获取成员对象Get member objects

命名空间:microsoft.graphNamespace: microsoft.graph

返回 user、group 或 directory 对象所属的所有组和目录角色。此函数是可传递的。Returns all the groups and directory roles that a user, group, or directory object is a member of. This function is transitive.

注意:只有用户可以是目录角色的成员。Note: Only users can be members of directory roles.

权限Permissions

要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

权限类型Permission type 权限(从最低特权到最高特权)Permissions (from least to most privileged)
委派(工作或学校帐户)Delegated (work or school account) User.Read.All 和 Group.Read.All、Directory.Read.AllUser.Read.All and Group.Read.All, Directory.Read.All
委派(个人 Microsoft 帐户)Delegated (personal Microsoft account) 不支持。Not supported.
ApplicationApplication User.Read.All 和 Group.Read.All、Directory.Read.AllUser.Read.All and Group.Read.All, Directory.Read.All

HTTP 请求HTTP request

POST /me/getMemberObjects
POST /users/{id | userPrincipalName}/getMemberObjects
POST /groups/{id}/getMemberGroups
POST /directoryObjects/{id}/getMemberObjects

请求标头Request headers

名称Name 类型Type 说明Description
AuthorizationAuthorization stringstring Bearer {token}。必需。Bearer {token}. Required.
Content-TypeContent-Type stringstring application/jsonapplication/json

请求正文Request body

在请求正文中,提供具有以下参数的 JSON 对象。In the request body, provide a JSON object with the following parameters.

参数Parameter 类型Type 说明Description
securityEnabledOnlysecurityEnabledOnly BooleanBoolean true 指定仅应返回包含实体的安全组;false 指定应返回包含实体的所有组和目录角色。注意:如果参数为 true,只能对一位用户调用此函数。true to specify that only security groups that the entity is a member of should be returned; false to specify that all groups and directory roles that the entity is a member of should be returned. Note: The function can only be called on a user if the parameter is true.

响应Response

如果成功,此方法在响应正文中返回 200 OK 响应代码和 String 集合对象。If successful, this method returns 200 OK response code and String collection object in the response body.

示例Example

请求Request
POST https://graph.microsoft.com/v1.0/directoryObjects/{object-id}/getMemberObjects
Content-type: application/json

{
  "securityEnabledOnly": true
}
响应Response

注意:为了简单起见,可能会将此处所示的响应对象截断。将从实际调用中返回所有属性。Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 200 OK
Content-type: application/json

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(Edm.String)",
    "value": [
        "fee2c45b-915a-4a64-b130-f4eb9e75525e",
        "4fe90ae7-065a-478b-9400-e0a0e1cbd540",
        "c9ee2d50-9e8a-4352-b97c-4c2c99557c22",
        "e0c3beaf-eeb4-43d8-abc5-94f037a65697"
    ]
}