privilegedRoleAssignment resource type (deprecated)

Namespace: microsoft.graph


APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.


This version of the Privileged Identity Management (PIM) API for Azure Active Directory (Azure AD) roles is deprecated and stopped returning data on May 31, 2021. Use the new role management API.

Represents a privileged role assignment for a particular user.


Method Return Type Description
List privilegedRoleAssignment collection privilegedRoleAssignment collection Get the collection of privilegedRoleAssignment objects.
Get privilegedRoleAssignment privilegedRoleAssignment Read properties and relationships of privilegedRoleAssignment object.
Create assignment privilegedRoleAssignment Create a new assignment by posting to the assignments collection.
Delete None Delete privilegedRoleAssignment object.
makePermanent privilegedRoleAssignment Make the role assignment as permanent.
makeEligible privilegedRoleAssignment Make the role assignment as eligible.
my privilegedRoleAssignment collection Get the current user's privileged role assignments.


Property Type Description
expirationDateTime dateTimeOffset The UTC DateTime when the temporary privileged role assignment will be expired. For permanent role assignment, the value is null.
id string The unique identifier for the privileged role assignment. Read-only. It is in the format of 'userId_roleId', where userId is the GUID string for Azure AD user id, and roleId is the GUID string for Azure administrator role id.
isElevated boolean true if the role assignment is activated. false if the role assignment is deactivated.
resultMessage string Result message set by the service.
roleId string Role identifier. In GUID string format.
userId string User identifier. In GUID string format.


Relationship Type Description
roleInfo privilegedRole Read-only. Nullable. The associated role information.

JSON representation

Here is a JSON representation of the resource.

  "expirationDateTime": "String (timestamp)",
  "id": "string (identifier)",
  "isElevated": true,
  "resultMessage": "string",
  "roleId": "string",
  "userId": "string"