directoryRole 资源类型directoryRole resource type

表示 Azure AD 目录角色。Represents an Azure AD directory role. Azure AD 目录角色也称为是管理员角色Azure AD directory roles are also known as administrator roles. 有关目录 (管理员) 角色的详细信息,请参阅Azure AD 中的分配管理员角色For more information about directory (administrator) roles, see Assigning administrator roles in Azure AD. 使用 Microsoft Graph 中,可以将用户分配到目录角色授予他们的目标角色的权限。With the Microsoft Graph, you can assign users to directory roles to grant them the permissions of the target role. 若要读取目录角色或更新其成员,它必须首先激活在租户中。To read a directory role or update its members, it must first be activated in the tenant. 默认情况下已激活公司管理员的目录角色。Only the Company Administrators directory role is activated by default. 若要激活其他可用的目录角色将发送一个 POST 请求directoryRoleTemplate目录角色所基于的 id。To activate other available directory roles you send a POST request with the ID of the directoryRoleTemplate on which the directory role is based. 继承自 directoryObjectInherits from directoryObject. 该资源支持:This resource supports:

  • 通过提供 delta 函数使用增量查询跟踪增量添加、删除和更新。Using delta query to track incremental additions, deletions, and updates, by providing a delta function.


方法Method 返回类型Return Type 说明Description
获取 directoryRoleGet directoryRole directoryRoledirectoryRole 读取 directoryRol 对象的属性和关系。Read properties and relationships of directoryRole object.
列出 directoryRolesList directoryRoles directoryRole 集合directoryRole collection 列出租户中激活的目录角色。List the directory roles that are activated in the tenant.
添加成员Add member directoryObjectdirectoryObject 通过发布到成员导航属性将用户添加到目录角色。Add a user to the directory role by posting to the members navigation property.
列出成员List members directoryObject 集合directoryObject collection 从成员导航属性获取该目录角色成员的用户。Get the users that are members of the directory role from the members navigation property.
删除成员Remove a member directoryObjectdirectoryObject 删除目录角色中的用户。Remove a user from the directory role.
激活 directoryRoleActivate directoryRole directoryRoledirectoryRole 激活目录角色。Activate a directory role.
deltadelta directoryRole 集合directoryRole collection 获得目录角色增量更改。Get incremental changes for directory roles.


属性Property 类型Type 说明Description
说明description StringString 目录角色说明。只读。The description for the directory role. Read-only.
displayNamedisplayName StringString 目录角色的显示名称。只读。The display name for the directory role. Read-only.
idid StringString 目录角色唯一标识符。继承自 directoryObject。密钥,不可为 NULL,只读。The unique identifier for the directory role. Inherited from directoryObject. Key, Not nullable, Read-only.
roleTemplateIdroleTemplateId StringString 此角色所基于的 directoryRoleTemplateid。使用 POST 操作在租户中激活目录角色时,必须指定其属性。激活目录角色后,其属性为只读。The id of the directoryRoleTemplate that this role is based on. The property must be specified when activating a directory role in a tenant with a POST operation. After the directory role has been activated, the property is read only.


关系Relationship 类型Type 说明Description
membersmembers directoryObject 集合directoryObject collection 是此目录角色成员的用户。HTTP 方法:GET、POST、DELETE。只读。可为 Null。Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable.

JSON 表示形式JSON representation

下面是资源的 JSON 表示形式。Here is a JSON representation of the resource

  "description": "string",
  "displayName": "string",
  "id": "string (identifier)",
  "roleTemplateId": "string"