创建 assignmentPolicies

项目
07/18/2022

命名空间：microsoft.graph

在 Azure AD 权利管理中，创建新的 accessPackageAssignmentPolicy 对象。请求将包含对将包含此策略的 accessPackage 的引用，该策略必须已经存在。

权限

要调用此 API，需要以下权限之一。要了解详细信息，包括如何选择权限的信息，请参阅权限。

权限类型	权限（从最低特权到最高特权）
委派（工作或学校帐户）	EntitlementManagement.ReadWrite.All
委派（个人 Microsoft 帐户）	不支持。
应用程序	EntitlementManagement.ReadWrite.All

HTTP 请求

POST /identityGovernance/entitlementManagement/assignmentPolicies

请求标头

名称	说明
Authorization	Bearer {token}。必需。
Content-Type	application/json. Required.

请求正文

在请求正文中，提供 accessPackageAssignmentPolicy 对象的 JSON 表示形式。

创建 accessPackageAssignmentPolicy 时，可以指定以下属性。

属性	类型	说明
说明	String	策略的说明。
displayName	String	策略的显示名称。
allowedTargetScope	allowedTargetScope	允许通过此策略为Who分配访问包。可取值包括：`notSpecified`、`specificDirectoryUsers`、`specificConnectedOrganizationUsers`、`specificDirectoryServicePrincipals`、`allMemberUsers`、`allDirectoryUsers`、`allDirectoryServicePrincipals`、`allConfiguredConnectedOrganizationUsers`、`allExternalUsers`、`unknownFutureValue`。可选。
到期	expirationPattern	在此策略中创建的分配的到期日期。
requestApprovalSettings	accessPackageAssignmentApprovalSettings	指定通过此策略批准访问包分配请求的设置。例如，如果新请求需要审批。
requestorSettings	accessPackageAssignmentRequestorSettings	提供其他设置，以选择谁可以通过此策略创建访问包分配请求，以及它们可以包含在请求中的内容。
reviewSettings	accessPackageAssignmentReviewSettings	设置通过此策略对分配进行访问评审。
specificAllowedTargets	subjectSet 集合	从此策略的访问包分配访问权限的目标。
accessPackage	accessPackage	对将包含必须已存在的策略的访问包的引用。

响应

如果成功，此方法在响应正文中返回 201 Created 响应代码和 accessPackageAssignmentPolicy 对象。

示例

示例 1：创建直接分配策略

当访问包分配请求仅由管理员而不是用户自己创建时，直接分配策略非常有用。

请求

以下示例演示创建访问包分配策略的请求。在此策略中，没有用户可以请求，也不需要审批，也没有访问评审。

POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentPolicies
Content-Type: application/json

{
  "displayName": "New Policy",
  "description": "policy for assignment",
  "allowedTargetScope": "notSpecified",
  "specificAllowedTargets": [],
  "expiration": {
      "endDateTime": null,
      "duration": null,
      "type": "noExpiration"
  },
  "requestorSettings": {
      "enableTargetsToSelfAddAccess": false,
      "enableTargetsToSelfUpdateAccess": false,
      "enableTargetsToSelfRemoveAccess": false,
      "allowCustomAssignmentSchedule": true,
      "enableOnBehalfRequestorsToAddAccess": false,
      "enableOnBehalfRequestorsToUpdateAccess": false,
      "enableOnBehalfRequestorsToRemoveAccess": false,
      "onBehalfRequestors": []
  },
  "requestApprovalSettings": {
      "isApprovalRequiredForAdd": false,
      "isApprovalRequiredForUpdate": false,
      "stages": []
  },
  "accessPackage": {
      "id": "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
  }
}


GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
    DisplayName = "New Policy",
    Description = "policy for assignment",
    AllowedTargetScope = AllowedTargetScope.NotSpecified,
    SpecificAllowedTargets = new List<SubjectSet>()
    {
    },
    Expiration = new ExpirationPattern
    {
        EndDateTime = null,
        Duration = null,
        Type = ExpirationPatternType.NoExpiration
    },
    RequestorSettings = new AccessPackageAssignmentRequestorSettings
    {
        EnableTargetsToSelfAddAccess = false,
        EnableTargetsToSelfUpdateAccess = false,
        EnableTargetsToSelfRemoveAccess = false,
        AllowCustomAssignmentSchedule = true,
        EnableOnBehalfRequestorsToAddAccess = false,
        EnableOnBehalfRequestorsToUpdateAccess = false,
        EnableOnBehalfRequestorsToRemoveAccess = false,
        OnBehalfRequestors = new List<SubjectSet>()
        {
        }
    },
    RequestApprovalSettings = new AccessPackageAssignmentApprovalSettings
    {
        IsApprovalRequiredForAdd = false,
        IsApprovalRequiredForUpdate = false,
        Stages = new List<AccessPackageApprovalStage>()
        {
        }
    },
    AccessPackage = new AccessPackage
    {
        Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
    }
};

await graphClient.IdentityGovernance.EntitlementManagement.AssignmentPolicies
    .Request()
    .AddAsync(accessPackageAssignmentPolicy);


const options = {
    authProvider,
};

const client = Client.init(options);

const accessPackageAssignmentPolicy = {
  displayName: 'New Policy',
  description: 'policy for assignment',
  allowedTargetScope: 'notSpecified',
  specificAllowedTargets: [],
  expiration: {
      endDateTime: null,
      duration: null,
      type: 'noExpiration'
  },
  requestorSettings: {
      enableTargetsToSelfAddAccess: false,
      enableTargetsToSelfUpdateAccess: false,
      enableTargetsToSelfRemoveAccess: false,
      allowCustomAssignmentSchedule: true,
      enableOnBehalfRequestorsToAddAccess: false,
      enableOnBehalfRequestorsToUpdateAccess: false,
      enableOnBehalfRequestorsToRemoveAccess: false,
      onBehalfRequestors: []
  },
  requestApprovalSettings: {
      isApprovalRequiredForAdd: false,
      isApprovalRequiredForUpdate: false,
      stages: []
  },
  accessPackage: {
      id: 'a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b'
  }
};

await client.api('/identityGovernance/entitlementManagement/assignmentPolicies')
    .post(accessPackageAssignmentPolicy);


MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];

NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/assignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];

MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setDisplayName:@"New Policy"];
[accessPackageAssignmentPolicy setDescription:@"policy for assignment"];
[accessPackageAssignmentPolicy setAllowedTargetScope: [MSGraphAllowedTargetScope notSpecified]];
NSMutableArray *specificAllowedTargetsList = [[NSMutableArray alloc] init];
[accessPackageAssignmentPolicy setSpecificAllowedTargets:specificAllowedTargetsList];
MSGraphExpirationPattern *expiration = [[MSGraphExpirationPattern alloc] init];
[expiration setEndDateTime: null];
[expiration setDuration: null];
[expiration setType: [MSGraphExpirationPatternType noExpiration]];
[accessPackageAssignmentPolicy setExpiration:expiration];
MSGraphAccessPackageAssignmentRequestorSettings *requestorSettings = [[MSGraphAccessPackageAssignmentRequestorSettings alloc] init];
[requestorSettings setEnableTargetsToSelfAddAccess: false];
[requestorSettings setEnableTargetsToSelfUpdateAccess: false];
[requestorSettings setEnableTargetsToSelfRemoveAccess: false];
[requestorSettings setAllowCustomAssignmentSchedule: true];
[requestorSettings setEnableOnBehalfRequestorsToAddAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToUpdateAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToRemoveAccess: false];
NSMutableArray *onBehalfRequestorsList = [[NSMutableArray alloc] init];
[requestorSettings setOnBehalfRequestors:onBehalfRequestorsList];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphAccessPackageAssignmentApprovalSettings *requestApprovalSettings = [[MSGraphAccessPackageAssignmentApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequiredForAdd: false];
[requestApprovalSettings setIsApprovalRequiredForUpdate: false];
NSMutableArray *stagesList = [[NSMutableArray alloc] init];
[requestApprovalSettings setStages:stagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];
MSGraphAccessPackage *accessPackage = [[MSGraphAccessPackage alloc] init];
[accessPackage setId:@"a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"];
[accessPackageAssignmentPolicy setAccessPackage:accessPackage];

NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];

MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest 
    completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {

        //Request Completed

}];

[meDataTask execute];


GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.displayName = "New Policy";
accessPackageAssignmentPolicy.description = "policy for assignment";
accessPackageAssignmentPolicy.allowedTargetScope = AllowedTargetScope.NOT_SPECIFIED;
LinkedList<SubjectSet> specificAllowedTargetsList = new LinkedList<SubjectSet>();
accessPackageAssignmentPolicy.specificAllowedTargets = specificAllowedTargetsList;
ExpirationPattern expiration = new ExpirationPattern();
expiration.endDateTime = OffsetDateTimeSerializer.deserialize("null");
expiration.duration = DatatypeFactory.newInstance().newDuration("null");
expiration.type = ExpirationPatternType.NO_EXPIRATION;
accessPackageAssignmentPolicy.expiration = expiration;
AccessPackageAssignmentRequestorSettings requestorSettings = new AccessPackageAssignmentRequestorSettings();
requestorSettings.enableTargetsToSelfAddAccess = false;
requestorSettings.enableTargetsToSelfUpdateAccess = false;
requestorSettings.enableTargetsToSelfRemoveAccess = false;
requestorSettings.allowCustomAssignmentSchedule = true;
requestorSettings.enableOnBehalfRequestorsToAddAccess = false;
requestorSettings.enableOnBehalfRequestorsToUpdateAccess = false;
requestorSettings.enableOnBehalfRequestorsToRemoveAccess = false;
LinkedList<SubjectSet> onBehalfRequestorsList = new LinkedList<SubjectSet>();
requestorSettings.onBehalfRequestors = onBehalfRequestorsList;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
AccessPackageAssignmentApprovalSettings requestApprovalSettings = new AccessPackageAssignmentApprovalSettings();
requestApprovalSettings.isApprovalRequiredForAdd = false;
requestApprovalSettings.isApprovalRequiredForUpdate = false;
LinkedList<AccessPackageApprovalStage> stagesList = new LinkedList<AccessPackageApprovalStage>();
requestApprovalSettings.stages = stagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;
AccessPackage accessPackage = new AccessPackage();
accessPackage.id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b";
accessPackageAssignmentPolicy.accessPackage = accessPackage;

graphClient.identityGovernance().entitlementManagement().assignmentPolicies()
    .buildRequest()
    .post(accessPackageAssignmentPolicy);


//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
displayName := "New Policy"
requestBody.SetDisplayName(&displayName)
description := "policy for assignment"
requestBody.SetDescription(&description)
allowedTargetScope := "notSpecified"
requestBody.SetAllowedTargetScope(&allowedTargetScope)
requestBody.SetSpecificAllowedTargets( []SubjectSet {
}
expiration := msgraphsdk.NewExpirationPattern()
requestBody.SetExpiration(expiration)
expiration.SetEndDateTime(nil)
expiration.SetDuration(nil)
type := "noExpiration"
expiration.SetType(&type)
requestorSettings := msgraphsdk.NewAccessPackageAssignmentRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
enableTargetsToSelfAddAccess := false
requestorSettings.SetEnableTargetsToSelfAddAccess(&enableTargetsToSelfAddAccess)
enableTargetsToSelfUpdateAccess := false
requestorSettings.SetEnableTargetsToSelfUpdateAccess(&enableTargetsToSelfUpdateAccess)
enableTargetsToSelfRemoveAccess := false
requestorSettings.SetEnableTargetsToSelfRemoveAccess(&enableTargetsToSelfRemoveAccess)
allowCustomAssignmentSchedule := true
requestorSettings.SetAllowCustomAssignmentSchedule(&allowCustomAssignmentSchedule)
enableOnBehalfRequestorsToAddAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToAddAccess(&enableOnBehalfRequestorsToAddAccess)
enableOnBehalfRequestorsToUpdateAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToUpdateAccess(&enableOnBehalfRequestorsToUpdateAccess)
enableOnBehalfRequestorsToRemoveAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToRemoveAccess(&enableOnBehalfRequestorsToRemoveAccess)
requestorSettings.SetOnBehalfRequestors( []SubjectSet {
}
requestApprovalSettings := msgraphsdk.NewAccessPackageAssignmentApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequiredForAdd := false
requestApprovalSettings.SetIsApprovalRequiredForAdd(&isApprovalRequiredForAdd)
isApprovalRequiredForUpdate := false
requestApprovalSettings.SetIsApprovalRequiredForUpdate(&isApprovalRequiredForUpdate)
requestApprovalSettings.SetStages( []AccessPackageApprovalStage {
}
accessPackage := msgraphsdk.NewAccessPackage()
requestBody.SetAccessPackage(accessPackage)
id := "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
accessPackage.SetId(&id)
result, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentPolicies().Post(requestBody)


Import-Module Microsoft.Graph.Identity.Governance

$params = @{
    DisplayName = "New Policy"
    Description = "policy for assignment"
    AllowedTargetScope = "notSpecified"
    SpecificAllowedTargets = @(
    )
    Expiration = @{
        EndDateTime = $null
        Duration = $null
        Type = "noExpiration"
    }
    RequestorSettings = @{
        EnableTargetsToSelfAddAccess = $false
        EnableTargetsToSelfUpdateAccess = $false
        EnableTargetsToSelfRemoveAccess = $false
        AllowCustomAssignmentSchedule = $true
        EnableOnBehalfRequestorsToAddAccess = $false
        EnableOnBehalfRequestorsToUpdateAccess = $false
        EnableOnBehalfRequestorsToRemoveAccess = $false
        OnBehalfRequestors = @(
        )
    }
    RequestApprovalSettings = @{
        IsApprovalRequiredForAdd = $false
        IsApprovalRequiredForUpdate = $false
        Stages = @(
        )
    }
    AccessPackage = @{
        Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
    }
}

New-MgEntitlementManagementAssignmentPolicy -BodyParameter $params

响应

HTTP/1.1 201 Created
Content-Type: application/json

{
  "id": "87e1c7f7-c7f7-87e1-f7c7-e187f7c7e187",
  "displayName": "New policy",
  "description": "policy for assignment"
}

示例 2：为其他组织的用户创建要请求的策略

下面的示例演示了一个更复杂的策略，其中包含两个阶段的审批和定期访问评审。

请求

POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentPolicies
Content-Type: application/json

{
    "displayName": "policy for external access requests",
    "description": "policy for users from connected organizations to request access, with two stages of approval.",
    "allowedTargetScope": "allConfiguredConnectedOrganizationUsers",
    "specificAllowedTargets": [],
    "expiration": {
        "type": "noExpiration"
    },
    "requestorSettings": {
        "enableTargetsToSelfAddAccess": true,
        "enableTargetsToSelfUpdateAccess": true,
        "enableTargetsToSelfRemoveAccess": true,
        "allowCustomAssignmentSchedule": false,
        "enableOnBehalfRequestorsToAddAccess": false,
        "enableOnBehalfRequestorsToUpdateAccess": false,
        "enableOnBehalfRequestorsToRemoveAccess": false,
        "onBehalfRequestors": []
    },
    "requestApprovalSettings": {
        "isApprovalRequiredForAdd": true,
        "isApprovalRequiredForUpdate": false,
        "stages": [
            {
                "durationBeforeAutomaticDenial": "P14D",
                "isApproverJustificationRequired": false,
                "isEscalationEnabled": false,
                "durationBeforeEscalation": "PT0S",
                "primaryApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.internalSponsors"
                    }
                ],
                "fallbackPrimaryApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.singleUser",
                        "userId": "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
                    },
                    {
                        "@odata.type": "#microsoft.graph.groupMembers",
                        "groupId": "1623f912-5e86-41c2-af47-39dd67582b66"
                    }
                ],
                "escalationApprovers": [],
                "fallbackEscalationApprovers": []
            },
            {
                "durationBeforeAutomaticDenial": "P14D",
                "isApproverJustificationRequired": false,
                "isEscalationEnabled": false,
                "durationBeforeEscalation": "PT0S",
                "primaryApprovers": [],
                "fallbackPrimaryApprovers": [
                    {
                        "@odata.type": "#microsoft.graph.singleUser",
                        "userId": "46184453-e63b-4f20-86c2-c557ed5d5df9"
                    },
                    {
                        "@odata.type": "#microsoft.graph.groupMembers",
                        "groupId": "1623f912-5e86-41c2-af47-39dd67582b66"
                    }
                ],
                "escalationApprovers": [],
                "fallbackEscalationApprovers": []
            }
        ]
    },
    "reviewSettings": {
        "isEnabled": true,
        "expirationBehavior": "keepAccess",
        "isRecommendationEnabled": true,
        "isReviewerJustificationRequired": true,
        "isSelfReview": false,
        "schedule": {
            "startDateTime": "2022-07-02T06:59:59.998Z",
            "expiration": {
                "duration": "P14D",
                "type": "afterDuration"
            },
            "recurrence": {
                "pattern": {
                    "type": "absoluteMonthly",
                    "interval": 3,
                    "month": 0,
                    "dayOfMonth": 0,
                    "daysOfWeek": []
                },
                "range": {
                    "type": "noEnd",
                    "numberOfOccurrences": 0
                }
            }
        },
        "primaryReviewers": [
            {
                "@odata.type": "#microsoft.graph.groupMembers",
                "groupId": "1623f912-5e86-41c2-af47-39dd67582b66"
            }
        ],
        "fallbackReviewers": []
    },
    "accessPackage": {
        "id": "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
    }
}


GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy
{
    DisplayName = "policy for external access requests",
    Description = "policy for users from connected organizations to request access, with two stages of approval.",
    AllowedTargetScope = AllowedTargetScope.AllConfiguredConnectedOrganizationUsers,
    SpecificAllowedTargets = new List<SubjectSet>()
    {
    },
    Expiration = new ExpirationPattern
    {
        Type = ExpirationPatternType.NoExpiration
    },
    RequestorSettings = new AccessPackageAssignmentRequestorSettings
    {
        EnableTargetsToSelfAddAccess = true,
        EnableTargetsToSelfUpdateAccess = true,
        EnableTargetsToSelfRemoveAccess = true,
        AllowCustomAssignmentSchedule = false,
        EnableOnBehalfRequestorsToAddAccess = false,
        EnableOnBehalfRequestorsToUpdateAccess = false,
        EnableOnBehalfRequestorsToRemoveAccess = false,
        OnBehalfRequestors = new List<SubjectSet>()
        {
        }
    },
    RequestApprovalSettings = new AccessPackageAssignmentApprovalSettings
    {
        IsApprovalRequiredForAdd = true,
        IsApprovalRequiredForUpdate = false,
        Stages = new List<AccessPackageApprovalStage>()
        {
            new AccessPackageApprovalStage
            {
                DurationBeforeAutomaticDenial = new Duration("P14D"),
                IsApproverJustificationRequired = false,
                IsEscalationEnabled = false,
                DurationBeforeEscalation = new Duration("PT0S"),
                PrimaryApprovers = new List<SubjectSet>()
                {
                    new InternalSponsors
                    {
                    }
                },
                FallbackPrimaryApprovers = new List<SubjectSet>()
                {
                    new SingleUser
                    {
                        UserId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
                    },
                    new GroupMembers
                    {
                        GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
                    }
                },
                EscalationApprovers = new List<SubjectSet>()
                {
                },
                FallbackEscalationApprovers = new List<SubjectSet>()
                {
                }
            },
            new AccessPackageApprovalStage
            {
                DurationBeforeAutomaticDenial = new Duration("P14D"),
                IsApproverJustificationRequired = false,
                IsEscalationEnabled = false,
                DurationBeforeEscalation = new Duration("PT0S"),
                PrimaryApprovers = new List<SubjectSet>()
                {
                },
                FallbackPrimaryApprovers = new List<SubjectSet>()
                {
                    new SingleUser
                    {
                        UserId = "46184453-e63b-4f20-86c2-c557ed5d5df9"
                    },
                    new GroupMembers
                    {
                        GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
                    }
                },
                EscalationApprovers = new List<SubjectSet>()
                {
                },
                FallbackEscalationApprovers = new List<SubjectSet>()
                {
                }
            }
        }
    },
    ReviewSettings = new AccessPackageAssignmentReviewSettings
    {
        IsEnabled = true,
        ExpirationBehavior = AccessReviewExpirationBehavior.KeepAccess,
        IsRecommendationEnabled = true,
        IsReviewerJustificationRequired = true,
        IsSelfReview = false,
        Schedule = new EntitlementManagementSchedule
        {
            StartDateTime = DateTimeOffset.Parse("2022-07-02T06:59:59.998Z"),
            Expiration = new ExpirationPattern
            {
                Duration = new Duration("P14D"),
                Type = ExpirationPatternType.AfterDuration
            },
            Recurrence = new PatternedRecurrence
            {
                Pattern = new RecurrencePattern
                {
                    Type = RecurrencePatternType.AbsoluteMonthly,
                    Interval = 3,
                    Month = 0,
                    DayOfMonth = 0,
                    DaysOfWeek = new List<DayOfWeek>()
                    {
                    }
                },
                Range = new RecurrenceRange
                {
                    Type = RecurrenceRangeType.NoEnd,
                    NumberOfOccurrences = 0
                }
            }
        },
        PrimaryReviewers = new List<SubjectSet>()
        {
            new GroupMembers
            {
                GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
            }
        },
        FallbackReviewers = new List<SubjectSet>()
        {
        }
    },
    AccessPackage = new AccessPackage
    {
        Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
    }
};

await graphClient.IdentityGovernance.EntitlementManagement.AssignmentPolicies
    .Request()
    .AddAsync(accessPackageAssignmentPolicy);


const options = {
    authProvider,
};

const client = Client.init(options);

const accessPackageAssignmentPolicy = {
    displayName: 'policy for external access requests',
    description: 'policy for users from connected organizations to request access, with two stages of approval.',
    allowedTargetScope: 'allConfiguredConnectedOrganizationUsers',
    specificAllowedTargets: [],
    expiration: {
        type: 'noExpiration'
    },
    requestorSettings: {
        enableTargetsToSelfAddAccess: true,
        enableTargetsToSelfUpdateAccess: true,
        enableTargetsToSelfRemoveAccess: true,
        allowCustomAssignmentSchedule: false,
        enableOnBehalfRequestorsToAddAccess: false,
        enableOnBehalfRequestorsToUpdateAccess: false,
        enableOnBehalfRequestorsToRemoveAccess: false,
        onBehalfRequestors: []
    },
    requestApprovalSettings: {
        isApprovalRequiredForAdd: true,
        isApprovalRequiredForUpdate: false,
        stages: [
            {
                durationBeforeAutomaticDenial: 'P14D',
                isApproverJustificationRequired: false,
                isEscalationEnabled: false,
                durationBeforeEscalation: 'PT0S',
                primaryApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.internalSponsors'
                    }
                ],
                fallbackPrimaryApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.singleUser',
                        userId: '7deff43e-1f17-44ef-9e5f-d516b0ba11d4'
                    },
                    {
                        '@odata.type': '#microsoft.graph.groupMembers',
                        groupId: '1623f912-5e86-41c2-af47-39dd67582b66'
                    }
                ],
                escalationApprovers: [],
                fallbackEscalationApprovers: []
            },
            {
                durationBeforeAutomaticDenial: 'P14D',
                isApproverJustificationRequired: false,
                isEscalationEnabled: false,
                durationBeforeEscalation: 'PT0S',
                primaryApprovers: [],
                fallbackPrimaryApprovers: [
                    {
                        '@odata.type': '#microsoft.graph.singleUser',
                        userId: '46184453-e63b-4f20-86c2-c557ed5d5df9'
                    },
                    {
                        '@odata.type': '#microsoft.graph.groupMembers',
                        groupId: '1623f912-5e86-41c2-af47-39dd67582b66'
                    }
                ],
                escalationApprovers: [],
                fallbackEscalationApprovers: []
            }
        ]
    },
    reviewSettings: {
        isEnabled: true,
        expirationBehavior: 'keepAccess',
        isRecommendationEnabled: true,
        isReviewerJustificationRequired: true,
        isSelfReview: false,
        schedule: {
            startDateTime: '2022-07-02T06:59:59.998Z',
            expiration: {
                duration: 'P14D',
                type: 'afterDuration'
            },
            recurrence: {
                pattern: {
                    type: 'absoluteMonthly',
                    interval: 3,
                    month: 0,
                    dayOfMonth: 0,
                    daysOfWeek: []
                },
                range: {
                    type: 'noEnd',
                    numberOfOccurrences: 0
                }
            }
        },
        primaryReviewers: [
            {
                '@odata.type': '#microsoft.graph.groupMembers',
                groupId: '1623f912-5e86-41c2-af47-39dd67582b66'
            }
        ],
        fallbackReviewers: []
    },
    accessPackage: {
        id: 'a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b'
    }
};

await client.api('/identityGovernance/entitlementManagement/assignmentPolicies')
    .post(accessPackageAssignmentPolicy);


MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];

NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identityGovernance/entitlementManagement/assignmentPolicies"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];

MSGraphAccessPackageAssignmentPolicy *accessPackageAssignmentPolicy = [[MSGraphAccessPackageAssignmentPolicy alloc] init];
[accessPackageAssignmentPolicy setDisplayName:@"policy for external access requests"];
[accessPackageAssignmentPolicy setDescription:@"policy for users from connected organizations to request access, with two stages of approval."];
[accessPackageAssignmentPolicy setAllowedTargetScope: [MSGraphAllowedTargetScope allConfiguredConnectedOrganizationUsers]];
NSMutableArray *specificAllowedTargetsList = [[NSMutableArray alloc] init];
[accessPackageAssignmentPolicy setSpecificAllowedTargets:specificAllowedTargetsList];
MSGraphExpirationPattern *expiration = [[MSGraphExpirationPattern alloc] init];
[expiration setType: [MSGraphExpirationPatternType noExpiration]];
[accessPackageAssignmentPolicy setExpiration:expiration];
MSGraphAccessPackageAssignmentRequestorSettings *requestorSettings = [[MSGraphAccessPackageAssignmentRequestorSettings alloc] init];
[requestorSettings setEnableTargetsToSelfAddAccess: true];
[requestorSettings setEnableTargetsToSelfUpdateAccess: true];
[requestorSettings setEnableTargetsToSelfRemoveAccess: true];
[requestorSettings setAllowCustomAssignmentSchedule: false];
[requestorSettings setEnableOnBehalfRequestorsToAddAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToUpdateAccess: false];
[requestorSettings setEnableOnBehalfRequestorsToRemoveAccess: false];
NSMutableArray *onBehalfRequestorsList = [[NSMutableArray alloc] init];
[requestorSettings setOnBehalfRequestors:onBehalfRequestorsList];
[accessPackageAssignmentPolicy setRequestorSettings:requestorSettings];
MSGraphAccessPackageAssignmentApprovalSettings *requestApprovalSettings = [[MSGraphAccessPackageAssignmentApprovalSettings alloc] init];
[requestApprovalSettings setIsApprovalRequiredForAdd: true];
[requestApprovalSettings setIsApprovalRequiredForUpdate: false];
NSMutableArray *stagesList = [[NSMutableArray alloc] init];
MSGraphAccessPackageApprovalStage *stages = [[MSGraphAccessPackageApprovalStage alloc] init];
[stages setDurationBeforeAutomaticDenial:@"P14D"];
[stages setIsApproverJustificationRequired: false];
[stages setIsEscalationEnabled: false];
[stages setDurationBeforeEscalation:@"PT0S"];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
MSGraphSubjectSet *primaryApprovers = [[MSGraphSubjectSet alloc] init];
[primaryApproversList addObject: primaryApprovers];
[stages setPrimaryApprovers:primaryApproversList];
NSMutableArray *fallbackPrimaryApproversList = [[NSMutableArray alloc] init];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setUserId:@"7deff43e-1f17-44ef-9e5f-d516b0ba11d4"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setGroupId:@"1623f912-5e86-41c2-af47-39dd67582b66"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
[stages setFallbackPrimaryApprovers:fallbackPrimaryApproversList];
NSMutableArray *escalationApproversList = [[NSMutableArray alloc] init];
[stages setEscalationApprovers:escalationApproversList];
NSMutableArray *fallbackEscalationApproversList = [[NSMutableArray alloc] init];
[stages setFallbackEscalationApprovers:fallbackEscalationApproversList];
[stagesList addObject: stages];
MSGraphAccessPackageApprovalStage *stages = [[MSGraphAccessPackageApprovalStage alloc] init];
[stages setDurationBeforeAutomaticDenial:@"P14D"];
[stages setIsApproverJustificationRequired: false];
[stages setIsEscalationEnabled: false];
[stages setDurationBeforeEscalation:@"PT0S"];
NSMutableArray *primaryApproversList = [[NSMutableArray alloc] init];
[stages setPrimaryApprovers:primaryApproversList];
NSMutableArray *fallbackPrimaryApproversList = [[NSMutableArray alloc] init];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setUserId:@"46184453-e63b-4f20-86c2-c557ed5d5df9"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
MSGraphSubjectSet *fallbackPrimaryApprovers = [[MSGraphSubjectSet alloc] init];
[fallbackPrimaryApprovers setGroupId:@"1623f912-5e86-41c2-af47-39dd67582b66"];
[fallbackPrimaryApproversList addObject: fallbackPrimaryApprovers];
[stages setFallbackPrimaryApprovers:fallbackPrimaryApproversList];
NSMutableArray *escalationApproversList = [[NSMutableArray alloc] init];
[stages setEscalationApprovers:escalationApproversList];
NSMutableArray *fallbackEscalationApproversList = [[NSMutableArray alloc] init];
[stages setFallbackEscalationApprovers:fallbackEscalationApproversList];
[stagesList addObject: stages];
[requestApprovalSettings setStages:stagesList];
[accessPackageAssignmentPolicy setRequestApprovalSettings:requestApprovalSettings];
MSGraphAccessPackage *accessPackage = [[MSGraphAccessPackage alloc] init];
[accessPackage setId:@"a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"];
[accessPackageAssignmentPolicy setAccessPackage:accessPackage];

NSError *error;
NSData *accessPackageAssignmentPolicyData = [accessPackageAssignmentPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:accessPackageAssignmentPolicyData];

MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest 
    completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {

        //Request Completed

}];

[meDataTask execute];


GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

AccessPackageAssignmentPolicy accessPackageAssignmentPolicy = new AccessPackageAssignmentPolicy();
accessPackageAssignmentPolicy.displayName = "policy for external access requests";
accessPackageAssignmentPolicy.description = "policy for users from connected organizations to request access, with two stages of approval.";
accessPackageAssignmentPolicy.allowedTargetScope = AllowedTargetScope.ALL_CONFIGURED_CONNECTED_ORGANIZATION_USERS;
LinkedList<SubjectSet> specificAllowedTargetsList = new LinkedList<SubjectSet>();
accessPackageAssignmentPolicy.specificAllowedTargets = specificAllowedTargetsList;
ExpirationPattern expiration = new ExpirationPattern();
expiration.type = ExpirationPatternType.NO_EXPIRATION;
accessPackageAssignmentPolicy.expiration = expiration;
AccessPackageAssignmentRequestorSettings requestorSettings = new AccessPackageAssignmentRequestorSettings();
requestorSettings.enableTargetsToSelfAddAccess = true;
requestorSettings.enableTargetsToSelfUpdateAccess = true;
requestorSettings.enableTargetsToSelfRemoveAccess = true;
requestorSettings.allowCustomAssignmentSchedule = false;
requestorSettings.enableOnBehalfRequestorsToAddAccess = false;
requestorSettings.enableOnBehalfRequestorsToUpdateAccess = false;
requestorSettings.enableOnBehalfRequestorsToRemoveAccess = false;
LinkedList<SubjectSet> onBehalfRequestorsList = new LinkedList<SubjectSet>();
requestorSettings.onBehalfRequestors = onBehalfRequestorsList;
accessPackageAssignmentPolicy.requestorSettings = requestorSettings;
AccessPackageAssignmentApprovalSettings requestApprovalSettings = new AccessPackageAssignmentApprovalSettings();
requestApprovalSettings.isApprovalRequiredForAdd = true;
requestApprovalSettings.isApprovalRequiredForUpdate = false;
LinkedList<AccessPackageApprovalStage> stagesList = new LinkedList<AccessPackageApprovalStage>();
AccessPackageApprovalStage stages = new AccessPackageApprovalStage();
stages.durationBeforeAutomaticDenial = DatatypeFactory.newInstance().newDuration("P14D");
stages.isApproverJustificationRequired = false;
stages.isEscalationEnabled = false;
stages.durationBeforeEscalation = DatatypeFactory.newInstance().newDuration("PT0S");
LinkedList<SubjectSet> primaryApproversList = new LinkedList<SubjectSet>();
InternalSponsors primaryApprovers = new InternalSponsors();
primaryApproversList.add(primaryApprovers);
stages.primaryApprovers = primaryApproversList;
LinkedList<SubjectSet> fallbackPrimaryApproversList = new LinkedList<SubjectSet>();
SingleUser fallbackPrimaryApprovers = new SingleUser();
fallbackPrimaryApprovers.userId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4";
fallbackPrimaryApproversList.add(fallbackPrimaryApprovers);
GroupMembers fallbackPrimaryApprovers1 = new GroupMembers();
fallbackPrimaryApprovers1.groupId = "1623f912-5e86-41c2-af47-39dd67582b66";
fallbackPrimaryApproversList.add(fallbackPrimaryApprovers1);
stages.fallbackPrimaryApprovers = fallbackPrimaryApproversList;
LinkedList<SubjectSet> escalationApproversList = new LinkedList<SubjectSet>();
stages.escalationApprovers = escalationApproversList;
LinkedList<SubjectSet> fallbackEscalationApproversList = new LinkedList<SubjectSet>();
stages.fallbackEscalationApprovers = fallbackEscalationApproversList;
stagesList.add(stages);
AccessPackageApprovalStage stages1 = new AccessPackageApprovalStage();
stages1.durationBeforeAutomaticDenial = DatatypeFactory.newInstance().newDuration("P14D");
stages1.isApproverJustificationRequired = false;
stages1.isEscalationEnabled = false;
stages1.durationBeforeEscalation = DatatypeFactory.newInstance().newDuration("PT0S");
LinkedList<SubjectSet> primaryApproversList1 = new LinkedList<SubjectSet>();
stages1.primaryApprovers = primaryApproversList1;
LinkedList<SubjectSet> fallbackPrimaryApproversList1 = new LinkedList<SubjectSet>();
SingleUser fallbackPrimaryApprovers2 = new SingleUser();
fallbackPrimaryApprovers2.userId = "46184453-e63b-4f20-86c2-c557ed5d5df9";
fallbackPrimaryApproversList1.add(fallbackPrimaryApprovers2);
GroupMembers fallbackPrimaryApprovers3 = new GroupMembers();
fallbackPrimaryApprovers3.groupId = "1623f912-5e86-41c2-af47-39dd67582b66";
fallbackPrimaryApproversList1.add(fallbackPrimaryApprovers3);
stages1.fallbackPrimaryApprovers = fallbackPrimaryApproversList1;
LinkedList<SubjectSet> escalationApproversList1 = new LinkedList<SubjectSet>();
stages1.escalationApprovers = escalationApproversList1;
LinkedList<SubjectSet> fallbackEscalationApproversList1 = new LinkedList<SubjectSet>();
stages1.fallbackEscalationApprovers = fallbackEscalationApproversList1;
stagesList.add(stages1);
requestApprovalSettings.stages = stagesList;
accessPackageAssignmentPolicy.requestApprovalSettings = requestApprovalSettings;
AccessPackageAssignmentReviewSettings reviewSettings = new AccessPackageAssignmentReviewSettings();
reviewSettings.isEnabled = true;
reviewSettings.expirationBehavior = AccessReviewExpirationBehavior.KEEP_ACCESS;
reviewSettings.isRecommendationEnabled = true;
reviewSettings.isReviewerJustificationRequired = true;
reviewSettings.isSelfReview = false;
EntitlementManagementSchedule schedule = new EntitlementManagementSchedule();
schedule.startDateTime = OffsetDateTimeSerializer.deserialize("2022-07-02T06:59:59.998Z");
ExpirationPattern expiration1 = new ExpirationPattern();
expiration1.duration = DatatypeFactory.newInstance().newDuration("P14D");
expiration1.type = ExpirationPatternType.AFTER_DURATION;
schedule.expiration = expiration1;
PatternedRecurrence recurrence = new PatternedRecurrence();
RecurrencePattern pattern = new RecurrencePattern();
pattern.type = RecurrencePatternType.ABSOLUTE_MONTHLY;
pattern.interval = 3;
pattern.month = 0;
pattern.dayOfMonth = 0;
LinkedList<DayOfWeek> daysOfWeekList = new LinkedList<DayOfWeek>();
pattern.daysOfWeek = daysOfWeekList;
recurrence.pattern = pattern;
RecurrenceRange range = new RecurrenceRange();
range.type = RecurrenceRangeType.NO_END;
range.numberOfOccurrences = 0;
recurrence.range = range;
schedule.recurrence = recurrence;
reviewSettings.schedule = schedule;
LinkedList<SubjectSet> primaryReviewersList = new LinkedList<SubjectSet>();
GroupMembers primaryReviewers = new GroupMembers();
primaryReviewers.groupId = "1623f912-5e86-41c2-af47-39dd67582b66";
primaryReviewersList.add(primaryReviewers);
reviewSettings.primaryReviewers = primaryReviewersList;
LinkedList<SubjectSet> fallbackReviewersList = new LinkedList<SubjectSet>();
reviewSettings.fallbackReviewers = fallbackReviewersList;
accessPackageAssignmentPolicy.reviewSettings = reviewSettings;
AccessPackage accessPackage = new AccessPackage();
accessPackage.id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b";
accessPackageAssignmentPolicy.accessPackage = accessPackage;

graphClient.identityGovernance().entitlementManagement().assignmentPolicies()
    .buildRequest()
    .post(accessPackageAssignmentPolicy);


Import-Module Microsoft.Graph.Identity.Governance

$params = @{
    DisplayName = "policy for external access requests"
    Description = "policy for users from connected organizations to request access, with two stages of approval."
    AllowedTargetScope = "allConfiguredConnectedOrganizationUsers"
    SpecificAllowedTargets = @(
    )
    Expiration = @{
        Type = "noExpiration"
    }
    RequestorSettings = @{
        EnableTargetsToSelfAddAccess = $true
        EnableTargetsToSelfUpdateAccess = $true
        EnableTargetsToSelfRemoveAccess = $true
        AllowCustomAssignmentSchedule = $false
        EnableOnBehalfRequestorsToAddAccess = $false
        EnableOnBehalfRequestorsToUpdateAccess = $false
        EnableOnBehalfRequestorsToRemoveAccess = $false
        OnBehalfRequestors = @(
        )
    }
    RequestApprovalSettings = @{
        IsApprovalRequiredForAdd = $true
        IsApprovalRequiredForUpdate = $false
        Stages = @(
            @{
                DurationBeforeAutomaticDenial = "P14D"
                IsApproverJustificationRequired = $false
                IsEscalationEnabled = $false
                DurationBeforeEscalation = "PT0S"
                PrimaryApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.internalSponsors"
                    }
                )
                FallbackPrimaryApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.singleUser"
                        UserId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
                    }
                    @{
                        "@odata.type" = "#microsoft.graph.groupMembers"
                        GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
                    }
                )
                EscalationApprovers = @(
                )
                FallbackEscalationApprovers = @(
                )
            }
            @{
                DurationBeforeAutomaticDenial = "P14D"
                IsApproverJustificationRequired = $false
                IsEscalationEnabled = $false
                DurationBeforeEscalation = "PT0S"
                PrimaryApprovers = @(
                )
                FallbackPrimaryApprovers = @(
                    @{
                        "@odata.type" = "#microsoft.graph.singleUser"
                        UserId = "46184453-e63b-4f20-86c2-c557ed5d5df9"
                    }
                    @{
                        "@odata.type" = "#microsoft.graph.groupMembers"
                        GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
                    }
                )
                EscalationApprovers = @(
                )
                FallbackEscalationApprovers = @(
                )
            }
        )
    }
    ReviewSettings = @{
        IsEnabled = $true
        ExpirationBehavior = "keepAccess"
        IsRecommendationEnabled = $true
        IsReviewerJustificationRequired = $true
        IsSelfReview = $false
        Schedule = @{
            StartDateTime = [System.DateTime]::Parse("2022-07-02T06:59:59.998Z")
            Expiration = @{
                Duration = "P14D"
                Type = "afterDuration"
            }
            Recurrence = @{
                Pattern = @{
                    Type = "absoluteMonthly"
                    Interval = 3
                    Month = 0
                    DayOfMonth = 0
                    DaysOfWeek = @(
                    )
                }
                Range = @{
                    Type = "noEnd"
                    NumberOfOccurrences = 0
                }
            }
        }
        PrimaryReviewers = @(
            @{
                "@odata.type" = "#microsoft.graph.groupMembers"
                GroupId = "1623f912-5e86-41c2-af47-39dd67582b66"
            }
        )
        FallbackReviewers = @(
        )
    }
    AccessPackage = @{
        Id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
    }
}

New-MgEntitlementManagementAssignmentPolicy -BodyParameter $params


//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)

requestBody := msgraphsdk.NewAccessPackageAssignmentPolicy()
displayName := "policy for external access requests"
requestBody.SetDisplayName(&displayName)
description := "policy for users from connected organizations to request access, with two stages of approval."
requestBody.SetDescription(&description)
allowedTargetScope := "allConfiguredConnectedOrganizationUsers"
requestBody.SetAllowedTargetScope(&allowedTargetScope)
requestBody.SetSpecificAllowedTargets( []SubjectSet {
}
expiration := msgraphsdk.NewExpirationPattern()
requestBody.SetExpiration(expiration)
type := "noExpiration"
expiration.SetType(&type)
requestorSettings := msgraphsdk.NewAccessPackageAssignmentRequestorSettings()
requestBody.SetRequestorSettings(requestorSettings)
enableTargetsToSelfAddAccess := true
requestorSettings.SetEnableTargetsToSelfAddAccess(&enableTargetsToSelfAddAccess)
enableTargetsToSelfUpdateAccess := true
requestorSettings.SetEnableTargetsToSelfUpdateAccess(&enableTargetsToSelfUpdateAccess)
enableTargetsToSelfRemoveAccess := true
requestorSettings.SetEnableTargetsToSelfRemoveAccess(&enableTargetsToSelfRemoveAccess)
allowCustomAssignmentSchedule := false
requestorSettings.SetAllowCustomAssignmentSchedule(&allowCustomAssignmentSchedule)
enableOnBehalfRequestorsToAddAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToAddAccess(&enableOnBehalfRequestorsToAddAccess)
enableOnBehalfRequestorsToUpdateAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToUpdateAccess(&enableOnBehalfRequestorsToUpdateAccess)
enableOnBehalfRequestorsToRemoveAccess := false
requestorSettings.SetEnableOnBehalfRequestorsToRemoveAccess(&enableOnBehalfRequestorsToRemoveAccess)
requestorSettings.SetOnBehalfRequestors( []SubjectSet {
}
requestApprovalSettings := msgraphsdk.NewAccessPackageAssignmentApprovalSettings()
requestBody.SetRequestApprovalSettings(requestApprovalSettings)
isApprovalRequiredForAdd := true
requestApprovalSettings.SetIsApprovalRequiredForAdd(&isApprovalRequiredForAdd)
isApprovalRequiredForUpdate := false
requestApprovalSettings.SetIsApprovalRequiredForUpdate(&isApprovalRequiredForUpdate)
requestApprovalSettings.SetStages( []AccessPackageApprovalStage {
    msgraphsdk.NewAccessPackageApprovalStage(),
durationBeforeAutomaticDenial := "P14D"
    SetDurationBeforeAutomaticDenial(&durationBeforeAutomaticDenial)
isApproverJustificationRequired := false
    SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := false
    SetIsEscalationEnabled(&isEscalationEnabled)
durationBeforeEscalation := "PT0S"
    SetDurationBeforeEscalation(&durationBeforeEscalation)
    SetPrimaryApprovers( []SubjectSet {
        msgraphsdk.NewSubjectSet(),
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.internalSponsors",
        }
    }
    SetFallbackPrimaryApprovers( []SubjectSet {
        msgraphsdk.NewSubjectSet(),
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.singleUser",
            "userId": "7deff43e-1f17-44ef-9e5f-d516b0ba11d4",
        }
        msgraphsdk.NewSubjectSet(),
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.groupMembers",
            "groupId": "1623f912-5e86-41c2-af47-39dd67582b66",
        }
    }
    SetEscalationApprovers( []SubjectSet {
    }
    SetFallbackEscalationApprovers( []SubjectSet {
    }
    msgraphsdk.NewAccessPackageApprovalStage(),
durationBeforeAutomaticDenial := "P14D"
    SetDurationBeforeAutomaticDenial(&durationBeforeAutomaticDenial)
isApproverJustificationRequired := false
    SetIsApproverJustificationRequired(&isApproverJustificationRequired)
isEscalationEnabled := false
    SetIsEscalationEnabled(&isEscalationEnabled)
durationBeforeEscalation := "PT0S"
    SetDurationBeforeEscalation(&durationBeforeEscalation)
    SetPrimaryApprovers( []SubjectSet {
    }
    SetFallbackPrimaryApprovers( []SubjectSet {
        msgraphsdk.NewSubjectSet(),
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.singleUser",
            "userId": "46184453-e63b-4f20-86c2-c557ed5d5df9",
        }
        msgraphsdk.NewSubjectSet(),
        SetAdditionalData(map[string]interface{}{
            "@odata.type": "#microsoft.graph.groupMembers",
            "groupId": "1623f912-5e86-41c2-af47-39dd67582b66",
        }
    }
    SetEscalationApprovers( []SubjectSet {
    }
    SetFallbackEscalationApprovers( []SubjectSet {
    }
}
reviewSettings := msgraphsdk.NewAccessPackageAssignmentReviewSettings()
requestBody.SetReviewSettings(reviewSettings)
isEnabled := true
reviewSettings.SetIsEnabled(&isEnabled)
expirationBehavior := "keepAccess"
reviewSettings.SetExpirationBehavior(&expirationBehavior)
isRecommendationEnabled := true
reviewSettings.SetIsRecommendationEnabled(&isRecommendationEnabled)
isReviewerJustificationRequired := true
reviewSettings.SetIsReviewerJustificationRequired(&isReviewerJustificationRequired)
isSelfReview := false
reviewSettings.SetIsSelfReview(&isSelfReview)
schedule := msgraphsdk.NewEntitlementManagementSchedule()
reviewSettings.SetSchedule(schedule)
startDateTime, err := time.Parse(time.RFC3339, "2022-07-02T06:59:59.998Z")
schedule.SetStartDateTime(&startDateTime)
expiration := msgraphsdk.NewExpirationPattern()
schedule.SetExpiration(expiration)
duration := "P14D"
expiration.SetDuration(&duration)
type := "afterDuration"
expiration.SetType(&type)
recurrence := msgraphsdk.NewPatternedRecurrence()
schedule.SetRecurrence(recurrence)
pattern := msgraphsdk.NewRecurrencePattern()
recurrence.SetPattern(pattern)
type := "absoluteMonthly"
pattern.SetType(&type)
interval := int32(3)
pattern.SetInterval(&interval)
month := int32(0)
pattern.SetMonth(&month)
dayOfMonth := int32(0)
pattern.SetDayOfMonth(&dayOfMonth)
pattern.SetDaysOfWeek( []DayOfWeek {
}
range := msgraphsdk.NewRecurrenceRange()
recurrence.SetRange(range)
type := "noEnd"
range.SetType(&type)
numberOfOccurrences := int32(0)
range.SetNumberOfOccurrences(&numberOfOccurrences)
reviewSettings.SetPrimaryReviewers( []SubjectSet {
    msgraphsdk.NewSubjectSet(),
    SetAdditionalData(map[string]interface{}{
        "@odata.type": "#microsoft.graph.groupMembers",
        "groupId": "1623f912-5e86-41c2-af47-39dd67582b66",
    }
}
reviewSettings.SetFallbackReviewers( []SubjectSet {
}
accessPackage := msgraphsdk.NewAccessPackage()
requestBody.SetAccessPackage(accessPackage)
id := "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
accessPackage.SetId(&id)
result, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentPolicies().Post(requestBody)

响应

HTTP/1.1 201 Created
Content-Type: application/json

{
  "id": "9d8f2361-39be-482e-b267-34ad6baef4d3",
    "displayName": "policy for external access requests",
    "description": "policy for users from connected organizations to request access, with two stages of approval."
}