New-AzureADGroupAppRoleAssignment
This article provides migration details from New-AzureADGroupAppRoleAssignment command to Microsoft Graph PowerShell.
Summary
- Azure AD Command: New-AzureADGroupAppRoleAssignment
- Azure AD Module: AzureAD
- Microsoft Graph Command: New-MgGroupAppRoleAssignment (Community Examples)
- Graph Module: Microsoft.Graph.Applications
- Graph Endpoint: POST /groups/{groupId}/appRoleAssignments
Permissions
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | AppRoleAssignment.ReadWrite.All | Not available. |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | AppRoleAssignment.ReadWrite.All | Not available. |
View more details on permissions.
Note
As a best practice, we recommend creating app role assignments through the appRoleAssignedTo relationship of the resource service principal, instead of the appRoleAssignments relationship of the assigned user, group, or service principal.
Property Mapping
| Azure AD Name | Microsoft Graph Name |
|---|---|
| Id | Id |
| ObjectId | GroupId |
| PrincipalId | PrincipalId |
| ResourceId | ResourceId |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for