Add directory role member
6/24/2021
3 minutes to read
In this article
Namespace: microsoft.graph
Create a new directory role member.
You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Azure portal. For details, see Role template IDs .
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions .
Permission type
Permissions (from least to most privileged)
Delegated (work or school account)
RoleManagement.ReadWrite.Directory, Directory.AccessAsUser.All
Delegated (personal Microsoft account)
Not supported.
Application
RoleManagement.ReadWrite.Directory
HTTP request
POST /directoryRoles/{role-id}/members/$ref
POST /directoryRoles/roleTemplateId={roleTemplateId}/members/$ref
Name
Type
Description
Authorization
string
Bearer {token}. Required.
Content-Type
string
application/json. Required.
Request body
In the request body, supply a JSON representation of a directoryObject or user object to be added.
Response
If successful, this method returns 204 No Content response code.
Examples
Example 1: Add a new member to a directory role using role id
In this request, replace fe8f10bf-c9c2-47eb-95cb-c26cc85f1830 with the id value for the directory role you wish to assign to the user or directory object. Replace 15c1a2d5-9101-44b2-83ab-885db8a647ca with the id value of your user or directory object.
Request
POST https://graph.microsoft.com/v1.0/directoryRoles/fe8f10bf-c9c2-47eb-95cb-c26cc85f1830/members/$ref
Content-type: application/json
{
"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/15c1a2d5-9101-44b2-83ab-885db8a647ca"
}
const options = {
authProvider,
};
const client = Client.init(options);
const directoryObject = {
'@odata.id': 'https://graph.microsoft.com/v1.0/directoryObjects/15c1a2d5-9101-44b2-83ab-885db8a647ca'
};
await client.api('/directoryRoles/fe8f10bf-c9c2-47eb-95cb-c26cc85f1830/members/$ref')
.post(directoryObject);
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/directoryRoles/fe8f10bf-c9c2-47eb-95cb-c26cc85f1830/members/$ref"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphDirectoryObject *directoryObject = [[MSGraphDirectoryObject alloc] init];
NSError *error;
NSData *directoryObjectData = [directoryObject getSerializedDataWithError:&error];
[urlRequest setHTTPBody:directoryObjectData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var directoryObject = new DirectoryObject
{
Id = "15c1a2d5-9101-44b2-83ab-885db8a647ca"
};
await graphClient.DirectoryRoles["{directoryRole-id}"].Members.References
.Request()
.AddAsync(directoryObject);
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
DirectoryObject directoryObject = new DirectoryObject();
directoryObject.id = "15c1a2d5-9101-44b2-83ab-885db8a647ca";
graphClient.directoryRoles("fe8f10bf-c9c2-47eb-95cb-c26cc85f1830").members().references()
.buildRequest()
.post(directoryObject);
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
Response
Note: The response object shown here might be shortened for readability.
HTTP/1.1 204 No Content
Content-type: text/plain
Example 2: Add a new member to a directory role using roleTemplateId
In this request, replace 88d8e3e3-8f55-4a1e-953a-9b9898b8876b with the value of the roleTemplateId for the directory role you wish to assign to the user or directory object. Replace bb165b45-151c-4cf6-9911-cd7188912848 with the id value of your user or directory object.
Request
POST https://graph.microsoft.com/v1.0/directoryRoles/roleTemplateId=88d8e3e3-8f55-4a1e-953a-9b9898b8876b/members/$ref
Content-type: application/json
{
"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/bb165b45-151c-4cf6-9911-cd7188912848"
}
const options = {
authProvider,
};
const client = Client.init(options);
const directoryObject = {
'@odata.id': 'https://graph.microsoft.com/v1.0/directoryObjects/bb165b45-151c-4cf6-9911-cd7188912848'
};
await client.api('/directoryRoles/roleTemplateId=88d8e3e3-8f55-4a1e-953a-9b9898b8876b/members/$ref')
.post(directoryObject);
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/directoryRoles/roleTemplateId=88d8e3e3-8f55-4a1e-953a-9b9898b8876b/members/$ref"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphDirectoryObject *directoryObject = [[MSGraphDirectoryObject alloc] init];
NSError *error;
NSData *directoryObjectData = [directoryObject getSerializedDataWithError:&error];
[urlRequest setHTTPBody:directoryObjectData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var directoryObject = new DirectoryObject
{
Id = "bb165b45-151c-4cf6-9911-cd7188912848"
};
await graphClient.DirectoryRoles["{directoryRole-id}"].Members.References
.Request()
.AddAsync(directoryObject);
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
DirectoryObject directoryObject = new DirectoryObject();
directoryObject.id = "bb165b45-151c-4cf6-9911-cd7188912848";
graphClient.directoryRoles("roleTemplateId=88d8e3e3-8f55-4a1e-953a-9b9898b8876b").members().references()
.buildRequest()
.post(directoryObject);
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
Response
Note: The response object shown here might be shortened for readability.
HTTP/1.1 204 No Content
