Privileged Identity Management

Namespace: microsoft.graph


APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Azure Active Directory (Azure AD) Privileged Identity Management (PIM) is a service that enables you to manage, control, and monitor access to important resources in your organization. This includes access to resources in Azure AD, Azure resources, and other Microsoft Online Services like Microsoft 365 or Microsoft Intune. Microsoft Graph provides APIs that you can use to manage Azure AD roles and Azure resource roles.


The API to manage Azure AD roles will change between June and November of 2019 to follow the namespace and convention of the Azure resource API. Azure AD PIM will become a resource under the Azure resource convention. If this change will directly affect your tenant, please complete the Graph API change for Azure AD PIM form to get additional information, support, and the ability to schedule a time for this API change.