Uma das seguintes permissões é obrigatória para chamar esta API. Para saber mais, incluindo como escolher permissões, confira Permissões.
Uma política de atribuição direta é útil quando as solicitações de atribuição de pacote de acesso só serão criadas por um administrador, não pelos próprios usuários.
O exemplo a seguir mostra uma solicitação para criar uma política de atribuição de pacote de acesso. Nessa política, nenhum usuário pode solicitar, nenhuma aprovação é necessária e não há revisões de acesso.
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentPolicies
Content-Type: application/json
{
"displayName": "New Policy",
"description": "policy for assignment",
"allowedTargetScope": "notSpecified",
"specificAllowedTargets": [],
"expiration": {
"endDateTime": null,
"duration": null,
"type": "noExpiration"
},
"requestorSettings": {
"enableTargetsToSelfAddAccess": false,
"enableTargetsToSelfUpdateAccess": false,
"enableTargetsToSelfRemoveAccess": false,
"allowCustomAssignmentSchedule": true,
"enableOnBehalfRequestorsToAddAccess": false,
"enableOnBehalfRequestorsToUpdateAccess": false,
"enableOnBehalfRequestorsToRemoveAccess": false,
"onBehalfRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequiredForAdd": false,
"isApprovalRequiredForUpdate": false,
"stages": []
},
"accessPackage": {
"id": "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
}
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
DisplayName = "New Policy",
Description = "policy for assignment",
AllowedTargetScope = AllowedTargetScope.NotSpecified,
SpecificAllowedTargets = new List<SubjectSet>()
{
},
Expiration = new ExpirationPattern
{
EndDateTime = null,
Duration = null,
Type = ExpirationPatternType.NoExpiration
},
RequestorSettings = new AccessPackageAssignmentRequestorSettings
{
EnableTargetsToSelfAddAccess = false,
EnableTargetsToSelfUpdateAccess = false,
EnableTargetsToSelfRemoveAccess = false,
AllowCustomAssignmentSchedule = true,
EnableOnBehalfRequestorsToAddAccess = false,
EnableOnBehalfRequestorsToUpdateAccess = false,
EnableOnBehalfRequestorsToRemoveAccess = false,
OnBehalfRequestors = new List<SubjectSet>()
{
}
},
RequestApprovalSettings = new AccessPackageAssignmentApprovalSettings
{
IsApprovalRequiredForAdd = false,
IsApprovalRequiredForUpdate = false,
Stages = new List<AccessPackageApprovalStage>()
{
}
},
AccessPackage = new AccessPackage
{
Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
}
};
await graphClient.IdentityGovernance.EntitlementManagement.AssignmentPolicies
.Request()
.AddAsync(accessPackageAssignmentPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
displayName: 'New Policy',
description: 'policy for assignment',
allowedTargetScope: 'notSpecified',
specificAllowedTargets: [],
expiration: {
endDateTime: null,
duration: null,
type: 'noExpiration'
},
requestorSettings: {
enableTargetsToSelfAddAccess: false,
enableTargetsToSelfUpdateAccess: false,
enableTargetsToSelfRemoveAccess: false,
allowCustomAssignmentSchedule: true,
enableOnBehalfRequestorsToAddAccess: false,
enableOnBehalfRequestorsToUpdateAccess: false,
enableOnBehalfRequestorsToRemoveAccess: false,
onBehalfRequestors: []
},
requestApprovalSettings: {
isApprovalRequiredForAdd: false,
isApprovalRequiredForUpdate: false,
stages: []
},
accessPackage: {
id: 'a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b'
}
};
await client.api('/identityGovernance/entitlementManagement/assignmentPolicies')
.post(accessPackageAssignmentPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/assignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setDisplayName:@"New Policy"];
[accessPackageAssignmentPolicy setDescription:@"policy for assignment"];
[accessPackageAssignmentPolicy setAllowedTargetScope: [MSGraphAllowedTargetScope notSpecified]];
NSMutableArray *specificAllowedTargetsList = [[NSMutableArray alloc] init];
[accessPackageAssignmentPolicy setSpecificAllowedTargets:specificAllowedTargetsList];
MSGraphExpirationPattern *expiration = [[MSGraphExpirationPattern alloc] init];
[expiration setEndDateTime: null];
[expiration setDuration: null];
[expiration setType: [MSGraphExpirationPatternType noExpiration]];
[accessPackageAssignmentPolicy setExpiration:expiration];
MSGraphAccessPackageAssignmentRequestorSettings *requestorSettings = [[MSGraphAccessPackageAssignmentRequestorSettings alloc] init];
[requestorSettings setEnableTargetsToSelfAddAccess: false];
[requestorSettings setEnableTargetsToSelfUpdateAccess: false];
[requestorSettings setEnableTargetsToSelfRemoveAccess: false];
[requestorSettings setAllowCustomAssignmentSchedule: true];
[requestorSettings setEnableOnBehalfRequestorsToAddAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToUpdateAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToRemoveAccess: false];
NSMutableArray *onBehalfRequestorsList = [[NSMutableArray alloc] init];
[requestorSettings setOnBehalfRequestors:onBehalfRequestorsList];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphAccessPackageAssignmentApprovalSettings *requestApprovalSettings = [[MSGraphAccessPackageAssignmentApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequiredForAdd: false];
[requestApprovalSettings setIsApprovalRequiredForUpdate: false];
NSMutableArray *stagesList = [[NSMutableArray alloc] init];
[requestApprovalSettings setStages:stagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];
MSGraphAccessPackage *accessPackage = [[MSGraphAccessPackage alloc] init];
[accessPackage setId:@"a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"];
[accessPackageAssignmentPolicy setAccessPackage:accessPackage];
NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.displayName = "New Policy";
accessPackageAssignmentPolicy.description = "policy for assignment";
accessPackageAssignmentPolicy.allowedTargetScope = AllowedTargetScope.NOT_SPECIFIED;
LinkedList<SubjectSet> specificAllowedTargetsList = new LinkedList<SubjectSet>();
accessPackageAssignmentPolicy.specificAllowedTargets = specificAllowedTargetsList;
ExpirationPattern expiration = new ExpirationPattern();
expiration.endDateTime = OffsetDateTimeSerializer.deserialize("null");
expiration.duration = DatatypeFactory.newInstance().newDuration("null");
expiration.type = ExpirationPatternType.NO_EXPIRATION;
accessPackageAssignmentPolicy.expiration = expiration;
AccessPackageAssignmentRequestorSettings requestorSettings = new AccessPackageAssignmentRequestorSettings();
requestorSettings.enableTargetsToSelfAddAccess = false;
requestorSettings.enableTargetsToSelfUpdateAccess = false;
requestorSettings.enableTargetsToSelfRemoveAccess = false;
requestorSettings.allowCustomAssignmentSchedule = true;
requestorSettings.enableOnBehalfRequestorsToAddAccess = false;
requestorSettings.enableOnBehalfRequestorsToUpdateAccess = false;
requestorSettings.enableOnBehalfRequestorsToRemoveAccess = false;
LinkedList<SubjectSet> onBehalfRequestorsList = new LinkedList<SubjectSet>();
requestorSettings.onBehalfRequestors = onBehalfRequestorsList;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
AccessPackageAssignmentApprovalSettings requestApprovalSettings = new AccessPackageAssignmentApprovalSettings();
requestApprovalSettings.isApprovalRequiredForAdd = false;
requestApprovalSettings.isApprovalRequiredForUpdate = false;
LinkedList<AccessPackageApprovalStage> stagesList = new LinkedList<AccessPackageApprovalStage>();
requestApprovalSettings.stages = stagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;
AccessPackage accessPackage = new AccessPackage();
accessPackage.id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b";
accessPackageAssignmentPolicy.accessPackage = accessPackage;
graphClient.identityGovernance().entitlementManagement().assignmentPolicies()
.buildRequest()
.post(accessPackageAssignmentPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
displayName := "New Policy"
requestBody.SetDisplayName(&displayName)
description := "policy for assignment"
requestBody.SetDescription(&description)
allowedTargetScope := "notSpecified"
requestBody.SetAllowedTargetScope(&allowedTargetScope)
requestBody.SetSpecificAllowedTargets( []SubjectSet {
}
expiration := msgraphsdk.NewExpirationPattern()
requestBody.SetExpiration(expiration)
expiration.SetEndDateTime(nil)
expiration.SetDuration(nil)
type := "noExpiration"
expiration.SetType(&type)
requestorSettings := msgraphsdk.NewAccessPackageAssignmentRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
enableTargetsToSelfAddAccess := false
requestorSettings.SetEnableTargetsToSelfAddAccess(&enableTargetsToSelfAddAccess)
enableTargetsToSelfUpdateAccess := false
requestorSettings.SetEnableTargetsToSelfUpdateAccess(&enableTargetsToSelfUpdateAccess)
enableTargetsToSelfRemoveAccess := false
requestorSettings.SetEnableTargetsToSelfRemoveAccess(&enableTargetsToSelfRemoveAccess)
allowCustomAssignmentSchedule := true
requestorSettings.SetAllowCustomAssignmentSchedule(&allowCustomAssignmentSchedule)
enableOnBehalfRequestorsToAddAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToAddAccess(&enableOnBehalfRequestorsToAddAccess)
enableOnBehalfRequestorsToUpdateAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToUpdateAccess(&enableOnBehalfRequestorsToUpdateAccess)
enableOnBehalfRequestorsToRemoveAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToRemoveAccess(&enableOnBehalfRequestorsToRemoveAccess)
requestorSettings.SetOnBehalfRequestors( []SubjectSet {
}
requestApprovalSettings := msgraphsdk.NewAccessPackageAssignmentApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequiredForAdd := false
requestApprovalSettings.SetIsApprovalRequiredForAdd(&isApprovalRequiredForAdd)
isApprovalRequiredForUpdate := false
requestApprovalSettings.SetIsApprovalRequiredForUpdate(&isApprovalRequiredForUpdate)
requestApprovalSettings.SetStages( []AccessPackageApprovalStage {
}
accessPackage := msgraphsdk.NewAccessPackage()
requestBody.SetAccessPackage(accessPackage)
id := "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
accessPackage.SetId(&id)
result, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentPolicies().Post(requestBody)
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
Import-Module Microsoft.Graph.Identity.Governance
$params = @{
DisplayName = "New Policy"
Description = "policy for assignment"
AllowedTargetScope = "notSpecified"
SpecificAllowedTargets = @(
)
Expiration = @{
EndDateTime = $null
Duration = $null
Type = "noExpiration"
}
RequestorSettings = @{
EnableTargetsToSelfAddAccess = $false
EnableTargetsToSelfUpdateAccess = $false
EnableTargetsToSelfRemoveAccess = $false
AllowCustomAssignmentSchedule = $true
EnableOnBehalfRequestorsToAddAccess = $false
EnableOnBehalfRequestorsToUpdateAccess = $false
EnableOnBehalfRequestorsToRemoveAccess = $false
OnBehalfRequestors = @(
)
}
RequestApprovalSettings = @{
IsApprovalRequiredForAdd = $false
IsApprovalRequiredForUpdate = $false
Stages = @(
)
}
AccessPackage = @{
Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
}
}
New-MgEntitlementManagementAssignmentPolicy -BodyParameter $params
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
O exemplo a seguir mostra uma política mais complexa com dois estágios de aprovação e revisões de acesso recorrentes.
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentPolicies
Content-Type: application/json
{
"displayName": "policy for external access requests",
"description": "policy for users from connected organizations to request access, with two stages of approval.",
"allowedTargetScope": "allConfiguredConnectedOrganizationUsers",
"specificAllowedTargets": [],
"expiration": {
"type": "noExpiration"
},
"requestorSettings": {
"enableTargetsToSelfAddAccess": true,
"enableTargetsToSelfUpdateAccess": true,
"enableTargetsToSelfRemoveAccess": true,
"allowCustomAssignmentSchedule": false,
"enableOnBehalfRequestorsToAddAccess": false,
"enableOnBehalfRequestorsToUpdateAccess": false,
"enableOnBehalfRequestorsToRemoveAccess": false,
"onBehalfRequestors": []
},
"requestApprovalSettings": {
"isApprovalRequiredForAdd": true,
"isApprovalRequiredForUpdate": false,
"stages": [
{
"durationBeforeAutomaticDenial": "P14D",
"isApproverJustificationRequired": false,
"isEscalationEnabled": false,
"durationBeforeEscalation": "PT0S",
"primaryApprovers": [
{
"@odata.type": "#microsoft.graph.internalSponsors"
}
],
"fallbackPrimaryApprovers": [
{
"@odata.type": "#microsoft.graph.singleUser",
"userId": "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
},
{
"@odata.type": "#microsoft.graph.groupMembers",
"groupId": "1623f912-5e86-41c2-af47-39dd67582b66"
}
],
"escalationApprovers": [],
"fallbackEscalationApprovers": []
},
{
"durationBeforeAutomaticDenial": "P14D",
"isApproverJustificationRequired": false,
"isEscalationEnabled": false,
"durationBeforeEscalation": "PT0S",
"primaryApprovers": [],
"fallbackPrimaryApprovers": [
{
"@odata.type": "#microsoft.graph.singleUser",
"userId": "46184453-e63b-4f20-86c2-c557ed5d5df9"
},
{
"@odata.type": "#microsoft.graph.groupMembers",
"groupId": "1623f912-5e86-41c2-af47-39dd67582b66"
}
],
"escalationApprovers": [],
"fallbackEscalationApprovers": []
}
]
},
"reviewSettings": {
"isEnabled": true,
"expirationBehavior": "keepAccess",
"isRecommendationEnabled": true,
"isReviewerJustificationRequired": true,
"isSelfReview": false,
"schedule": {
"startDateTime": "2022-07-02T06:59:59.998Z",
"expiration": {
"duration": "P14D",
"type": "afterDuration"
},
"recurrence": {
"pattern": {
"type": "absoluteMonthly",
"interval": 3,
"month": 0,
"dayOfMonth": 0,
"daysOfWeek": []
},
"range": {
"type": "noEnd",
"numberOfOccurrences": 0
}
}
},
"primaryReviewers": [
{
"@odata.type": "#microsoft.graph.groupMembers",
"groupId": "1623f912-5e86-41c2-af47-39dd67582b66"
}
],
"fallbackReviewers": []
},
"accessPackage": {
"id": "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
}
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
DisplayName = "policy for external access requests",
Description = "policy for users from connected organizations to request access, with two stages of approval.",
AllowedTargetScope = AllowedTargetScope.AllConfiguredConnectedOrganizationUsers,
SpecificAllowedTargets = new List<SubjectSet>()
{
},
Expiration = new ExpirationPattern
{
Type = ExpirationPatternType.NoExpiration
},
RequestorSettings = new AccessPackageAssignmentRequestorSettings
{
EnableTargetsToSelfAddAccess = true,
EnableTargetsToSelfUpdateAccess = true,
EnableTargetsToSelfRemoveAccess = true,
AllowCustomAssignmentSchedule = false,
EnableOnBehalfRequestorsToAddAccess = false,
EnableOnBehalfRequestorsToUpdateAccess = false,
EnableOnBehalfRequestorsToRemoveAccess = false,
OnBehalfRequestors = new List<SubjectSet>()
{
}
},
RequestApprovalSettings = new AccessPackageAssignmentApprovalSettings
{
IsApprovalRequiredForAdd = true,
IsApprovalRequiredForUpdate = false,
Stages = new List<AccessPackageApprovalStage>()
{
new AccessPackageApprovalStage
{
DurationBeforeAutomaticDenial = new Duration("P14D"),
IsApproverJustificationRequired = false,
IsEscalationEnabled = false,
DurationBeforeEscalation = new Duration("PT0S"),
PrimaryApprovers = new List<SubjectSet>()
{
new InternalSponsors
{
}
},
FallbackPrimaryApprovers = new List<SubjectSet>()
{
new SingleUser
{
UserId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
},
new GroupMembers
{
GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
}
},
EscalationApprovers = new List<SubjectSet>()
{
},
FallbackEscalationApprovers = new List<SubjectSet>()
{
}
},
new AccessPackageApprovalStage
{
DurationBeforeAutomaticDenial = new Duration("P14D"),
IsApproverJustificationRequired = false,
IsEscalationEnabled = false,
DurationBeforeEscalation = new Duration("PT0S"),
PrimaryApprovers = new List<SubjectSet>()
{
},
FallbackPrimaryApprovers = new List<SubjectSet>()
{
new SingleUser
{
UserId = "46184453-e63b-4f20-86c2-c557ed5d5df9"
},
new GroupMembers
{
GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
}
},
EscalationApprovers = new List<SubjectSet>()
{
},
FallbackEscalationApprovers = new List<SubjectSet>()
{
}
}
}
},
ReviewSettings = new AccessPackageAssignmentReviewSettings
{
IsEnabled = true,
ExpirationBehavior = AccessReviewExpirationBehavior.KeepAccess,
IsRecommendationEnabled = true,
IsReviewerJustificationRequired = true,
IsSelfReview = false,
Schedule = new EntitlementManagementSchedule
{
StartDateTime = DateTimeOffset.Parse("2022-07-02T06:59:59.998Z"),
Expiration = new ExpirationPattern
{
Duration = new Duration("P14D"),
Type = ExpirationPatternType.AfterDuration
},
Recurrence = new PatternedRecurrence
{
Pattern = new RecurrencePattern
{
Type = RecurrencePatternType.AbsoluteMonthly,
Interval = 3,
Month = 0,
DayOfMonth = 0,
DaysOfWeek = new List<DayOfWeek>()
{
}
},
Range = new RecurrenceRange
{
Type = RecurrenceRangeType.NoEnd,
NumberOfOccurrences = 0
}
}
},
PrimaryReviewers = new List<SubjectSet>()
{
new GroupMembers
{
GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
}
},
FallbackReviewers = new List<SubjectSet>()
{
}
},
AccessPackage = new AccessPackage
{
Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
}
};
await graphClient.IdentityGovernance.EntitlementManagement.AssignmentPolicies
.Request()
.AddAsync(accessPackageAssignmentPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
const options = {
authProvider,
};
const client = Client.init(options);
const accessPackageAssignmentPolicy = {
displayName: 'policy for external access requests',
description: 'policy for users from connected organizations to request access, with two stages of approval.',
allowedTargetScope: 'allConfiguredConnectedOrganizationUsers',
specificAllowedTargets: [],
expiration: {
type: 'noExpiration'
},
requestorSettings: {
enableTargetsToSelfAddAccess: true,
enableTargetsToSelfUpdateAccess: true,
enableTargetsToSelfRemoveAccess: true,
allowCustomAssignmentSchedule: false,
enableOnBehalfRequestorsToAddAccess: false,
enableOnBehalfRequestorsToUpdateAccess: false,
enableOnBehalfRequestorsToRemoveAccess: false,
onBehalfRequestors: []
},
requestApprovalSettings: {
isApprovalRequiredForAdd: true,
isApprovalRequiredForUpdate: false,
stages: [
{
durationBeforeAutomaticDenial: 'P14D',
isApproverJustificationRequired: false,
isEscalationEnabled: false,
durationBeforeEscalation: 'PT0S',
primaryApprovers: [
{
'@odata.type': '#microsoft.graph.internalSponsors'
}
],
fallbackPrimaryApprovers: [
{
'@odata.type': '#microsoft.graph.singleUser',
userId: '7deff43e-1f17-44ef-9e5f-d516b0ba11d4'
},
{
'@odata.type': '#microsoft.graph.groupMembers',
groupId: '1623f912-5e86-41c2-af47-39dd67582b66'
}
],
escalationApprovers: [],
fallbackEscalationApprovers: []
},
{
durationBeforeAutomaticDenial: 'P14D',
isApproverJustificationRequired: false,
isEscalationEnabled: false,
durationBeforeEscalation: 'PT0S',
primaryApprovers: [],
fallbackPrimaryApprovers: [
{
'@odata.type': '#microsoft.graph.singleUser',
userId: '46184453-e63b-4f20-86c2-c557ed5d5df9'
},
{
'@odata.type': '#microsoft.graph.groupMembers',
groupId: '1623f912-5e86-41c2-af47-39dd67582b66'
}
],
escalationApprovers: [],
fallbackEscalationApprovers: []
}
]
},
reviewSettings: {
isEnabled: true,
expirationBehavior: 'keepAccess',
isRecommendationEnabled: true,
isReviewerJustificationRequired: true,
isSelfReview: false,
schedule: {
startDateTime: '2022-07-02T06:59:59.998Z',
expiration: {
duration: 'P14D',
type: 'afterDuration'
},
recurrence: {
pattern: {
type: 'absoluteMonthly',
interval: 3,
month: 0,
dayOfMonth: 0,
daysOfWeek: []
},
range: {
type: 'noEnd',
numberOfOccurrences: 0
}
}
},
primaryReviewers: [
{
'@odata.type': '#microsoft.graph.groupMembers',
groupId: '1623f912-5e86-41c2-af47-39dd67582b66'
}
],
fallbackReviewers: []
},
accessPackage: {
id: 'a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b'
}
};
await client.api('/identityGovernance/entitlementManagement/assignmentPolicies')
.post(accessPackageAssignmentPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/assignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setDisplayName:@"policy for external access requests"];
[accessPackageAssignmentPolicy setDescription:@"policy for users from connected organizations to request access, with two stages of approval."];
[accessPackageAssignmentPolicy setAllowedTargetScope: [MSGraphAllowedTargetScope allConfiguredConnectedOrganizationUsers]];
NSMutableArray *specificAllowedTargetsList = [[NSMutableArray alloc] init];
[accessPackageAssignmentPolicy setSpecificAllowedTargets:specificAllowedTargetsList];
MSGraphExpirationPattern *expiration = [[MSGraphExpirationPattern alloc] init];
[expiration setType: [MSGraphExpirationPatternType noExpiration]];
[accessPackageAssignmentPolicy setExpiration:expiration];
MSGraphAccessPackageAssignmentRequestorSettings *requestorSettings = [[MSGraphAccessPackageAssignmentRequestorSettings alloc] init];
[requestorSettings setEnableTargetsToSelfAddAccess: true];
[requestorSettings setEnableTargetsToSelfUpdateAccess: true];
[requestorSettings setEnableTargetsToSelfRemoveAccess: true];
[requestorSettings setAllowCustomAssignmentSchedule: false];
[requestorSettings setEnableOnBehalfRequestorsToAddAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToUpdateAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToRemoveAccess: false];
NSMutableArray *onBehalfRequestorsList = [[NSMutableArray alloc] init];
[requestorSettings setOnBehalfRequestors:onBehalfRequestorsList];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphAccessPackageAssignmentApprovalSettings *requestApprovalSettings = [[MSGraphAccessPackageAssignmentApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequiredForAdd: true];
[requestApprovalSettings setIsApprovalRequiredForUpdate: false];
NSMutableArray *stagesList = [[NSMutableArray alloc] init];
MSGraphAccessPackageApprovalStage *stages = [[MSGraphAccessPackageApprovalStage alloc] init];
[stages setDurationBeforeAutomaticDenial:@"P14D"];
[stages setIsApproverJustificationRequired: false];
[stages setIsEscalationEnabled: false];
[stages setDurationBeforeEscalation:@"PT0S"];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
MSGraphSubjectSet *primaryApprovers = [[MSGraphSubjectSet alloc] init];
[primaryApproversList addObject: primaryApprovers];
[stages setPrimaryApprovers:primaryApproversList];
NSMutableArray *fallbackPrimaryApproversList = [[NSMutableArray alloc] init];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setUserId:@"7deff43e-1f17-44ef-9e5f-d516b0ba11d4"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setGroupId:@"1623f912-5e86-41c2-af47-39dd67582b66"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
[stages setFallbackPrimaryApprovers:fallbackPrimaryApproversList];
NSMutableArray *escalationApproversList = [[NSMutableArray alloc] init];
[stages setEscalationApprovers:escalationApproversList];
NSMutableArray *fallbackEscalationApproversList = [[NSMutableArray alloc] init];
[stages setFallbackEscalationApprovers:fallbackEscalationApproversList];
[stagesList addObject: stages];
MSGraphAccessPackageApprovalStage *stages = [[MSGraphAccessPackageApprovalStage alloc] init];
[stages setDurationBeforeAutomaticDenial:@"P14D"];
[stages setIsApproverJustificationRequired: false];
[stages setIsEscalationEnabled: false];
[stages setDurationBeforeEscalation:@"PT0S"];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
[stages setPrimaryApprovers:primaryApproversList];
NSMutableArray *fallbackPrimaryApproversList = [[NSMutableArray alloc] init];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setUserId:@"46184453-e63b-4f20-86c2-c557ed5d5df9"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setGroupId:@"1623f912-5e86-41c2-af47-39dd67582b66"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
[stages setFallbackPrimaryApprovers:fallbackPrimaryApproversList];
NSMutableArray *escalationApproversList = [[NSMutableArray alloc] init];
[stages setEscalationApprovers:escalationApproversList];
NSMutableArray *fallbackEscalationApproversList = [[NSMutableArray alloc] init];
[stages setFallbackEscalationApprovers:fallbackEscalationApproversList];
[stagesList addObject: stages];
[requestApprovalSettings setStages:stagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];
MSGraphAccessPackage *accessPackage = [[MSGraphAccessPackage alloc] init];
[accessPackage setId:@"a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"];
[accessPackageAssignmentPolicy setAccessPackage:accessPackage];
NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.displayName = "policy for external access requests";
accessPackageAssignmentPolicy.description = "policy for users from connected organizations to request access, with two stages of approval.";
accessPackageAssignmentPolicy.allowedTargetScope = AllowedTargetScope.ALL_CONFIGURED_CONNECTED_ORGANIZATION_USERS;
LinkedList<SubjectSet> specificAllowedTargetsList = new LinkedList<SubjectSet>();
accessPackageAssignmentPolicy.specificAllowedTargets = specificAllowedTargetsList;
ExpirationPattern expiration = new ExpirationPattern();
expiration.type = ExpirationPatternType.NO_EXPIRATION;
accessPackageAssignmentPolicy.expiration = expiration;
AccessPackageAssignmentRequestorSettings requestorSettings = new AccessPackageAssignmentRequestorSettings();
requestorSettings.enableTargetsToSelfAddAccess = true;
requestorSettings.enableTargetsToSelfUpdateAccess = true;
requestorSettings.enableTargetsToSelfRemoveAccess = true;
requestorSettings.allowCustomAssignmentSchedule = false;
requestorSettings.enableOnBehalfRequestorsToAddAccess = false;
requestorSettings.enableOnBehalfRequestorsToUpdateAccess = false;
requestorSettings.enableOnBehalfRequestorsToRemoveAccess = false;
LinkedList<SubjectSet> onBehalfRequestorsList = new LinkedList<SubjectSet>();
requestorSettings.onBehalfRequestors = onBehalfRequestorsList;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
AccessPackageAssignmentApprovalSettings requestApprovalSettings = new AccessPackageAssignmentApprovalSettings();
requestApprovalSettings.isApprovalRequiredForAdd = true;
requestApprovalSettings.isApprovalRequiredForUpdate = false;
LinkedList<AccessPackageApprovalStage> stagesList = new LinkedList<AccessPackageApprovalStage>();
AccessPackageApprovalStage stages = new AccessPackageApprovalStage();
stages.durationBeforeAutomaticDenial = DatatypeFactory.newInstance().newDuration("P14D");
stages.isApproverJustificationRequired = false;
stages.isEscalationEnabled = false;
stages.durationBeforeEscalation = DatatypeFactory.newInstance().newDuration("PT0S");
LinkedList<SubjectSet> primaryApproversList = new LinkedList<SubjectSet>();
InternalSponsors primaryApprovers = new InternalSponsors();
primaryApproversList.add(primaryApprovers);
stages.primaryApprovers = primaryApproversList;
LinkedList<SubjectSet> fallbackPrimaryApproversList = new LinkedList<SubjectSet>();
SingleUser fallbackPrimaryApprovers = new SingleUser();
fallbackPrimaryApprovers.userId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4";
fallbackPrimaryApproversList.add(fallbackPrimaryApprovers);
GroupMembers fallbackPrimaryApprovers1 = new GroupMembers();
fallbackPrimaryApprovers1.groupId = "1623f912-5e86-41c2-af47-39dd67582b66";
fallbackPrimaryApproversList.add(fallbackPrimaryApprovers1);
stages.fallbackPrimaryApprovers = fallbackPrimaryApproversList;
LinkedList<SubjectSet> escalationApproversList = new LinkedList<SubjectSet>();
stages.escalationApprovers = escalationApproversList;
LinkedList<SubjectSet> fallbackEscalationApproversList = new LinkedList<SubjectSet>();
stages.fallbackEscalationApprovers = fallbackEscalationApproversList;
stagesList.add(stages);
AccessPackageApprovalStage stages1 = new AccessPackageApprovalStage();
stages1.durationBeforeAutomaticDenial = DatatypeFactory.newInstance().newDuration("P14D");
stages1.isApproverJustificationRequired = false;
stages1.isEscalationEnabled = false;
stages1.durationBeforeEscalation = DatatypeFactory.newInstance().newDuration("PT0S");
LinkedList<SubjectSet> primaryApproversList1 = new LinkedList<SubjectSet>();
stages1.primaryApprovers = primaryApproversList1;
LinkedList<SubjectSet> fallbackPrimaryApproversList1 = new LinkedList<SubjectSet>();
SingleUser fallbackPrimaryApprovers2 = new SingleUser();
fallbackPrimaryApprovers2.userId = "46184453-e63b-4f20-86c2-c557ed5d5df9";
fallbackPrimaryApproversList1.add(fallbackPrimaryApprovers2);
GroupMembers fallbackPrimaryApprovers3 = new GroupMembers();
fallbackPrimaryApprovers3.groupId = "1623f912-5e86-41c2-af47-39dd67582b66";
fallbackPrimaryApproversList1.add(fallbackPrimaryApprovers3);
stages1.fallbackPrimaryApprovers = fallbackPrimaryApproversList1;
LinkedList<SubjectSet> escalationApproversList1 = new LinkedList<SubjectSet>();
stages1.escalationApprovers = escalationApproversList1;
LinkedList<SubjectSet> fallbackEscalationApproversList1 = new LinkedList<SubjectSet>();
stages1.fallbackEscalationApprovers = fallbackEscalationApproversList1;
stagesList.add(stages1);
requestApprovalSettings.stages = stagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;
AccessPackageAssignmentReviewSettings reviewSettings = new AccessPackageAssignmentReviewSettings();
reviewSettings.isEnabled = true;
reviewSettings.expirationBehavior = AccessReviewExpirationBehavior.KEEP_ACCESS;
reviewSettings.isRecommendationEnabled = true;
reviewSettings.isReviewerJustificationRequired = true;
reviewSettings.isSelfReview = false;
EntitlementManagementSchedule schedule = new EntitlementManagementSchedule();
schedule.startDateTime = OffsetDateTimeSerializer.deserialize("2022-07-02T06:59:59.998Z");
ExpirationPattern expiration1 = new ExpirationPattern();
expiration1.duration = DatatypeFactory.newInstance().newDuration("P14D");
expiration1.type = ExpirationPatternType.AFTER_DURATION;
schedule.expiration = expiration1;
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.type = RecurrencePatternType.ABSOLUTE_MONTHLY;
pattern.interval = 3;
pattern.month = 0;
pattern.dayOfMonth = 0;
LinkedList<DayOfWeek> daysOfWeekList = new LinkedList<DayOfWeek>();
pattern.daysOfWeek = daysOfWeekList;
recurrence.pattern = pattern;
RecurrenceRange range = new RecurrenceRange();
range.type = RecurrenceRangeType.NO_END;
range.numberOfOccurrences = 0;
recurrence.range = range;
schedule.recurrence = recurrence;
reviewSettings.schedule = schedule;
LinkedList<SubjectSet> primaryReviewersList = new LinkedList<SubjectSet>();
GroupMembers primaryReviewers = new GroupMembers();
primaryReviewers.groupId = "1623f912-5e86-41c2-af47-39dd67582b66";
primaryReviewersList.add(primaryReviewers);
reviewSettings.primaryReviewers = primaryReviewersList;
LinkedList<SubjectSet> fallbackReviewersList = new LinkedList<SubjectSet>();
reviewSettings.fallbackReviewers = fallbackReviewersList;
accessPackageAssignmentPolicy.reviewSettings = reviewSettings;
AccessPackage accessPackage = new AccessPackage();
accessPackage.id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b";
accessPackageAssignmentPolicy.accessPackage = accessPackage;
graphClient.identityGovernance().entitlementManagement().assignmentPolicies()
.buildRequest()
.post(accessPackageAssignmentPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
Import-Module Microsoft.Graph.Identity.Governance
$params = @{
DisplayName = "policy for external access requests"
Description = "policy for users from connected organizations to request access, with two stages of approval."
AllowedTargetScope = "allConfiguredConnectedOrganizationUsers"
SpecificAllowedTargets = @(
)
Expiration = @{
Type = "noExpiration"
}
RequestorSettings = @{
EnableTargetsToSelfAddAccess = $true
EnableTargetsToSelfUpdateAccess = $true
EnableTargetsToSelfRemoveAccess = $true
AllowCustomAssignmentSchedule = $false
EnableOnBehalfRequestorsToAddAccess = $false
EnableOnBehalfRequestorsToUpdateAccess = $false
EnableOnBehalfRequestorsToRemoveAccess = $false
OnBehalfRequestors = @(
)
}
RequestApprovalSettings = @{
IsApprovalRequiredForAdd = $true
IsApprovalRequiredForUpdate = $false
Stages = @(
@{
DurationBeforeAutomaticDenial = "P14D"
IsApproverJustificationRequired = $false
IsEscalationEnabled = $false
DurationBeforeEscalation = "PT0S"
PrimaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.internalSponsors"
}
)
FallbackPrimaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.singleUser"
UserId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
}
@{
"@odata.type" = "#microsoft.graph.groupMembers"
GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
}
)
EscalationApprovers = @(
)
FallbackEscalationApprovers = @(
)
}
@{
DurationBeforeAutomaticDenial = "P14D"
IsApproverJustificationRequired = $false
IsEscalationEnabled = $false
DurationBeforeEscalation = "PT0S"
PrimaryApprovers = @(
)
FallbackPrimaryApprovers = @(
@{
"@odata.type" = "#microsoft.graph.singleUser"
UserId = "46184453-e63b-4f20-86c2-c557ed5d5df9"
}
@{
"@odata.type" = "#microsoft.graph.groupMembers"
GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
}
)
EscalationApprovers = @(
)
FallbackEscalationApprovers = @(
)
}
)
}
ReviewSettings = @{
IsEnabled = $true
ExpirationBehavior = "keepAccess"
IsRecommendationEnabled = $true
IsReviewerJustificationRequired = $true
IsSelfReview = $false
Schedule = @{
StartDateTime = [System.DateTime]::Parse("2022-07-02T06:59:59.998Z")
Expiration = @{
Duration = "P14D"
Type = "afterDuration"
}
Recurrence = @{
Pattern = @{
Type = "absoluteMonthly"
Interval = 3
Month = 0
DayOfMonth = 0
DaysOfWeek = @(
)
}
Range = @{
Type = "noEnd"
NumberOfOccurrences = 0
}
}
}
PrimaryReviewers = @(
@{
"@odata.type" = "#microsoft.graph.groupMembers"
GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
}
)
FallbackReviewers = @(
)
}
AccessPackage = @{
Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
}
}
New-MgEntitlementManagementAssignmentPolicy -BodyParameter $params
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
displayName := "policy for external access requests"
requestBody.SetDisplayName(&displayName)
description := "policy for users from connected organizations to request access, with two stages of approval."
requestBody.SetDescription(&description)
allowedTargetScope := "allConfiguredConnectedOrganizationUsers"
requestBody.SetAllowedTargetScope(&allowedTargetScope)
requestBody.SetSpecificAllowedTargets( []SubjectSet {
}
expiration := msgraphsdk.NewExpirationPattern()
requestBody.SetExpiration(expiration)
type := "noExpiration"
expiration.SetType(&type)
requestorSettings := msgraphsdk.NewAccessPackageAssignmentRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
enableTargetsToSelfAddAccess := true
requestorSettings.SetEnableTargetsToSelfAddAccess(&enableTargetsToSelfAddAccess)
enableTargetsToSelfUpdateAccess := true
requestorSettings.SetEnableTargetsToSelfUpdateAccess(&enableTargetsToSelfUpdateAccess)
enableTargetsToSelfRemoveAccess := true
requestorSettings.SetEnableTargetsToSelfRemoveAccess(&enableTargetsToSelfRemoveAccess)
allowCustomAssignmentSchedule := false
requestorSettings.SetAllowCustomAssignmentSchedule(&allowCustomAssignmentSchedule)
enableOnBehalfRequestorsToAddAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToAddAccess(&enableOnBehalfRequestorsToAddAccess)
enableOnBehalfRequestorsToUpdateAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToUpdateAccess(&enableOnBehalfRequestorsToUpdateAccess)
enableOnBehalfRequestorsToRemoveAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToRemoveAccess(&enableOnBehalfRequestorsToRemoveAccess)
requestorSettings.SetOnBehalfRequestors( []SubjectSet {
}
requestApprovalSettings := msgraphsdk.NewAccessPackageAssignmentApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequiredForAdd := true
requestApprovalSettings.SetIsApprovalRequiredForAdd(&isApprovalRequiredForAdd)
isApprovalRequiredForUpdate := false
requestApprovalSettings.SetIsApprovalRequiredForUpdate(&isApprovalRequiredForUpdate)
requestApprovalSettings.SetStages( []AccessPackageApprovalStage {
msgraphsdk.NewAccessPackageApprovalStage(),
durationBeforeAutomaticDenial := "P14D"
SetDurationBeforeAutomaticDenial(&durationBeforeAutomaticDenial)
isApproverJustificationRequired := false
SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := false
SetIsEscalationEnabled(&isEscalationEnabled)
durationBeforeEscalation := "PT0S"
SetDurationBeforeEscalation(&durationBeforeEscalation)
SetPrimaryApprovers( []SubjectSet {
msgraphsdk.NewSubjectSet(),
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.internalSponsors",
}
}
SetFallbackPrimaryApprovers( []SubjectSet {
msgraphsdk.NewSubjectSet(),
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.singleUser",
"userId": "7deff43e-1f17-44ef-9e5f-d516b0ba11d4",
}
msgraphsdk.NewSubjectSet(),
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.groupMembers",
"groupId": "1623f912-5e86-41c2-af47-39dd67582b66",
}
}
SetEscalationApprovers( []SubjectSet {
}
SetFallbackEscalationApprovers( []SubjectSet {
}
msgraphsdk.NewAccessPackageApprovalStage(),
durationBeforeAutomaticDenial := "P14D"
SetDurationBeforeAutomaticDenial(&durationBeforeAutomaticDenial)
isApproverJustificationRequired := false
SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := false
SetIsEscalationEnabled(&isEscalationEnabled)
durationBeforeEscalation := "PT0S"
SetDurationBeforeEscalation(&durationBeforeEscalation)
SetPrimaryApprovers( []SubjectSet {
}
SetFallbackPrimaryApprovers( []SubjectSet {
msgraphsdk.NewSubjectSet(),
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.singleUser",
"userId": "46184453-e63b-4f20-86c2-c557ed5d5df9",
}
msgraphsdk.NewSubjectSet(),
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.groupMembers",
"groupId": "1623f912-5e86-41c2-af47-39dd67582b66",
}
}
SetEscalationApprovers( []SubjectSet {
}
SetFallbackEscalationApprovers( []SubjectSet {
}
}
reviewSettings := msgraphsdk.NewAccessPackageAssignmentReviewSettings()
requestBody.SetReviewSettings(reviewSettings)
isEnabled := true
reviewSettings.SetIsEnabled(&isEnabled)
expirationBehavior := "keepAccess"
reviewSettings.SetExpirationBehavior(&expirationBehavior)
isRecommendationEnabled := true
reviewSettings.SetIsRecommendationEnabled(&isRecommendationEnabled)
isReviewerJustificationRequired := true
reviewSettings.SetIsReviewerJustificationRequired(&isReviewerJustificationRequired)
isSelfReview := false
reviewSettings.SetIsSelfReview(&isSelfReview)
schedule := msgraphsdk.NewEntitlementManagementSchedule()
reviewSettings.SetSchedule(schedule)
startDateTime, err := time.Parse(time.RFC3339, "2022-07-02T06:59:59.998Z")
schedule.SetStartDateTime(&startDateTime)
expiration := msgraphsdk.NewExpirationPattern()
schedule.SetExpiration(expiration)
duration := "P14D"
expiration.SetDuration(&duration)
type := "afterDuration"
expiration.SetType(&type)
recurrence := msgraphsdk.NewPatternedRecurrence()
schedule.SetRecurrence(recurrence)
pattern := msgraphsdk.NewRecurrencePattern()
recurrence.SetPattern(pattern)
type := "absoluteMonthly"
pattern.SetType(&type)
interval := int32(3)
pattern.SetInterval(&interval)
month := int32(0)
pattern.SetMonth(&month)
dayOfMonth := int32(0)
pattern.SetDayOfMonth(&dayOfMonth)
pattern.SetDaysOfWeek( []DayOfWeek {
}
range := msgraphsdk.NewRecurrenceRange()
recurrence.SetRange(range)
type := "noEnd"
range.SetType(&type)
numberOfOccurrences := int32(0)
range.SetNumberOfOccurrences(&numberOfOccurrences)
reviewSettings.SetPrimaryReviewers( []SubjectSet {
msgraphsdk.NewSubjectSet(),
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.groupMembers",
"groupId": "1623f912-5e86-41c2-af47-39dd67582b66",
}
}
reviewSettings.SetFallbackReviewers( []SubjectSet {
}
accessPackage := msgraphsdk.NewAccessPackage()
requestBody.SetAccessPackage(accessPackage)
id := "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
accessPackage.SetId(&id)
result, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentPolicies().Post(requestBody)
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK.