accessPackageAssignmentPolicy resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

In Azure AD entitlement management, an access package assignment policy specifies the policy by which subjects can request or be assigned an access package via an access package assignment. An access package can have zero or more policies. When a request from a subject is received, the subject is matched against each policy to find the policy (if any) with requestorSettings that include that subject. The policy then determines whether the request requires approval, the duration of the access package assignment, and whether the assignment needs regularly review.

To assign a user to an access package, create an accessPackageAssignmentRequest which references the access package and access package assignment policy.

Methods

Method Return Type Description
List accessPackageAssignmentPolicies accessPackageAssignmentPolicy collection Retrieve a list of accessPackageAssignmentPolicy objects.
Create accessPackageAssignmentPolicy accessPackageAssignmentPolicy Create a new accessPackageAssignmentPolicy object.
Get accessPackageAssignmentPolicy accessPackageAssignmentPolicy Read properties and relationships of an accessPackageAssignmentPolicy object.
Update accessPackageAssignmentPolicy accessPackageAssignmentPolicy Update the properties of an accessPackageAssignmentPolicy object.
Delete accessPackageAssignmentPolicy Delete an accessPackageAssignmentPolicy.

Properties

Property Type Description
accessPackageId String ID of the access package.
accessReviewSettings assignmentReviewSettings Who must review, and how often, the assignments to the access package from this policy. This property is null if reviews are not required.
canExtend Boolean Indicates whether a user can extend the access package assignment duration after approval.
createdBy String Read-only.
createdDateTime DateTimeOffset The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z
description String The description of the policy.
displayName String The display name of the policy.
durationInDays Int32 The number of days in which assignments from this policy last until they are expired.
expirationDateTime DateTimeOffset The expiration date for assignments created in this policy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z
id String Read-only.
modifiedBy String Read-only.
modifiedDateTime DateTimeOffset The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z
requestApprovalSettings approvalSettings Who must approve requests for access package in this policy.
requestorSettings requestorSettings Who can request this access package from this policy.
questions accessPackageQuestion collection Questions that are posed to the requestor.

Relationships

Relationship Type Description
accessPackage accessPackage The access package with this policy. Read-only. Nullable.

JSON representation

The following is a JSON representation of the resource.

{
    "id": "string",
    "accessPackageId": "string",
    "displayName": "string",
    "description": "string",
    "isDenyPolicy": false,
    "canExtend": false,
    "durationInDays": 365,
    "requestorSettings": {
        "scopeType": "string",
        "acceptRequests": true,
        "allowedRequestors": [{
            "@odata.type": "#microsoft.graph.userSet"
        }]
    },
    "requestApprovalSettings": {
        "isApprovalRequired": false,
        "isApprovalRequiredForExtension": false,
        "isRequestorJustificationRequired": false,
        "approvalMode": "string",
        "approvalStages": [{
            "approvalStageTimeOutInDays": 14,
            "isApproverJustificationRequired": true,
            "isEscalationEnabled": true,
            "escalationTimeInMinutes": 11520,
            "primaryApprovers": [{
                "@odata.type": "#microsoft.graph.userSet"
            }],
            "escalationApprovers": [{
                "@odata.type": "#microsoft.graph.userSet"
            }]
        }]
    },
    "accessReviewSettings": null,
    "questions": [{
        "@odata.type": "#microsoft.graph.question"
    }]
}