创建 privilegedApproval
命名空间:microsoft.graph
重要
Microsoft Graph版本下的 /beta API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
注意
2021 年 5 月 31 日,已弃用适用于 Azure Active Directory (Azure AD) 角色的 Privileged Identity Management (PIM) API 版本,并停止返回数据。 使用新的 角色管理 API。
使用此 API 创建新的 PrivilegedApproval。
权限
要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限。
| 权限类型 |
权限(从最低特权到最高特权) |
| 委派(工作或学校帐户) |
Directory.AccessAsUser.All |
| 委派(个人 Microsoft 帐户) |
不支持。 |
| 应用程序 |
不支持。 |
HTTP 请求
POST /privilegedApproval
| 名称 |
说明 |
| Authorization |
Bearer {token}。必需。 |
请求正文
在请求正文中,提供 privilegedApproval 对象的 JSON 表示形式。
响应
如果成功,此方法在响应正文中返回 201 Created 响应代码和 privilegedApproval 对象。
请注意,租户需要注册到 PIM。 否则,将返回 HTTP 403 禁止的状态代码。
示例
请求
下面是一个请求示例。
POST https://graph.microsoft.com/beta/privilegedApproval
Content-type: application/json
{
"userId": "userId-value",
"roleId": "roleId-value",
"approvalType": "approvalType-value",
"approvalState": "approvalState-value",
"approvalDuration": "datetime-value"
}
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var privilegedApproval = new PrivilegedApproval
{
UserId = "userId-value",
RoleId = "roleId-value",
ApprovalType = "approvalType-value",
ApprovalState = ApprovalState.Pending,
ApprovalDuration = new Duration("datetime-value")
};
await graphClient.PrivilegedApproval
.Request()
.AddAsync(privilegedApproval);
const options = {
authProvider,
};
const client = Client.init(options);
const privilegedApproval = {
userId: 'userId-value',
roleId: 'roleId-value',
approvalType: 'approvalType-value',
approvalState: 'approvalState-value',
approvalDuration: 'datetime-value'
};
await client.api('/privilegedApproval')
.version('beta')
.post(privilegedApproval);
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/privilegedApproval"]]];
[urlRequest setHTTPMethod:@"POST"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphPrivilegedApproval *privilegedApproval = [[MSGraphPrivilegedApproval alloc] init];
[privilegedApproval setUserId:@"userId-value"];
[privilegedApproval setRoleId:@"roleId-value"];
[privilegedApproval setApprovalType:@"approvalType-value"];
[privilegedApproval setApprovalState: [MSGraphApprovalState pending]];
[privilegedApproval setApprovalDuration:@"datetime-value"];
NSError *error;
NSData *privilegedApprovalData = [privilegedApproval getSerializedDataWithError:&error];
[urlRequest setHTTPBody:privilegedApprovalData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
PrivilegedApproval privilegedApproval = new PrivilegedApproval();
privilegedApproval.userId = "userId-value";
privilegedApproval.roleId = "roleId-value";
privilegedApproval.approvalType = "approvalType-value";
privilegedApproval.approvalState = ApprovalState.PENDING;
privilegedApproval.approvalDuration = DatatypeFactory.newInstance().newDuration("datetime-value");
graphClient.privilegedApproval()
.buildRequest()
.post(privilegedApproval);
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewPrivilegedApproval()
userId := "userId-value"
requestBody.SetUserId(&userId)
roleId := "roleId-value"
requestBody.SetRoleId(&roleId)
approvalType := "approvalType-value"
requestBody.SetApprovalType(&approvalType)
approvalState := "approvalState-value"
requestBody.SetApprovalState(&approvalState)
approvalDuration := "datetime-value"
requestBody.SetApprovalDuration(&approvalDuration)
result, err := graphClient.PrivilegedApproval().Post(requestBody)
Import-Module Microsoft.Graph.Identity.Governance
$params = @{
UserId = "userId-value"
RoleId = "roleId-value"
ApprovalType = "approvalType-value"
ApprovalState = "approvalState-value"
ApprovalDuration = "datetime-value"
}
New-MgPrivilegedApproval -BodyParameter $params
在请求正文中,提供 privilegedApproval 对象的 JSON 表示形式。
响应
这是一个示例响应。注意:为提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"id": "id-value",
"userId": "userId-value",
"roleId": "roleId-value",
"approvalType": "approvalType-value",
"approvalState": "approvalState-value",
"approvalDuration": "datetime-value"
}