Get accessPackageAssignmentPolicy

Artikel
10/14/2024

Namespace: microsoft.graph

Rufen Sie in Microsoft Entra Berechtigungsverwaltung die Eigenschaften und Beziehungen eines accessPackageAssignmentPolicy-Objekts ab.

Diese API ist in den folgenden nationalen Cloudbereitstellungen verfügbar.

Globaler Dienst	US Government L4	US Government L5 (DOD)	China, betrieben von 21Vianet
✅	✅	✅	✅

Berechtigungen

Wählen Sie für diese API die Als am wenigsten privilegierten Berechtigungen gekennzeichneten Berechtigungen aus. Verwenden Sie nur dann eine Berechtigung mit höheren Berechtigungen , wenn dies für Ihre App erforderlich ist. Ausführliche Informationen zu delegierten Berechtigungen und Anwendungsberechtigungen finden Sie unter Berechtigungstypen. Weitere Informationen zu diesen Berechtigungen finden Sie in der Berechtigungsreferenz.

Berechtigungstyp	Berechtigungen mit den geringsten Berechtigungen	Berechtigungen mit höheren Berechtigungen
Delegiert (Geschäfts-, Schul- oder Unikonto)	EntitlementManagement.Read.All	EntitlementManagement.ReadWrite.All
Delegiert (persönliches Microsoft-Konto)	Nicht unterstützt	Nicht unterstützt
Anwendung	EntitlementManagement.Read.All	EntitlementManagement.ReadWrite.All

HTTP-Anforderung

GET /identityGovernance/entitlementManagement/assignmentPolicies/{accessPackageAssignmentPolicyId}

Optionale Abfrageparameter

Diese Methode unterstützt den $selectOData-Abfrageparameter zum Abrufen bestimmter Eigenschaften und des Parameters zum Abrufen von $expand Beziehungen.

Um beispielsweise das Zugriffspaket abzurufen, fügen Sie hinzu $expand=accessPackage.

Anforderungsheader

Name	Beschreibung
Authorization	Bearer {token}. Erforderlich. Erfahren Sie mehr über die Authentifizierung und Autorisierung.

Anforderungstext

Geben Sie keinen Anforderungstext für diese Methode an.

Antwort

Bei erfolgreicher Ausführung gibt die Methode den 200 OK Antwortcode und das angeforderte accessPackageAssignmentPolicy-Objekt im Antworttext zurück.

Beispiele

Beispiel 1: Abrufen einer Richtlinie

Das folgende Beispiel zeigt, wie eine Richtlinie abgerufen wird.

Anforderung

Das folgende Beispiel zeigt eine Anfrage.

GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentPolicies/{accessPackageAssignmentPolicyId}


// Code snippets are only available for the latest version. Current version is 5.x

// To initialize your graphClient, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentPolicies["{accessPackageAssignmentPolicy-id}"].GetAsync();



mgc identity-governance entitlement-management assignment-policies get --access-package-assignment-policy-id {accessPackageAssignmentPolicy-id}



// Code snippets are only available for the latest major version. Current major version is $v1.*

// Dependencies
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  //other-imports
)


// To initialize your graphClient, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentPolicies().ByAccessPackageAssignmentPolicyId("accessPackageAssignmentPolicy-id").Get(context.Background(), nil)


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().assignmentPolicies().byAccessPackageAssignmentPolicyId("{accessPackageAssignmentPolicy-id}").get();


const options = {
	authProvider,
};

const client = Client.init(options);

let accessPackageAssignmentPolicy = await client.api('/identityGovernance/entitlementManagement/assignmentPolicies/{accessPackageAssignmentPolicyId}')
	.get();


<?php
use Microsoft\Graph\GraphServiceClient;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);


$result = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentPolicies()->byAccessPackageAssignmentPolicyId('accessPackageAssignmentPolicy-id')->get()->wait();


Import-Module Microsoft.Graph.Identity.Governance

Get-MgEntitlementManagementAssignmentPolicy -AccessPackageAssignmentPolicyId $accessPackageAssignmentPolicyId


# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=python

result = await graph_client.identity_governance.entitlement_management.assignment_policies.by_access_package_assignment_policy_id('accessPackageAssignmentPolicy-id').get()

Antwort

Das folgende Beispiel zeigt die Antwort.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "87e1c7f7-c7f7-87e1-f7c7-e187f7c7e187",
  "displayName": "All Users",
  "description": "All users in the directory can request access.",
  "allowedTargetScope": "allDirectoryUsers",
  "createdDateTime": "2020-12-18T20:18:02.587Z",
  "modifiedDateTime": "2020-12-18T20:18:02.65Z",
  "specificAllowedTargets": [],
  "expiration": {
      "duration": "P365D",
      "type": "afterDuration"
  },
  "requestorSettings": {
      "enableTargetsToSelfAddAccess": true,
      "enableTargetsToSelfUpdateAccess": false,
      "enableTargetsToSelfRemoveAccess": true,
      "allowCustomAssignmentSchedule": true,
      "enableOnBehalfRequestorsToAddAccess": false,
      "enableOnBehalfRequestorsToUpdateAccess": false,
      "enableOnBehalfRequestorsToRemoveAccess": false
  },
  "requestApprovalSettings": {
      "isApprovalRequiredForAdd": false,
      "isApprovalRequiredForUpdate": false,
      "stages": []
  }
}

Beispiel 2: Abrufen der Einstellungen für die benutzerdefinierte Erweiterungsphase für eine Richtlinie

Das folgende Beispiel zeigt, wie Sie die Auflistung der für eine Richtlinie definierten Einstellungen der benutzerdefinierten Erweiterungsphase zusammen mit der zugehörigen benutzerdefinierten Workflowerweiterung für Zugriffspakete abrufen.

Anforderung

Das folgende Beispiel zeigt eine Anfrage.

GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197?$expand=customExtensionStageSettings($expand=customExtension)


// Code snippets are only available for the latest version. Current version is 5.x

// To initialize your graphClient, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.AssignmentPolicies["{accessPackageAssignmentPolicy-id}"].GetAsync((requestConfiguration) =>
{
	requestConfiguration.QueryParameters.Expand = new string []{ "customExtensionStageSettings($expand=customExtension)" };
});



mgc identity-governance entitlement-management assignment-policies get --access-package-assignment-policy-id {accessPackageAssignmentPolicy-id} --expand "customExtensionStageSettings(\$expand=customExtension)"



// Code snippets are only available for the latest major version. Current major version is $v1.*

// Dependencies
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  graphidentitygovernance "github.com/microsoftgraph/msgraph-sdk-go/identitygovernance"
	  //other-imports
)

requestParameters := &graphidentitygovernance.IdentityGovernanceEntitlementManagementAssignmentPolicieItemRequestBuilderGetQueryParameters{
	Expand: [] string {"customExtensionStageSettings($expand=customExtension)"},
}
configuration := &graphidentitygovernance.IdentityGovernanceEntitlementManagementAssignmentPolicieItemRequestBuilderGetRequestConfiguration{
	QueryParameters: requestParameters,
}

// To initialize your graphClient, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
assignmentPolicies, err := graphClient.IdentityGovernance().EntitlementManagement().AssignmentPolicies().ByAccessPackageAssignmentPolicyId("accessPackageAssignmentPolicy-id").Get(context.Background(), configuration)


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

AccessPackageAssignmentPolicy result = graphClient.identityGovernance().entitlementManagement().assignmentPolicies().byAccessPackageAssignmentPolicyId("{accessPackageAssignmentPolicy-id}").get(requestConfiguration -> {
	requestConfiguration.queryParameters.expand = new String []{"customExtensionStageSettings($expand=customExtension)"};
});


const options = {
	authProvider,
};

const client = Client.init(options);

let accessPackageAssignmentPolicy = await client.api('/identityGovernance/entitlementManagement/assignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197')
	.expand('customExtensionStageSettings($expand=customExtension)')
	.get();


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\IdentityGovernance\EntitlementManagement\AssignmentPolicies\Item\AccessPackageAssignmentPolicyItemRequestBuilderGetRequestConfiguration;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestConfiguration = new AccessPackageAssignmentPolicyItemRequestBuilderGetRequestConfiguration();
$queryParameters = AccessPackageAssignmentPolicyItemRequestBuilderGetRequestConfiguration::createQueryParameters();
$queryParameters->expand = ["customExtensionStageSettings(\$expand=customExtension)"];
$requestConfiguration->queryParameters = $queryParameters;


$result = $graphServiceClient->identityGovernance()->entitlementManagement()->assignmentPolicies()->byAccessPackageAssignmentPolicyId('accessPackageAssignmentPolicy-id')->get($requestConfiguration)->wait();


Import-Module Microsoft.Graph.Identity.Governance

Get-MgEntitlementManagementAssignmentPolicy -AccessPackageAssignmentPolicyId $accessPackageAssignmentPolicyId -ExpandProperty "customExtensionStageSettings(`$expand=customExtension)"


# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.identity_governance.entitlement_management.assignment_policies.item.access_package_assignment_policy_item_request_builder import AccessPackageAssignmentPolicyItemRequestBuilder
from kiota_abstractions.base_request_configuration import RequestConfiguration
# To initialize your graph_client, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
query_params = AccessPackageAssignmentPolicyItemRequestBuilder.AccessPackageAssignmentPolicyItemRequestBuilderGetQueryParameters(
		expand = ["customExtensionStageSettings($expand=customExtension)"],
)

request_configuration = RequestConfiguration(
query_parameters = query_params,
)

result = await graph_client.identity_governance.entitlement_management.assignment_policies.by_access_package_assignment_policy_id('accessPackageAssignmentPolicy-id').get(request_configuration = request_configuration)

Antwort

Das folgende Beispiel zeigt die Antwort.

HTTP/1.1 200 OK
Content-type: application/json

{
    "id": "4540a08f-8ab5-43f6-a923-015275799197",
    "displayName": "policy with custom access package workflow extension",
    "description": "Run specified custom access package workflow extension at different stages.",
    "canExtend": true,
    "durationInDays": 0,
    "expirationDateTime": null,
    "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
    "accessReviewSettings": null,
    "requestorSettings": {
        "scopeType": "AllExistingDirectorySubjects",
        "acceptRequests": true,
        "allowedRequestors": []
    },
    "requestApprovalSettings": {
        "isApprovalRequired": false,
        "isApprovalRequiredForExtension": false,
        "isRequestorJustificationRequired": false,
        "approvalMode": "NoApproval",
        "approvalStages": []
    },
    "customExtensionStageSettings": [
        {
            "id": "5a38d27a-b702-48d9-ac72-dcf158ba1b0d",
            "stage": "assignmentRequestCreated",
            "customExtension": {
                "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
                "id": "219f57b6-7983-45a1-be01-2c228b7a43f8",
                "displayName": "test_action_1",
                "description": "Test logic app",
                "createdDateTime": "2022-01-11T05:19:16.97Z",
                "lastModifiedDateTime": "2022-01-11T05:19:16.97Z",
                "endpointConfiguration": {
                    "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
                    "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
                    "resourceGroupName": "resourcegroup",
                    "logicAppWorkflowName": "customextension_test",
                    "url": "https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
                },
                "authenticationConfiguration": {
                    "@odata.type": "#microsoft.graph.azureAdPopTokenAuthentication"
                }
            }
        }
    ],
    "verifiableCredentialSettings": {
        "credentialTypes": [
            {
                "issuers": [
                    "did:ion:EiAlrenrtD3Lsw0GlbzS1O2YFdy3Xtu8yo35W<SNIP>..."
                ],
                "credentialType": "VerifiedCredentialExpert"
            }
        ]
    }
}

Freigeben über

Get accessPackageAssignmentPolicy

Berechtigungen

HTTP-Anforderung

Optionale Abfrageparameter

Anforderungsheader

Anforderungstext

Antwort

Beispiele

Beispiel 1: Abrufen einer Richtlinie

Anforderung

Antwort

Beispiel 2: Abrufen der Einstellungen für die benutzerdefinierte Erweiterungsphase für eine Richtlinie

Anforderung

Antwort

Feedback

Zusätzliche Ressourcen