添加 scopedRoleMember
命名空间:microsoft.graph
分配 Azure Active Directory (具有管理单元范围的 Azure AD) 角色。 有关可使用管理单元范围分配的角色的列表,请参 阅分配具有管理单元范围的 Azure AD 角色。
权限
要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限。
| 权限类型 |
权限(从最低特权到最高特权) |
| 委派(工作或学校帐户) |
RoleManagement.ReadWrite.Directory |
| 委派(个人 Microsoft 帐户) |
不支持。 |
| Application |
RoleManagement.ReadWrite.Directory |
若要分配具有管理单元范围的 Azure AD 角色,必须为调用主体分配以下 Azure AD 角色之一:
HTTP 请求
POST /directory/administrativeUnits/{id}/scopedRoleMembers
| 名称 |
说明 |
| Authorization |
Bearer {token}。必需。 |
| Content-type |
application/json. Required. |
请求正文
在请求正文中,提供 scopedRoleMembership 对象的 JSON 表示形式。
响应
如果成功,此方法在响应正文中返回 201 Created 响应代码和 scopedRoleMembership 对象。
示例
请求
下面是一个请求示例。
POST https://graph.microsoft.com/v1.0/directory/administrativeUnits/{id}/scopedRoleMembers
Content-type: application/json
{
"roleId": "roleId-value",
"roleMemberInfo": {
"id": "id-value"
}
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var scopedRoleMembership = new ScopedRoleMembership
{
RoleId = "roleId-value",
RoleMemberInfo = new Identity
{
Id = "id-value"
}
};
await graphClient.Directory.AdministrativeUnits["{administrativeUnit-id}"].ScopedRoleMembers
.Request()
.AddAsync(scopedRoleMembership);
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const scopedRoleMembership = {
roleId: 'roleId-value',
roleMemberInfo: {
id: 'id-value'
}
};
await client.api('/directory/administrativeUnits/{id}/scopedRoleMembers')
.post(scopedRoleMembership);
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/directory/administrativeUnits/{id}/scopedRoleMembers"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphScopedRoleMembership *scopedRoleMembership = [[MSGraphScopedRoleMembership alloc] init];
[scopedRoleMembership setRoleId:@"roleId-value"];
MSGraphIdentity *roleMemberInfo = [[MSGraphIdentity alloc] init];
[roleMemberInfo setId:@"id-value"];
[scopedRoleMembership setRoleMemberInfo:roleMemberInfo];
NSError *error;
NSData *scopedRoleMembershipData = [scopedRoleMembership getSerializedDataWithError:&error];
[urlRequest setHTTPBody:scopedRoleMembershipData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
ScopedRoleMembership scopedRoleMembership = new ScopedRoleMembership();
scopedRoleMembership.roleId = "roleId-value";
Identity roleMemberInfo = new Identity();
roleMemberInfo.id = "id-value";
scopedRoleMembership.roleMemberInfo = roleMemberInfo;
graphClient.directory().administrativeUnits("{id}").scopedRoleMembers()
.buildRequest()
.post(scopedRoleMembership);
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewScopedRoleMembership()
roleId := "roleId-value"
requestBody.SetRoleId(&roleId)
roleMemberInfo := msgraphsdk.NewIdentity()
requestBody.SetRoleMemberInfo(roleMemberInfo)
id := "id-value"
roleMemberInfo.SetId(&id)
administrativeUnitId := "administrativeUnit-id"
result, err := graphClient.Directory().AdministrativeUnitsById(&administrativeUnitId).ScopedRoleMembers().Post(requestBody)
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Identity.DirectoryManagement
$params = @{
RoleId = "roleId-value"
RoleMemberInfo = @{
Id = "id-value"
}
}
New-MgDirectoryAdministrativeUnitScopedRoleMember -AdministrativeUnitId $administrativeUnitId -BodyParameter $params
有关如何将 SDK 添加 到项目并 创建 authProvider 实例的 详细信息,请参阅 SDK 文档。
在请求正文中,提供 scopedRoleMembership 对象的 JSON 表示形式。
响应
这是一个示例响应。注意:为提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#scopedRoleMemberships/$entity",
"administrativeUnitId": "administrativeUnitId-value",
"roleId": "roleId-value",
"roleMemberInfo": {
"id": "id-value",
"displayName": "displayName-value",
"userPrincipalName": "userPrincipalName-value"
},
"id": "id-value"
}