {
    scopeType: 'NoSubjects',
    acceptRequests: true,
    allowedRequestors: []
  },
  requestApprovalSettings: {
    isApprovalRequired: false,
    isApprovalRequiredForExtension: false,
    isRequestorJustificationRequired: false,
    approvalMode: 'NoApproval',
    approvalStages: []
  }
};

await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
    .version('beta')
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Objective-C

MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];

NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];

MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setAccessPackageId:@"56ff43fd-6b05-48df-9634-956a777fce6d"];
[accessPackageAssignmentPolicy setDisplayName:@"direct"];
[accessPackageAssignmentPolicy setDescription:@"direct assignments by administrator"];
[accessPackageAssignmentPolicy setAccessReviewSettings: null];
MSGraphRequestorSettings *requestorSettings = [[MSGraphRequestorSettings alloc] init];
[requestorSettings setScopeType:@"NoSubjects"];
[requestorSettings setAcceptRequests: true];
NSMutableArray *allowedRequestorsList = [[NSMutableArray alloc] init];
[requestorSettings setAllowedRequestors:allowedRequestorsList];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphApprovalSettings *requestApprovalSettings = [[MSGraphApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequired: false];
[requestApprovalSettings setIsApprovalRequiredForExtension: false];
[requestApprovalSettings setIsRequestorJustificationRequired: false];
[requestApprovalSettings setApprovalMode:@"NoApproval"];
NSMutableArray *approvalStagesList = [[NSMutableArray alloc] init];
[requestApprovalSettings setApprovalStages:approvalStagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];

NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];

MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest 
    completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {

        //Request Completed

}];

[meDataTask execute];

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.accessPackageId = "56ff43fd-6b05-48df-9634-956a777fce6d";
accessPackageAssignmentPolicy.displayName = "direct";
accessPackageAssignmentPolicy.description = "direct assignments by administrator";
accessPackageAssignmentPolicy.accessReviewSettings = null;
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.scopeType = "NoSubjects";
requestorSettings.acceptRequests = true;
LinkedList<UserSet> allowedRequestorsList = new LinkedList<UserSet>();
requestorSettings.allowedRequestors = allowedRequestorsList;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
ApprovalSettings requestApprovalSettings = new ApprovalSettings();
requestApprovalSettings.isApprovalRequired = false;
requestApprovalSettings.isApprovalRequiredForExtension = false;
requestApprovalSettings.isRequestorJustificationRequired = false;
requestApprovalSettings.approvalMode = "NoApproval";
LinkedList<ApprovalStage> approvalStagesList = new LinkedList<ApprovalStage>();
requestApprovalSettings.approvalStages = approvalStagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;

graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies()
    .buildRequest()
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Go

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
accessPackageId := "56ff43fd-6b05-48df-9634-956a777fce6d"
requestBody.SetAccessPackageId(&accessPackageId)
displayName := "direct"
requestBody.SetDisplayName(&displayName)
description := "direct assignments by administrator"
requestBody.SetDescription(&description)
requestBody.SetAccessReviewSettings(nil)
requestorSettings := msgraphsdk.NewRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
scopeType := "NoSubjects"
requestorSettings.SetScopeType(&scopeType)
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
requestorSettings.SetAllowedRequestors( []UserSet {
}
requestApprovalSettings := msgraphsdk.NewApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequired := false
requestApprovalSettings.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
requestApprovalSettings.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := false
requestApprovalSettings.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "NoApproval"
requestApprovalSettings.SetApprovalMode(&approvalMode)
requestApprovalSettings.SetApprovalStages( []ApprovalStage {
}
result, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(requestBody)

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

PowerShell

Import-Module Microsoft.Graph.Identity.Governance

$params = @{
    AccessPackageId = "56ff43fd-6b05-48df-9634-956a777fce6d"
    DisplayName = "direct"
    Description = "direct assignments by administrator"
    AccessReviewSettings = $null
    RequestorSettings = @{
        ScopeType = "NoSubjects"
        AcceptRequests = $true
        AllowedRequestors = @(
        )
    }
    RequestApprovalSettings = @{
        IsApprovalRequired = $false
        IsApprovalRequiredForExtension = $false
        IsRequestorJustificationRequired = $false
        ApprovalMode = "NoApproval"
        ApprovalStages = @(
        )
    }
}

New-MgEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Antwort

Nachfolgend sehen Sie ein Beispiel der Antwort.

Hinweis: Das hier gezeigte Antwortobjekt kann zur besseren Lesbarkeit gekürzt werden.

HTTP/1.1 201 Created
Content-type: application/json

{
  "id": "4c02f928-7752-49aa-8fc8-e286d973a965",
  "accessPackageId": "56ff43fd-6b05-48df-9634-956a777fce6d",
  "displayName": "direct",
  "description": "direct assignments by administrator"
}

Beispiel 2: Erstellen einer Richtlinie für Benutzer aus anderen Organisationen, die angefordert werden sollen

Das folgende Beispiel zeigt eine komplexere Richtlinie mit zweistufigen Genehmigungen und Zugriffsüberprüfungen.

Anforderung

Es folgt ein Beispiel für die Anforderung zum Erstellen einer Zuweisungsrichtlinie für Zugriffspakete.

HTTP

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json

{
    "accessPackageId": "string (identifier)",
    "displayName": "Users from connected organizations can request",
    "description": "Allow users from configured connected organizations to request and be approved by their sponsors",
    "canExtend": false,
    "durationInDays": 365,
    "expirationDateTime": null,
    "requestorSettings": {
        "scopeType": "AllExistingConnectedOrganizationSubjects",
        "acceptRequests": true,
        "allowedRequestors": []
    },
    "requestApprovalSettings": {
        "isApprovalRequired": true,
        "isApprovalRequiredForExtension": false,
        "isRequestorJustificationRequired": true,
        "approvalMode": "Serial",
        "approvalStages": [
            {
                "approvalStageTimeOutInDays": 14,
                "isApproverJustificationRequired": true,
                "isEscalationEnabled": true,
                "escalationTimeInMinutes": 11520,
                "primaryApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.groupMembers",
                        "isBackup": true,
                        "id": "string (identifier)",
                        "description": "group for users from connected organizations which have no external sponsor"
                    },
                    {
                        "@odata.type": "#microsoft.graph.externalSponsors",
                        "isBackup": false
                    }
                ],
                "escalationApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.singleUser",
                        "isBackup": true,
                        "id": "string (identifier)",
                        "description": "user if the external sponsor does not respond"
                    }
                ]
            },
            {
                "approvalStageTimeOutInDays": 14,
                "isApproverJustificationRequired": true,
                "isEscalationEnabled": true,
                "escalationTimeInMinutes": 11520,
                "primaryApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.groupMembers",
                        "isBackup": true,
                        "id": "string (identifier)",
                        "description": "group for users from connected organizations which have no internal sponsor"
                    },
                    {
                        "@odata.type": "#microsoft.graph.internalSponsors",
                        "isBackup": false
                    }
                ],
                "escalationApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.singleUser",
                        "isBackup": true,
                        "id": "string (identifier)",
                        "description": "user if the internal sponsor does not respond"
                    }
                ]
            }
        ]
    },
    "accessReviewSettings": {
        "isEnabled": true,
        "recurrenceType": "quarterly",
        "reviewerType": "Self",
        "startDateTime": "2020-04-01T07:59:59.998Z",
        "durationInDays": 25,
        "reviewers": []
    }
}

C#

GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
    AccessPackageId = "string (identifier)",
    DisplayName = "Users from connected organizations can request",
    Description = "Allow users from configured connected organizations to request and be approved by their sponsors",
    CanExtend = false,
    DurationInDays = 365,
    ExpirationDateTime = null,
    RequestorSettings = new RequestorSettings
    {
        ScopeType = "AllExistingConnectedOrganizationSubjects",
        AcceptRequests = true,
        AllowedRequestors = new List<UserSet>()
        {
        }
    },
    RequestApprovalSettings = new ApprovalSettings
    {
        IsApprovalRequired = true,
        IsApprovalRequiredForExtension = false,
        IsRequestorJustificationRequired = true,
        ApprovalMode = "Serial",
        ApprovalStages = new List<ApprovalStage>()
        {
            new ApprovalStage
            {
                ApprovalStageTimeOutInDays = 14,
                IsApproverJustificationRequired = true,
                IsEscalationEnabled = true,
                EscalationTimeInMinutes = 11520,
                PrimaryApprovers = new List<UserSet>()
                {
                    new GroupMembers
                    {
                        IsBackup = true,
                        Id = "string (identifier)",
                        Description = "group for users from connected organizations which have no external sponsor"
                    },
                    new ExternalSponsors
                    {
                        IsBackup = false
                    }
                },
                EscalationApprovers = new List<UserSet>()
                {
                    new SingleUser
                    {
                        IsBackup = true,
                        Id = "string (identifier)",
                        Description = "user if the external sponsor does not respond"
                    }
                }
            },
            new ApprovalStage
            {
                ApprovalStageTimeOutInDays = 14,
                IsApproverJustificationRequired = true,
                IsEscalationEnabled = true,
                EscalationTimeInMinutes = 11520,
                PrimaryApprovers = new List<UserSet>()
                {
                    new GroupMembers
                    {
                        IsBackup = true,
                        Id = "string (identifier)",
                        Description = "group for users from connected organizations which have no internal sponsor"
                    },
                    new InternalSponsors
                    {
                        IsBackup = false
                    }
                },
                EscalationApprovers = new List<UserSet>()
                {
                    new SingleUser
                    {
                        IsBackup = true,
                        Id = "string (identifier)",
                        Description = "user if the internal sponsor does not respond"
                    }
                }
            }
        }
    },
    AccessReviewSettings = new AssignmentReviewSettings
    {
        IsEnabled = true,
        RecurrenceType = "quarterly",
        ReviewerType = "Self",
        StartDateTime = DateTimeOffset.Parse("2020-04-01T07:59:59.998Z"),
        DurationInDays = 25,
        Reviewers = new List<UserSet>()
        {
        }
    }
};

await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies
    .Request()
    .AddAsync(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

JavaScript

const options = {
    authProvider,
};

const client = Client.init(options);

const accessPackageAssignmentPolicy = {
    accessPackageId: 'string (identifier)',
    displayName: 'Users from connected organizations can request',
    description: 'Allow users from configured connected organizations to request and be approved by their sponsors',
    canExtend: false,
    durationInDays: 365,
    expirationDateTime: null,
    requestorSettings: {
        scopeType: 'AllExistingConnectedOrganizationSubjects',
        acceptRequests: true,
        allowedRequestors: []
    },
    requestApprovalSettings: {
        isApprovalRequired: true,
        isApprovalRequiredForExtension: false,
        isRequestorJustificationRequired: true,
        approvalMode: 'Serial',
        approvalStages: [
            {
                approvalStageTimeOutInDays: 14,
                isApproverJustificationRequired: true,
                isEscalationEnabled: true,
                escalationTimeInMinutes: 11520,
                primaryApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.groupMembers',
                        isBackup: true,
                        id: 'string (identifier)',
                        description: 'group for users from connected organizations which have no external sponsor'
                    },
                    {
                        '@odata.type': '#microsoft.graph.externalSponsors',
                        isBackup: false
                    }
                ],
                escalationApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.singleUser',
                        isBackup: true,
                        id: 'string (identifier)',
                        description: 'user if the external sponsor does not respond'
                    }
                ]
            },
            {
                approvalStageTimeOutInDays: 14,
                isApproverJustificationRequired: true,
                isEscalationEnabled: true,
                escalationTimeInMinutes: 11520,
                primaryApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.groupMembers',
                        isBackup: true,
                        id: 'string (identifier)',
                        description: 'group for users from connected organizations which have no internal sponsor'
                    },
                    {
                        '@odata.type': '#microsoft.graph.internalSponsors',
                        isBackup: false
                    }
                ],
                escalationApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.singleUser',
                        isBackup: true,
                        id: 'string (identifier)',
                        description: 'user if the internal sponsor does not respond'
                    }
                ]
            }
        ]
    },
    accessReviewSettings: {
        isEnabled: true,
        recurrenceType: 'quarterly',
        reviewerType: 'Self',
        startDateTime: '2020-04-01T07:59:59.998Z',
        durationInDays: 25,
        reviewers: []
    }
};

await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
    .version('beta')
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Objective-C

MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];

NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];

MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setAccessPackageId:@"string (identifier)"];
[accessPackageAssignmentPolicy setDisplayName:@"Users from connected organizations can request"];
[accessPackageAssignmentPolicy setDescription:@"Allow users from configured connected organizations to request and be approved by their sponsors"];
[accessPackageAssignmentPolicy setCanExtend: false];
[accessPackageAssignmentPolicy setDurationInDays: 365];
[accessPackageAssignmentPolicy setExpirationDateTime: null];
MSGraphRequestorSettings *requestorSettings = [[MSGraphRequestorSettings alloc] init];
[requestorSettings setScopeType:@"AllExistingConnectedOrganizationSubjects"];
[requestorSettings setAcceptRequests: true];
NSMutableArray *allowedRequestorsList = [[NSMutableArray alloc] init];
[requestorSettings setAllowedRequestors:allowedRequestorsList];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphApprovalSettings *requestApprovalSettings = [[MSGraphApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequired: true];
[requestApprovalSettings setIsApprovalRequiredForExtension: false];
[requestApprovalSettings setIsRequestorJustificationRequired: true];
[requestApprovalSettings setApprovalMode:@"Serial"];
NSMutableArray *approvalStagesList = [[NSMutableArray alloc] init];
MSGraphApprovalStage *approvalStages = [[MSGraphApprovalStage alloc] init];
[approvalStages setApprovalStageTimeOutInDays: 14];
[approvalStages setIsApproverJustificationRequired: true];
[approvalStages setIsEscalationEnabled: true];
[approvalStages setEscalationTimeInMinutes: 11520];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
MSGraphUserSet *primaryApprovers = [[MSGraphUserSet alloc] init];
[primaryApprovers setIsBackup: true];
[primaryApprovers setId:@"string (identifier)"];
[primaryApprovers setDescription:@"group for users from connected organizations which have no external sponsor"];
[primaryApproversList addObject: primaryApprovers];
MSGraphUserSet *primaryApprovers = [[MSGraphUserSet alloc] init];
[primaryApprovers setIsBackup: false];
[primaryApproversList addObject: primaryApprovers];
[approvalStages setPrimaryApprovers:primaryApproversList];
NSMutableArray *escalationApproversList = [[NSMutableArray alloc] init];
MSGraphUserSet *escalationApprovers = [[MSGraphUserSet alloc] init];
[escalationApprovers setIsBackup: true];
[escalationApprovers setId:@"string (identifier)"];
[escalationApprovers setDescription:@"user if the external sponsor does not respond"];
[escalationApproversList addObject: escalationApprovers];
[approvalStages setEscalationApprovers:escalationApproversList];
[approvalStagesList addObject: approvalStages];
MSGraphApprovalStage *approvalStages = [[MSGraphApprovalStage alloc] init];
[approvalStages setApprovalStageTimeOutInDays: 14];
[approvalStages setIsApproverJustificationRequired: true];
[approvalStages setIsEscalationEnabled: true];
[approvalStages setEscalationTimeInMinutes: 11520];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
MSGraphUserSet *primaryApprovers = [[MSGraphUserSet alloc] init];
[primaryApprovers setIsBackup: true];
[primaryApprovers setId:@"string (identifier)"];
[primaryApprovers setDescription:@"group for users from connected organizations which have no internal sponsor"];
[primaryApproversList addObject: primaryApprovers];
MSGraphUserSet *primaryApprovers = [[MSGraphUserSet alloc] init];
[primaryApprovers setIsBackup: false];
[primaryApproversList addObject: primaryApprovers];
[approvalStages setPrimaryApprovers:primaryApproversList];
NSMutableArray *escalationApproversList = [[NSMutableArray alloc] init];
MSGraphUserSet *escalationApprovers = [[MSGraphUserSet alloc] init];
[escalationApprovers setIsBackup: true];
[escalationApprovers setId:@"string (identifier)"];
[escalationApprovers setDescription:@"user if the internal sponsor does not respond"];
[escalationApproversList addObject: escalationApprovers];
[approvalStages setEscalationApprovers:escalationApproversList];
[approvalStagesList addObject: approvalStages];
[requestApprovalSettings setApprovalStages:approvalStagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];
MSGraphAssignmentReviewSettings *accessReviewSettings = [[MSGraphAssignmentReviewSettings alloc] init];
[accessReviewSettings setIsEnabled: true];
[accessReviewSettings setRecurrenceType:@"quarterly"];
[accessReviewSettings setReviewerType:@"Self"];
[accessReviewSettings setStartDateTime: "2020-04-01T07:59:59.998Z"];
[accessReviewSettings setDurationInDays: 25];
NSMutableArray *reviewersList = [[NSMutableArray alloc] init];
[accessReviewSettings setReviewers:reviewersList];
[accessPackageAssignmentPolicy setAccessReviewSettings:accessReviewSettings];

NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];

MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest 
    completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {

        //Request Completed

}];

[meDataTask execute];

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.accessPackageId = "string (identifier)";
accessPackageAssignmentPolicy.displayName = "Users from connected organizations can request";
accessPackageAssignmentPolicy.description = "Allow users from configured connected organizations to request and be approved by their sponsors";
accessPackageAssignmentPolicy.canExtend = false;
accessPackageAssignmentPolicy.durationInDays = 365;
accessPackageAssignmentPolicy.expirationDateTime = OffsetDateTimeSerializer.deserialize("null");
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.scopeType = "AllExistingConnectedOrganizationSubjects";
requestorSettings.acceptRequests = true;
LinkedList<UserSet> allowedRequestorsList = new LinkedList<UserSet>();
requestorSettings.allowedRequestors = allowedRequestorsList;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
ApprovalSettings requestApprovalSettings = new ApprovalSettings();
requestApprovalSettings.isApprovalRequired = true;
requestApprovalSettings.isApprovalRequiredForExtension = false;
requestApprovalSettings.isRequestorJustificationRequired = true;
requestApprovalSettings.approvalMode = "Serial";
LinkedList<ApprovalStage> approvalStagesList = new LinkedList<ApprovalStage>();
ApprovalStage approvalStages = new ApprovalStage();
approvalStages.approvalStageTimeOutInDays = 14;
approvalStages.isApproverJustificationRequired = true;
approvalStages.isEscalationEnabled = true;
approvalStages.escalationTimeInMinutes = 11520;
LinkedList<UserSet> primaryApproversList = new LinkedList<UserSet>();
GroupMembers primaryApprovers = new GroupMembers();
primaryApprovers.isBackup = true;
primaryApprovers.id = "string (identifier)";
primaryApprovers.description = "group for users from connected organizations which have no external sponsor";
primaryApproversList.add(primaryApprovers);
ExternalSponsors primaryApprovers1 = new ExternalSponsors();
primaryApprovers1.isBackup = false;
primaryApproversList.add(primaryApprovers1);
approvalStages.primaryApprovers = primaryApproversList;
LinkedList<UserSet> escalationApproversList = new LinkedList<UserSet>();
SingleUser escalationApprovers = new SingleUser();
escalationApprovers.isBackup = true;
escalationApprovers.id = "string (identifier)";
escalationApprovers.description = "user if the external sponsor does not respond";
escalationApproversList.add(escalationApprovers);
approvalStages.escalationApprovers = escalationApproversList;
approvalStagesList.add(approvalStages);
ApprovalStage approvalStages1 = new ApprovalStage();
approvalStages1.approvalStageTimeOutInDays = 14;
approvalStages1.isApproverJustificationRequired = true;
approvalStages1.isEscalationEnabled = true;
approvalStages1.escalationTimeInMinutes = 11520;
LinkedList<UserSet> primaryApproversList1 = new LinkedList<UserSet>();
GroupMembers primaryApprovers2 = new GroupMembers();
primaryApprovers2.isBackup = true;
primaryApprovers2.id = "string (identifier)";
primaryApprovers2.description = "group for users from connected organizations which have no internal sponsor";
primaryApproversList1.add(primaryApprovers2);
InternalSponsors primaryApprovers3 = new InternalSponsors();
primaryApprovers3.isBackup = false;
primaryApproversList1.add(primaryApprovers3);
approvalStages1.primaryApprovers = primaryApproversList1;
LinkedList<UserSet> escalationApproversList1 = new LinkedList<UserSet>();
SingleUser escalationApprovers1 = new SingleUser();
escalationApprovers1.isBackup = true;
escalationApprovers1.id = "string (identifier)";
escalationApprovers1.description = "user if the internal sponsor does not respond";
escalationApproversList1.add(escalationApprovers1);
approvalStages1.escalationApprovers = escalationApproversList1;
approvalStagesList.add(approvalStages1);
requestApprovalSettings.approvalStages = approvalStagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;
AssignmentReviewSettings accessReviewSettings = new AssignmentReviewSettings();
accessReviewSettings.isEnabled = true;
accessReviewSettings.recurrenceType = "quarterly";
accessReviewSettings.reviewerType = "Self";
accessReviewSettings.startDateTime = OffsetDateTimeSerializer.deserialize("2020-04-01T07:59:59.998Z");
accessReviewSettings.durationInDays = 25;
LinkedList<UserSet> reviewersList = new LinkedList<UserSet>();
accessReviewSettings.reviewers = reviewersList;
accessPackageAssignmentPolicy.accessReviewSettings = accessReviewSettings;

graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies()
    .buildRequest()
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Go

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
accessPackageId := "string (identifier)"
requestBody.SetAccessPackageId(&accessPackageId)
displayName := "Users from connected organizations can request"
requestBody.SetDisplayName(&displayName)
description := "Allow users from configured connected organizations to request and be approved by their sponsors"
requestBody.SetDescription(&description)
canExtend := false
requestBody.SetCanExtend(&canExtend)
durationInDays := int32(365)
requestBody.SetDurationInDays(&durationInDays)
requestBody.SetExpirationDateTime(nil)
requestorSettings := msgraphsdk.NewRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
scopeType := "AllExistingConnectedOrganizationSubjects"
requestorSettings.SetScopeType(&scopeType)
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
requestorSettings.SetAllowedRequestors( []UserSet {
}
requestApprovalSettings := msgraphsdk.NewApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequired := true
requestApprovalSettings.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
requestApprovalSettings.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := true
requestApprovalSettings.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "Serial"
requestApprovalSettings.SetApprovalMode(&approvalMode)
requestApprovalSettings.SetApprovalStages( []ApprovalStage {
    msgraphsdk.NewApprovalStage(),
approvalStageTimeOutInDays := int32(14)
    SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
    SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := true
    SetIsEscalationEnabled(&isEscalationEnabled)
escalationTimeInMinutes := int32(11520)
    SetEscalationTimeInMinutes(&escalationTimeInMinutes)
    SetPrimaryApprovers( []UserSet {
        msgraphsdk.NewUserSet(),
isBackup := true
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.groupMembers",
            "id": "string (identifier)",
            "description": "group for users from connected organizations which have no external sponsor",
        }
        msgraphsdk.NewUserSet(),
isBackup := false
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.externalSponsors",
        }
    }
    SetEscalationApprovers( []UserSet {
        msgraphsdk.NewUserSet(),
isBackup := true
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.singleUser",
            "id": "string (identifier)",
            "description": "user if the external sponsor does not respond",
        }
    }
    msgraphsdk.NewApprovalStage(),
approvalStageTimeOutInDays := int32(14)
    SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
    SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := true
    SetIsEscalationEnabled(&isEscalationEnabled)
escalationTimeInMinutes := int32(11520)
    SetEscalationTimeInMinutes(&escalationTimeInMinutes)
    SetPrimaryApprovers( []UserSet {
        msgraphsdk.NewUserSet(),
isBackup := true
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.groupMembers",
            "id": "string (identifier)",
            "description": "group for users from connected organizations which have no internal sponsor",
        }
        msgraphsdk.NewUserSet(),
isBackup := false
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.internalSponsors",
        }
    }
    SetEscalationApprovers( []UserSet {
        msgraphsdk.NewUserSet(),
isBackup := true
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.singleUser",
            "id": "string (identifier)",
            "description": "user if the internal sponsor does not respond",
        }
    }
}
accessReviewSettings := msgraphsdk.NewAssignmentReviewSettings()
requestBody.SetAccessReviewSettings(accessReviewSettings)
isEnabled := true
accessReviewSettings.SetIsEnabled(&isEnabled)
recurrenceType := "quarterly"
accessReviewSettings.SetRecurrenceType(&recurrenceType)
reviewerType := "Self"
accessReviewSettings.SetReviewerType(&reviewerType)
startDateTime, err := time.Parse(time.RFC3339, "2020-04-01T07:59:59.998Z")
accessReviewSettings.SetStartDateTime(&startDateTime)
durationInDays := int32(25)
accessReviewSettings.SetDurationInDays(&durationInDays)
accessReviewSettings.SetReviewers( []UserSet {
}
result, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(requestBody)

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

PowerShell

Import-Module Microsoft.Graph.Identity.Governance

$params = @{
    AccessPackageId = "string (identifier)"
    DisplayName = "Users from connected organizations can request"
    Description = "Allow users from configured connected organizations to request and be approved by their sponsors"
    CanExtend = $false
    DurationInDays = 365
    ExpirationDateTime = $null
    RequestorSettings = @{
        ScopeType = "AllExistingConnectedOrganizationSubjects"
        AcceptRequests = $true
        AllowedRequestors = @(
        )
    }
    RequestApprovalSettings = @{
        IsApprovalRequired = $true
        IsApprovalRequiredForExtension = $false
        IsRequestorJustificationRequired = $true
        ApprovalMode = "Serial"
        ApprovalStages = @(
            @{
                ApprovalStageTimeOutInDays = 14
                IsApproverJustificationRequired = $true
                IsEscalationEnabled = $true
                EscalationTimeInMinutes = 11520
                PrimaryApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.groupMembers"
                        IsBackup = $true
                        Id = "string (identifier)"
                        Description = "group for users from connected organizations which have no external sponsor"
                    }
                    @{
                        "@odata.type" = "#microsoft.graph.externalSponsors"
                        IsBackup = $false
                    }
                )
                EscalationApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.singleUser"
                        IsBackup = $true
                        Id = "string (identifier)"
                        Description = "user if the external sponsor does not respond"
                    }
                )
            }
            @{
                ApprovalStageTimeOutInDays = 14
                IsApproverJustificationRequired = $true
                IsEscalationEnabled = $true
                EscalationTimeInMinutes = 11520
                PrimaryApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.groupMembers"
                        IsBackup = $true
                        Id = "string (identifier)"
                        Description = "group for users from connected organizations which have no internal sponsor"
                    }
                    @{
                        "@odata.type" = "#microsoft.graph.internalSponsors"
                        IsBackup = $false
                    }
                )
                EscalationApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.singleUser"
                        IsBackup = $true
                        Id = "string (identifier)"
                        Description = "user if the internal sponsor does not respond"
                    }
                )
            }
        )
    }
    AccessReviewSettings = @{
        IsEnabled = $true
        RecurrenceType = "quarterly"
        ReviewerType = "Self"
        StartDateTime = [System.DateTime]::Parse("2020-04-01T07:59:59.998Z")
        DurationInDays = 25
        Reviewers = @(
        )
    }
}

New-MgEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Antwort

Nachfolgend sehen Sie ein Beispiel der Antwort.

Hinweis: Das hier gezeigte Antwortobjekt kann zur besseren Lesbarkeit gekürzt werden.

HTTP/1.1 201 Created
Content-type: application/json

{
  "id": "4c02f928-7752-49aa-8fc8-e286d973a965",
  "accessPackageId": "string (identifier)",
  "displayName": "Users from connected organizations can request",
  "description": "Allow users from configured connected organizations to request and be approved by their sponsors"
}

Beispiel 3: Erstellen einer Zuweisungsrichtlinie mit Fragen

Fragen, die in einer Zuweisungsrichtlinie konfiguriert sind, werden an Anforderer im Rahmen der Richtlinie gestellt. Ihre Antworten werden den genehmigenden Personen angezeigt. Frage-IDs sind schreibgeschützt und sind standardmäßig in der Antwort enthalten.

Anforderung

Das folgende Beispiel zeigt eine Anforderung zum Erstellen einer Zuweisungsrichtlinie für Zugriffspakete.

HTTP

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json

{
    "accessPackageId": "b2eba9a1-b357-42ee-83a8-336522ed6cbf",
    "displayName": "Users from connected organizations can request",
    "description": "Allow users from configured connected organizations to request and be approved by their sponsors",
    "canExtend": false,
    "durationInDays": 365,
    "expirationDateTime": null,
    "requestorSettings": {
        "scopeType": "AllExistingConnectedOrganizationSubjects",
        "acceptRequests": true
    },
    "requestApprovalSettings": {
        "isApprovalRequired": true,
        "isApprovalRequiredForExtension": false,
        "isRequestorJustificationRequired": true,
        "approvalMode": "SingleStage",
        "approvalStages": [{
                "approvalStageTimeOutInDays": 14,
                "isApproverJustificationRequired": true,
                "isEscalationEnabled": false,
                "escalationTimeInMinutes": 11520,
                "primaryApprovers": [{
                        "@odata.type": "#microsoft.graph.groupMembers",
                        "isBackup": true,
                        "id": "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",
                        "description": "group for users from connected organizations which have no external sponsor"
                    },
                    {
                        "@odata.type": "#microsoft.graph.externalSponsors",
                        "isBackup": false
                    }
                ]
            }
        ]
    },
    "questions": [{
        "isRequired": false,
        "text": {
            "defaultText": "what state are you from?",
            "localizedTexts": [{
                "text": "¿De qué estado eres?",
                "languageCode": "es"
            }]
        },
        "@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
        "choices": [{
            "actualValue": "AZ",
            "displayValue": {
                "localizedTexts": [{
                    "text": "Arizona",
                    "languageCode": "es"
                }]
            }
        }, {
            "actualValue": "CA",
            "displayValue": {
                "localizedTexts": [{
                    "text": "California",
                    "languageCode": "es"
                }]
            }
        }, {
            "actualValue": "OH",
            "displayValue": {
                "localizedTexts": [{
                    "text": "Ohio",
                    "languageCode": "es"
                }]
            }
        }],
        "allowsMultipleSelection": false
    }, {
        "isRequired": false,
        "text": {
            "defaultText": "Who is your manager?",
            "localizedTexts": [{
                "text": "por qué necesita acceso a este paquete",
                "languageCode": "es"
            }]
        },
        "@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
        "isSingleLineQuestion": false
    }]
}

C#

GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
    AccessPackageId = "b2eba9a1-b357-42ee-83a8-336522ed6cbf",
    DisplayName = "Users from connected organizations can request",
    Description = "Allow users from configured connected organizations to request and be approved by their sponsors",
    CanExtend = false,
    DurationInDays = 365,
    ExpirationDateTime = null,
    RequestorSettings = new RequestorSettings
    {
        ScopeType = "AllExistingConnectedOrganizationSubjects",
        AcceptRequests = true
    },
    RequestApprovalSettings = new ApprovalSettings
    {
        IsApprovalRequired = true,
        IsApprovalRequiredForExtension = false,
        IsRequestorJustificationRequired = true,
        ApprovalMode = "SingleStage",
        ApprovalStages = new List<ApprovalStage>()
        {
            new ApprovalStage
            {
                ApprovalStageTimeOutInDays = 14,
                IsApproverJustificationRequired = true,
                IsEscalationEnabled = false,
                EscalationTimeInMinutes = 11520,
                PrimaryApprovers = new List<UserSet>()
                {
                    new GroupMembers
                    {
                        IsBackup = true,
                        Id = "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",
                        Description = "group for users from connected organizations which have no external sponsor"
                    },
                    new ExternalSponsors
                    {
                        IsBackup = false
                    }
                }
            }
        }
    },
    Questions = new List<AccessPackageQuestion>()
    {
        new AccessPackageMultipleChoiceQuestion
        {
            IsRequired = false,
            Text = new AccessPackageLocalizedContent
            {
                DefaultText = "what state are you from?",
                LocalizedTexts = new List<AccessPackageLocalizedText>()
                {
                    new AccessPackageLocalizedText
                    {
                        Text = "¿De qué estado eres?",
                        LanguageCode = "es"
                    }
                }
            },
            Choices = new List<AccessPackageAnswerChoice>()
            {
                new AccessPackageAnswerChoice
                {
                    ActualValue = "AZ",
                    DisplayValue = new AccessPackageLocalizedContent
                    {
                        LocalizedTexts = new List<AccessPackageLocalizedText>()
                        {
                            new AccessPackageLocalizedText
                            {
                                Text = "Arizona",
                                LanguageCode = "es"
                            }
                        }
                    }
                },
                new AccessPackageAnswerChoice
                {
                    ActualValue = "CA",
                    DisplayValue = new AccessPackageLocalizedContent
                    {
                        LocalizedTexts = new List<AccessPackageLocalizedText>()
                        {
                            new AccessPackageLocalizedText
                            {
                                Text = "California",
                                LanguageCode = "es"
                            }
                        }
                    }
                },
                new AccessPackageAnswerChoice
                {
                    ActualValue = "OH",
                    DisplayValue = new AccessPackageLocalizedContent
                    {
                        LocalizedTexts = new List<AccessPackageLocalizedText>()
                        {
                            new AccessPackageLocalizedText
                            {
                                Text = "Ohio",
                                LanguageCode = "es"
                            }
                        }
                    }
                }
            },
            AllowsMultipleSelection = false
        },
        new AccessPackageTextInputQuestion
        {
            IsRequired = false,
            Text = new AccessPackageLocalizedContent
            {
                DefaultText = "Who is your manager?",
                LocalizedTexts = new List<AccessPackageLocalizedText>()
                {
                    new AccessPackageLocalizedText
                    {
                        Text = "por qué necesita acceso a este paquete",
                        LanguageCode = "es"
                    }
                }
            },
            IsSingleLineQuestion = false
        }
    }
};

await graphClient.IdentityGovernance.EntitlementManagement.AccessPackageAssignmentPolicies
    .Request()
    .AddAsync(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

JavaScript

const options = {
    authProvider,
};

const client = Client.init(options);

const accessPackageAssignmentPolicy = {
    accessPackageId: 'b2eba9a1-b357-42ee-83a8-336522ed6cbf',
    displayName: 'Users from connected organizations can request',
    description: 'Allow users from configured connected organizations to request and be approved by their sponsors',
    canExtend: false,
    durationInDays: 365,
    expirationDateTime: null,
    requestorSettings: {
        scopeType: 'AllExistingConnectedOrganizationSubjects',
        acceptRequests: true
    },
    requestApprovalSettings: {
        isApprovalRequired: true,
        isApprovalRequiredForExtension: false,
        isRequestorJustificationRequired: true,
        approvalMode: 'SingleStage',
        approvalStages: [{
                approvalStageTimeOutInDays: 14,
                isApproverJustificationRequired: true,
                isEscalationEnabled: false,
                escalationTimeInMinutes: 11520,
                primaryApprovers: [{
                        '@odata.type': '#microsoft.graph.groupMembers',
                        isBackup: true,
                        id: 'd2dcb9a1-a445-42ee-83a8-476522ed6cbf',
                        description: 'group for users from connected organizations which have no external sponsor'
                    },
                    {
                        '@odata.type': '#microsoft.graph.externalSponsors',
                        isBackup: false
                    }
                ]
            }
        ]
    },
    questions: [{
        isRequired: false,
        text: {
            defaultText: 'what state are you from?',
            localizedTexts: [{
                text: '¿De qué estado eres?',
                languageCode: 'es'
            }]
        },
        '@odata.type': '#microsoft.graph.accessPackageMultipleChoiceQuestion',
        choices: [{
            actualValue: 'AZ',
            displayValue: {
                localizedTexts: [{
                    text: 'Arizona',
                    languageCode: 'es'
                }]
            }
        }, {
            actualValue: 'CA',
            displayValue: {
                localizedTexts: [{
                    text: 'California',
                    languageCode: 'es'
                }]
            }
        }, {
            actualValue: 'OH',
            displayValue: {
                localizedTexts: [{
                    text: 'Ohio',
                    languageCode: 'es'
                }]
            }
        }],
        allowsMultipleSelection: false
    }, {
        isRequired: false,
        text: {
            defaultText: 'Who is your manager?',
            localizedTexts: [{
                text: 'por qué necesita acceso a este paquete',
                languageCode: 'es'
            }]
        },
        '@odata.type': '#microsoft.graph.accessPackageTextInputQuestion',
        isSingleLineQuestion: false
    }]
};

await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
    .version('beta')
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Objective-C

MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];

NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];

MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setAccessPackageId:@"b2eba9a1-b357-42ee-83a8-336522ed6cbf"];
[accessPackageAssignmentPolicy setDisplayName:@"Users from connected organizations can request"];
[accessPackageAssignmentPolicy setDescription:@"Allow users from configured connected organizations to request and be approved by their sponsors"];
[accessPackageAssignmentPolicy setCanExtend: false];
[accessPackageAssignmentPolicy setDurationInDays: 365];
[accessPackageAssignmentPolicy setExpirationDateTime: null];
MSGraphRequestorSettings *requestorSettings = [[MSGraphRequestorSettings alloc] init];
[requestorSettings setScopeType:@"AllExistingConnectedOrganizationSubjects"];
[requestorSettings setAcceptRequests: true];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphApprovalSettings *requestApprovalSettings = [[MSGraphApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequired: true];
[requestApprovalSettings setIsApprovalRequiredForExtension: false];
[requestApprovalSettings setIsRequestorJustificationRequired: true];
[requestApprovalSettings setApprovalMode:@"SingleStage"];
NSMutableArray *approvalStagesList = [[NSMutableArray alloc] init];
MSGraphApprovalStage *approvalStages = [[MSGraphApprovalStage alloc] init];
[approvalStages setApprovalStageTimeOutInDays: 14];
[approvalStages setIsApproverJustificationRequired: true];
[approvalStages setIsEscalationEnabled: false];
[approvalStages setEscalationTimeInMinutes: 11520];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
MSGraphUserSet *primaryApprovers = [[MSGraphUserSet alloc] init];
[primaryApprovers setIsBackup: true];
[primaryApprovers setId:@"d2dcb9a1-a445-42ee-83a8-476522ed6cbf"];
[primaryApprovers setDescription:@"group for users from connected organizations which have no external sponsor"];
[primaryApproversList addObject: primaryApprovers];
MSGraphUserSet *primaryApprovers = [[MSGraphUserSet alloc] init];
[primaryApprovers setIsBackup: false];
[primaryApproversList addObject: primaryApprovers];
[approvalStages setPrimaryApprovers:primaryApproversList];
[approvalStagesList addObject: approvalStages];
[requestApprovalSettings setApprovalStages:approvalStagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];
NSMutableArray *questionsList = [[NSMutableArray alloc] init];
MSGraphAccessPackageQuestion *questions = [[MSGraphAccessPackageQuestion alloc] init];
[questions setIsRequired: false];
MSGraphAccessPackageLocalizedContent *text = [[MSGraphAccessPackageLocalizedContent alloc] init];
[text setDefaultText:@"what state are you from?"];
NSMutableArray *localizedTextsList = [[NSMutableArray alloc] init];
MSGraphAccessPackageLocalizedText *localizedTexts = [[MSGraphAccessPackageLocalizedText alloc] init];
[localizedTexts setText:@"¿De qué estado eres?"];
[localizedTexts setLanguageCode:@"es"];
[localizedTextsList addObject: localizedTexts];
[text setLocalizedTexts:localizedTextsList];
[questions setText:text];
NSMutableArray *choicesList = [[NSMutableArray alloc] init];
MSGraphAccessPackageAnswerChoice *choices = [[MSGraphAccessPackageAnswerChoice alloc] init];
[choices setActualValue:@"AZ"];
MSGraphAccessPackageLocalizedContent *displayValue = [[MSGraphAccessPackageLocalizedContent alloc] init];
NSMutableArray *localizedTextsList = [[NSMutableArray alloc] init];
MSGraphAccessPackageLocalizedText *localizedTexts = [[MSGraphAccessPackageLocalizedText alloc] init];
[localizedTexts setText:@"Arizona"];
[localizedTexts setLanguageCode:@"es"];
[localizedTextsList addObject: localizedTexts];
[displayValue setLocalizedTexts:localizedTextsList];
[choices setDisplayValue:displayValue];
[choicesList addObject: choices];
MSGraphAccessPackageAnswerChoice *choices = [[MSGraphAccessPackageAnswerChoice alloc] init];
[choices setActualValue:@"CA"];
MSGraphAccessPackageLocalizedContent *displayValue = [[MSGraphAccessPackageLocalizedContent alloc] init];
NSMutableArray *localizedTextsList = [[NSMutableArray alloc] init];
MSGraphAccessPackageLocalizedText *localizedTexts = [[MSGraphAccessPackageLocalizedText alloc] init];
[localizedTexts setText:@"California"];
[localizedTexts setLanguageCode:@"es"];
[localizedTextsList addObject: localizedTexts];
[displayValue setLocalizedTexts:localizedTextsList];
[choices setDisplayValue:displayValue];
[choicesList addObject: choices];
MSGraphAccessPackageAnswerChoice *choices = [[MSGraphAccessPackageAnswerChoice alloc] init];
[choices setActualValue:@"OH"];
MSGraphAccessPackageLocalizedContent *displayValue = [[MSGraphAccessPackageLocalizedContent alloc] init];
NSMutableArray *localizedTextsList = [[NSMutableArray alloc] init];
MSGraphAccessPackageLocalizedText *localizedTexts = [[MSGraphAccessPackageLocalizedText alloc] init];
[localizedTexts setText:@"Ohio"];
[localizedTexts setLanguageCode:@"es"];
[localizedTextsList addObject: localizedTexts];
[displayValue setLocalizedTexts:localizedTextsList];
[choices setDisplayValue:displayValue];
[choicesList addObject: choices];
[questions setChoices:choicesList];
[questions setAllowsMultipleSelection: false];
[questionsList addObject: questions];
MSGraphAccessPackageQuestion *questions = [[MSGraphAccessPackageQuestion alloc] init];
[questions setIsRequired: false];
MSGraphAccessPackageLocalizedContent *text = [[MSGraphAccessPackageLocalizedContent alloc] init];
[text setDefaultText:@"Who is your manager?"];
NSMutableArray *localizedTextsList = [[NSMutableArray alloc] init];
MSGraphAccessPackageLocalizedText *localizedTexts = [[MSGraphAccessPackageLocalizedText alloc] init];
[localizedTexts setText:@"por qué necesita acceso a este paquete"];
[localizedTexts setLanguageCode:@"es"];
[localizedTextsList addObject: localizedTexts];
[text setLocalizedTexts:localizedTextsList];
[questions setText:text];
[questions setIsSingleLineQuestion: false];
[questionsList addObject: questions];
[accessPackageAssignmentPolicy setQuestions:questionsList];

NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];

MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest 
    completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {

        //Request Completed

}];

[meDataTask execute];

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.accessPackageId = "b2eba9a1-b357-42ee-83a8-336522ed6cbf";
accessPackageAssignmentPolicy.displayName = "Users from connected organizations can request";
accessPackageAssignmentPolicy.description = "Allow users from configured connected organizations to request and be approved by their sponsors";
accessPackageAssignmentPolicy.canExtend = false;
accessPackageAssignmentPolicy.durationInDays = 365;
accessPackageAssignmentPolicy.expirationDateTime = OffsetDateTimeSerializer.deserialize("null");
RequestorSettings requestorSettings = new RequestorSettings();
requestorSettings.scopeType = "AllExistingConnectedOrganizationSubjects";
requestorSettings.acceptRequests = true;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
ApprovalSettings requestApprovalSettings = new ApprovalSettings();
requestApprovalSettings.isApprovalRequired = true;
requestApprovalSettings.isApprovalRequiredForExtension = false;
requestApprovalSettings.isRequestorJustificationRequired = true;
requestApprovalSettings.approvalMode = "SingleStage";
LinkedList<ApprovalStage> approvalStagesList = new LinkedList<ApprovalStage>();
ApprovalStage approvalStages = new ApprovalStage();
approvalStages.approvalStageTimeOutInDays = 14;
approvalStages.isApproverJustificationRequired = true;
approvalStages.isEscalationEnabled = false;
approvalStages.escalationTimeInMinutes = 11520;
LinkedList<UserSet> primaryApproversList = new LinkedList<UserSet>();
GroupMembers primaryApprovers = new GroupMembers();
primaryApprovers.isBackup = true;
primaryApprovers.id = "d2dcb9a1-a445-42ee-83a8-476522ed6cbf";
primaryApprovers.description = "group for users from connected organizations which have no external sponsor";
primaryApproversList.add(primaryApprovers);
ExternalSponsors primaryApprovers1 = new ExternalSponsors();
primaryApprovers1.isBackup = false;
primaryApproversList.add(primaryApprovers1);
approvalStages.primaryApprovers = primaryApproversList;
approvalStagesList.add(approvalStages);
requestApprovalSettings.approvalStages = approvalStagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;
LinkedList<AccessPackageQuestion> questionsList = new LinkedList<AccessPackageQuestion>();
AccessPackageMultipleChoiceQuestion questions = new AccessPackageMultipleChoiceQuestion();
questions.isRequired = false;
AccessPackageLocalizedContent text = new AccessPackageLocalizedContent();
text.defaultText = "what state are you from?";
LinkedList<AccessPackageLocalizedText> localizedTextsList = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText localizedTexts = new AccessPackageLocalizedText();
localizedTexts.text = "¿De qué estado eres?";
localizedTexts.languageCode = "es";
localizedTextsList.add(localizedTexts);
text.localizedTexts = localizedTextsList;
questions.text = text1;
LinkedList<AccessPackageAnswerChoice> choicesList = new LinkedList<AccessPackageAnswerChoice>();
AccessPackageAnswerChoice choices = new AccessPackageAnswerChoice();
choices.actualValue = "AZ";
AccessPackageLocalizedContent displayValue = new AccessPackageLocalizedContent();
LinkedList<AccessPackageLocalizedText> localizedTextsList1 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText localizedTexts1 = new AccessPackageLocalizedText();
localizedTexts1.text = "Arizona";
localizedTexts1.languageCode = "es";
localizedTextsList1.add(localizedTexts1);
displayValue.localizedTexts = localizedTextsList1;
choices.displayValue = displayValue;
choicesList.add(choices);
AccessPackageAnswerChoice choices1 = new AccessPackageAnswerChoice();
choices1.actualValue = "CA";
AccessPackageLocalizedContent displayValue1 = new AccessPackageLocalizedContent();
LinkedList<AccessPackageLocalizedText> localizedTextsList2 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText localizedTexts2 = new AccessPackageLocalizedText();
localizedTexts2.text = "California";
localizedTexts2.languageCode = "es";
localizedTextsList2.add(localizedTexts2);
displayValue1.localizedTexts = localizedTextsList2;
choices1.displayValue = displayValue1;
choicesList.add(choices1);
AccessPackageAnswerChoice choices2 = new AccessPackageAnswerChoice();
choices2.actualValue = "OH";
AccessPackageLocalizedContent displayValue2 = new AccessPackageLocalizedContent();
LinkedList<AccessPackageLocalizedText> localizedTextsList3 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText localizedTexts3 = new AccessPackageLocalizedText();
localizedTexts3.text = "Ohio";
localizedTexts3.languageCode = "es";
localizedTextsList3.add(localizedTexts3);
displayValue2.localizedTexts = localizedTextsList3;
choices2.displayValue = displayValue2;
choicesList.add(choices2);
questions.choices = choicesList;
questions.allowsMultipleSelection = false;
questionsList.add(questions);
AccessPackageTextInputQuestion questions1 = new AccessPackageTextInputQuestion();
questions1.isRequired = false;
AccessPackageLocalizedContent text5 = new AccessPackageLocalizedContent();
text5.defaultText = "Who is your manager?";
LinkedList<AccessPackageLocalizedText> localizedTextsList4 = new LinkedList<AccessPackageLocalizedText>();
AccessPackageLocalizedText localizedTexts4 = new AccessPackageLocalizedText();
localizedTexts4.text = "por qué necesita acceso a este paquete";
localizedTexts4.languageCode = "es";
localizedTextsList4.add(localizedTexts4);
text5.localizedTexts = localizedTextsList4;
questions1.text = text6;
questions1.isSingleLineQuestion = false;
questionsList.add(questions1);
accessPackageAssignmentPolicy.questions = questionsList;

graphClient.identityGovernance().entitlementManagement().accessPackageAssignmentPolicies()
    .buildRequest()
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Go

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
accessPackageId := "b2eba9a1-b357-42ee-83a8-336522ed6cbf"
requestBody.SetAccessPackageId(&accessPackageId)
displayName := "Users from connected organizations can request"
requestBody.SetDisplayName(&displayName)
description := "Allow users from configured connected organizations to request and be approved by their sponsors"
requestBody.SetDescription(&description)
canExtend := false
requestBody.SetCanExtend(&canExtend)
durationInDays := int32(365)
requestBody.SetDurationInDays(&durationInDays)
requestBody.SetExpirationDateTime(nil)
requestorSettings := msgraphsdk.NewRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
scopeType := "AllExistingConnectedOrganizationSubjects"
requestorSettings.SetScopeType(&scopeType)
acceptRequests := true
requestorSettings.SetAcceptRequests(&acceptRequests)
requestApprovalSettings := msgraphsdk.NewApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequired := true
requestApprovalSettings.SetIsApprovalRequired(&isApprovalRequired)
isApprovalRequiredForExtension := false
requestApprovalSettings.SetIsApprovalRequiredForExtension(&isApprovalRequiredForExtension)
isRequestorJustificationRequired := true
requestApprovalSettings.SetIsRequestorJustificationRequired(&isRequestorJustificationRequired)
approvalMode := "SingleStage"
requestApprovalSettings.SetApprovalMode(&approvalMode)
requestApprovalSettings.SetApprovalStages( []ApprovalStage {
    msgraphsdk.NewApprovalStage(),
approvalStageTimeOutInDays := int32(14)
    SetApprovalStageTimeOutInDays(&approvalStageTimeOutInDays)
isApproverJustificationRequired := true
    SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := false
    SetIsEscalationEnabled(&isEscalationEnabled)
escalationTimeInMinutes := int32(11520)
    SetEscalationTimeInMinutes(&escalationTimeInMinutes)
    SetPrimaryApprovers( []UserSet {
        msgraphsdk.NewUserSet(),
isBackup := true
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.groupMembers",
            "id": "d2dcb9a1-a445-42ee-83a8-476522ed6cbf",
            "description": "group for users from connected organizations which have no external sponsor",
        }
        msgraphsdk.NewUserSet(),
isBackup := false
        SetIsBackup(&isBackup)
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.externalSponsors",
        }
    }
}
requestBody.SetQuestions( []AccessPackageQuestion {
    msgraphsdk.NewAccessPackageQuestion(),
isRequired := false
    SetIsRequired(&isRequired)
text := msgraphsdk.NewAccessPackageLocalizedContent()
    SetText(text)
defaultText := "what state are you from?"
    text.SetDefaultText(&defaultText)
    text.SetLocalizedTexts( []AccessPackageLocalizedText {
        msgraphsdk.NewAccessPackageLocalizedText(),
text := "¿De qué estado eres?"
        SetText(&text)
languageCode := "es"
        SetLanguageCode(&languageCode)
    }
    SetAdditionalData(map[string]interface{}{
        "@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
        "choices":  []Object {
        }
        "allowsMultipleSelection": false,
    }
    msgraphsdk.NewAccessPackageQuestion(),
isRequired := false
    SetIsRequired(&isRequired)
text := msgraphsdk.NewAccessPackageLocalizedContent()
    SetText(text)
defaultText := "Who is your manager?"
    text.SetDefaultText(&defaultText)
    text.SetLocalizedTexts( []AccessPackageLocalizedText {
        msgraphsdk.NewAccessPackageLocalizedText(),
text := "por qué necesita acceso a este paquete"
        SetText(&text)
languageCode := "es"
        SetLanguageCode(&languageCode)
    }
    SetAdditionalData(map[string]interface{}{
        "@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
        "isSingleLineQuestion": false,
    }
}
result, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post(requestBody)

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

PowerShell

Import-Module Microsoft.Graph.Identity.Governance

$params = @{
    AccessPackageId = "b2eba9a1-b357-42ee-83a8-336522ed6cbf"
    DisplayName = "Users from connected organizations can request"
    Description = "Allow users from configured connected organizations to request and be approved by their sponsors"
    CanExtend = $false
    DurationInDays = 365
    ExpirationDateTime = $null
    RequestorSettings = @{
        ScopeType = "AllExistingConnectedOrganizationSubjects"
        AcceptRequests = $true
    }
    RequestApprovalSettings = @{
        IsApprovalRequired = $true
        IsApprovalRequiredForExtension = $false
        IsRequestorJustificationRequired = $true
        ApprovalMode = "SingleStage"
        ApprovalStages = @(
            @{
                ApprovalStageTimeOutInDays = 14
                IsApproverJustificationRequired = $true
                IsEscalationEnabled = $false
                EscalationTimeInMinutes = 11520
                PrimaryApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.groupMembers"
                        IsBackup = $true
                        Id = "d2dcb9a1-a445-42ee-83a8-476522ed6cbf"
                        Description = "group for users from connected organizations which have no external sponsor"
                    }
                    @{
                        "@odata.type" = "#microsoft.graph.externalSponsors"
                        IsBackup = $false
                    }
                )
            }
        )
    }
    Questions = @(
        @{
            IsRequired = $false
            Text = @{
                DefaultText = "what state are you from?"
                LocalizedTexts = @(
                    @{
                        Text = "¿De qué estado eres?"
                        LanguageCode = "es"
                    }
                )
            }
            "@odata.type" = "#microsoft.graph.accessPackageMultipleChoiceQuestion"
            Choices = @(
            )
            AllowsMultipleSelection = $false
        }
        @{
            IsRequired = $false
            Text = @{
                DefaultText = "Who is your manager?"
                LocalizedTexts = @(
                    @{
                        Text = "por qué necesita acceso a este paquete"
                        LanguageCode = "es"
                    }
                )
            }
            "@odata.type" = "#microsoft.graph.accessPackageTextInputQuestion"
            IsSingleLineQuestion = $false
        }
    )
}

New-MgEntitlementManagementAccessPackageAssignmentPolicy -BodyParameter $params

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

---

Antwort

Nachfolgend sehen Sie ein Beispiel der Antwort.

Hinweis: Das hier gezeigte Antwortobjekt kann zur besseren Lesbarkeit gekürzt werden.

HTTP/1.1 201 Created
Content-type: application/json

{
  "id": "4c02f928-7752-49aa-8fc8-e286d973a965",
  "accessPackageId": "string (identifier)",
  "displayName": "Users from connected organizations can request",
  "description": "Allow users from configured connected organizations to request and be approved by their sponsors",
  "questions": [{
        "id" : "BD3F6B95-458D-4BC8-A9A6-8D4B29F64F3D",
        "isRequired": false,
        "text": {
            "defaultText": "what state are you from?",
            "localizedTexts": [{
                "text": "¿De qué estado eres?",
                "languageCode": "es"
            }]
        },
        "@odata.type": "#microsoft.graph.accessPackageMultipleChoiceQuestion",
        "choices": [{
            "actualValue": "AZ",
            "displayValue": {
                "localizedTexts": [{
                    "text": "Arizona?",
                    "languageCode": "es"
                }]
            }
        }, {
            "actualValue": "CA",
            "displayValue": {
                "localizedTexts": [{
                    "text": "California",
                    "languageCode": "es"
                }]
            }
        }, {
            "actualValue": "OH",
            "displayValue": {
                "localizedTexts": [{
                    "text": "Ohio",
                    "languageCode": "es"
                }]
            }
        }],
        "allowsMultipleSelection": false
    }, {
        "id" : "F652C13C-A660-4E4C-A1E0-CE9FEC6EE57A",
        "isRequired": false,
        "text": {
            "defaultText": "Who is your manager?",
            "localizedTexts": [{
                "text": "por qué necesita acceso a este paquete",
                "languageCode": "es"
            }]
        },
        "@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
        "isSingleLineQuestion": false
    }]
}

Beispiel 4: Erstellen einer Richtlinie und Angeben der Phasen zum Auslösen vordefinierter benutzerdefinierter Workflowerweiterungen

Anforderung

Im folgenden Beispiel wird das vordefinierte customAccessPackageWorkflowExtension-Objekt ausgelöst, wenn eine zugewiesene Zugriffspaketanforderung erstellt und erteilt wird.

HTTP

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
Content-type: application/json

{
  "displayName": "extension-policy",
  "description": "test",
  "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
  "expiration": {
    "type": "afterDuration",
    "duration": "P365D"
  },
  "canExtend": false,
  "requestApprovalSettings": null,
  "requestorSettings": {
    "acceptRequests": true,
    "scopeType": "AllExistingDirectorySubjects",
    "allowedRequestors": [],
    "isOnBehalfAllowed": false
  },
  "accessReviewSettings": null,
  "questions": [],
  "customExtensionHandlers": [
    {
      "stage": "assignmentRequestCreated",
      "customExtension": {
        "id": "219f57b6-7983-45a1-be01-2c228b7a43f8" //customAccessPackageWorkflowExtension.id
      }
    },
    {
      "stage": "assignmentRequestGranted",
      "customExtension": {
        "id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
      }
    }
  ]
}

JavaScript

const options = {
    authProvider,
};

const client = Client.init(options);

const accessPackageAssignmentPolicy = {
  displayName: 'extension-policy',
  description: 'test',
  accessPackageId: 'ba5807c7-2aa9-4c8a-907e-4a17ee587500',
  expiration: {
    type: 'afterDuration',
    duration: 'P365D'
  },
  canExtend: false,
  requestApprovalSettings: null,
  requestorSettings: {
    acceptRequests: true,
    scopeType: 'AllExistingDirectorySubjects',
    allowedRequestors: [],
    isOnBehalfAllowed: false
  },
  accessReviewSettings: null,
  questions: [],
  customExtensionHandlers: [
    {
      stage: 'assignmentRequestCreated',
      customExtension: {
        id: '219f57b6-7983-45a1-be01-2c228b7a43f8' //customAccessPackageWorkflowExtension.id
      }
    },
    {
      stage: 'assignmentRequestGranted',
      customExtension: {
        id: '219f57b6-7983-45a1-be01-2c228b7a43f8'
      }
    }
  ]
};

await client.api('/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies')
    .version('beta')
    .post(accessPackageAssignmentPolicy);

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Go

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

result, err := graphClient.IdentityGovernance().EntitlementManagement().AccessPackageAssignmentPolicies().Post()

Wichtig

Microsoft Graph SDKs verwenden standardmäßig die Version 1.0 der API und unterstützen nicht alle Typen, Eigenschaften und APIs, die in der Betaversion verfügbar sind. Ausführliche Informationen zum Zugreifen auf die Beta-API mit dem SDK finden Sie unter Verwenden der Microsoft Graph-SDKs mit der Beta-API.

Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation.

Antwort

Nachfolgend sehen Sie ein Beispiel der Antwort. Das customExtensionHandlers-Objekt wird nicht standardmäßig zurückgegeben. Verwenden Sie zum Abrufen dieses Objekts die GET-Methode mit $expand. Weitere Informationen finden Sie unter Abrufen der benutzerdefinierten Erweiterungshandler für eine Richtlinie.

Hinweis: Das hier gezeigte Antwortobjekt kann zur besseren Lesbarkeit gekürzt werden.

HTTP/1.1 201 Created
Content-type: application/json

{
  "id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
  "displayName": "extension-policy",
  "description": "test",
  "canExtend": false,
  "durationInDays": 0,
  "expirationDateTime": null,
  "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
  "accessReviewSettings": null,
  "questions": [],
  "requestorSettings": {
    "scopeType": "AllExistingDirectorySubjects",
    "acceptRequests": true,
    "allowedRequestors": []
  },
  "requestApprovalSettings": {
    "isApprovalRequired": false,
    "isApprovalRequiredForExtension": false,
    "isRequestorJustificationRequired": false,
    "approvalMode": "NoApproval",
    "approvalStages": []
  }
}