directoryRole 资源类型directoryRole resource type

表示 Azure AD Directory 角色。Represents an Azure AD directory role. Azure AD 目录角色也称作管理员角色Azure AD directory roles are also known as administrator roles. 有关这些目录(管理员)角色的详细信息,请参阅 在 Azure AD 中分配管理员角色For more information about directory (administrator) roles, see Assigning administrator roles in Azure AD. 使用 Microsoft Graph,可以将用户分配给目录角色,使其具有目标角色的权限。With the Microsoft Graph, you can assign users to directory roles to grant them the permissions of the target role. 要读取目录角色或更新其成员,首先必须在租户中将其激活。To read a directory role or update its members, it must first be activated in the tenant. 默认情况下,仅激活公司管理员目录角色。Only the Company Administrators directory role is activated by default. 若要激活其他可用的目录角色,请发送具有此目录角色所基于的 directoryRoleTemplate ID 的 POST 请求。To activate other available directory roles you send a POST request with the ID of the directoryRoleTemplate on which the directory role is based. 列出目录角色模板,以获取其他所有可用目录角色。List directory role templates to get all the other available directory roles. 继承自 directoryObjectInherits from directoryObject.

该资源支持:This resource supports:

  • 通过提供 delta 函数,使用 delta 查询跟踪增量添加、删除和更新。Using delta query to track incremental additions, deletions, and updates, by providing a delta function.


方法Method 返回类型Return Type 说明Description
获取 directoryRoleGet directoryRole directoryRoledirectoryRole 读取 directoryRol 对象的属性和关系。Read properties and relationships of directoryRole object.
列出 directoryRolesList directoryRoles directoryRole 集合directoryRole collection 列出租户中激活的目录角色。List the directory roles that are activated in the tenant.
添加成员Add member directoryObjectdirectoryObject 通过发布到成员导航属性将用户添加到目录角色。Add a user to the directory role by posting to the members navigation property.
列出成员List members directoryObject 集合directoryObject collection 从成员导航属性获取该目录角色成员的用户。Get the users that are members of the directory role from the members navigation property.
删除成员Remove a member directoryObjectdirectoryObject 删除目录角色中的用户。Remove a user from the directory role.
激活 directoryRoleActivate directoryRole directoryRoledirectoryRole 激活目录角色。Activate a directory role.
deltadelta directoryRole 集合directoryRole collection 获取目录角色的增量更改。Get incremental changes for directory roles.


属性Property 类型Type 说明Description
说明description StringString 目录角色说明。只读。The description for the directory role. Read-only.
displayNamedisplayName StringString 目录角色的显示名称。只读。The display name for the directory role. Read-only.
idid StringString 目录角色唯一标识符。继承自 directoryObject。密钥,不可为 NULL,只读。The unique identifier for the directory role. Inherited from directoryObject. Key, Not nullable, Read-only.
roleTemplateIdroleTemplateId StringString 此角色所基于的 directoryRoleTemplateid。使用 POST 操作在租户中激活目录角色时,必须指定其属性。激活目录角色后,其属性为只读。The id of the directoryRoleTemplate that this role is based on. The property must be specified when activating a directory role in a tenant with a POST operation. After the directory role has been activated, the property is read only.


关系Relationship 类型Type 说明Description
成员members directoryObject 集合directoryObject collection 是此目录角色成员的用户。HTTP 方法:GET、POST、DELETE。只读。可为 NULL。Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable.

JSON 表示形式JSON representation

下面是资源的 JSON 表示形式。Here is a JSON representation of the resource

  "description": "string",
  "displayName": "string",
  "id": "string (identifier)",
  "roleTemplateId": "string"