governanceResource: register

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Caution

This version of the Privileged Identity Management (PIM) API for Azure Resource roles will be deprecated soon. Please use the new Azure REST PIM API for Azure resource roles.

Register a governanceResource object in Privileged Identity Management.

Permissions

One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Note: This API also requires that the requester have at least one active role assignment on the resource.

Azure resources

Permission type Permissions
Delegated (work or school account) PrivilegedAccess.ReadWrite.AzureResources
Delegated (personal Microsoft account) Not supported.
Application Not supported.

Azure AD

Permission type Permissions
Delegated (work or school account) PrivilegedAccess.ReadWrite.AzureAD
Delegated (personal Microsoft account) Not supported.
Application Not supported.

Groups

Permission type Permissions
Delegated (work or school account) PrivilegedAccess.ReadWrite.AzureADGroup
Delegated (personal Microsoft account) Not supported.
Application Not supported.

HTTP request

POST /privilegedAccess/azureResources/resources/register

Optional query parameters

This method only supports the $select and $expand OData query parameters to help customize the response.

Request headers

Name Description
Authorization Bearer {token}
Content-type application/json

Request body

Properties Type Description
externalId String The external identifier of the resource to be registered in PIM. If registering a subscription, the identifier is the subscription identifier prepended by /subscriptions/. For example, /subscriptions/c14ae696-5e0c-4e5d-88cc-bef6637737ac.

Response

If successful, this method returns a 200 OK response.

Example

The following example shows how to call this API.

Request

POST https://graph.microsoft.com/beta/privilegedAccess/azureResources/resources/register
Content-type: application/json

{
  "externalId": "/subscriptions/c14ae696-5e0c-4e5d-88cc-bef6637737ac"
}

Response

HTTP/1.1 200 OK