CloudPC.Read.All
Allows the app to read the properties of Cloud PCs on behalf of the signed-in user.
Graph Methods
Type: A = Application Permission, D = Delegate Permission
Ver |
Type |
Method |
Beta |
A,D |
GET /deviceManagement/managedDevices/{managedDeviceId}/getCloudPcReviewStatus |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/auditEvents |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/auditEvents/{id} |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/auditEvents/getAuditActivityTypes |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/cloudPCs |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/cloudPCs/{id} |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/deviceImages |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/deviceImages/{id} |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/deviceImages/getSourceImages |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/galleryImages |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/galleryImages/{id} |
Beta |
D |
GET /deviceManagement/virtualEndpoint/getEffectivePermissions |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/onPremisesConnections |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/onPremisesConnections/{id} |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/organizationSettings |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/provisioningPolicies |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/provisioningPolicies/{id} |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/servicePlans |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/snapshots |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/snapshots/{cloudPcSnapshotId} |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/snapshots/getStorageAccounts(subscriptionId='{subscriptionId}') |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/snapshots/getSubscriptions |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/supportedRegions |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/userSettings |
Beta |
A,D |
GET /deviceManagement/virtualEndpoint/userSettings/{id} |
Beta |
D |
GET /me/cloudPCs |
Beta |
D |
GET /me/cloudPCs/{cloudPCId}/getCloudPcLaunchInfo |
Beta |
A,D |
GET /roleManagement/cloudPc/roleAssignments |
Beta |
A,D |
GET /roleManagement/cloudPC/roleAssignments/{id} |
Beta |
A,D |
GET /roleManagement/cloudPC/roleDefinitions |
Beta |
A,D |
GET /roleManagement/cloudPC/roleDefinitions/{id} |
Beta |
D |
GET /tenantRelationships/managedTenants/cloudPcConnections |
Beta |
D |
GET /tenantRelationships/managedTenants/cloudPcConnections/{cloudPcConnectionId} |
Beta |
D |
GET /tenantRelationships/managedTenants/cloudPcDevices |
Beta |
D |
GET /tenantRelationships/managedTenants/cloudPcDevices/{cloudPcDeviceId} |
Beta |
D |
GET /tenantRelationships/managedTenants/cloudPcsOverview |
Beta |
D |
GET /tenantRelationships/managedTenants/cloudPcsOverview/{cloudPcOverviewId} |
Beta |
A,D |
PATCH /deviceManagement/virtualEndpoint/organizationSettings |
Delegate Permission
|
|
Id |
5252ec4e-fd40-4d92-8c68-89dd1d3c6110 |
Consent Type |
User |
Display String |
Read Cloud PCs |
Description |
Allows the app to read the properties of Cloud PCs on behalf of the signed-in user. |
Application Permission
|
|
Id |
a9e09520-8ed4-4cde-838e-4fdea192c227 |
Display String |
Read Cloud PCs |
Description |
Allows the app to read the properties of Cloud PCs, without a signed-in user. |
Resources
Property |
Type |
Description |
aadDeviceId |
String |
The Azure Active Directory (Azure AD) device ID of the Cloud PC. |
displayName |
String |
The display name of the Cloud PC. |
gracePeriodEndDateTime |
DateTimeOffset |
The date and time when the grace period ends and reprovisioning/deprovisioning happens. Required only if the status is inGracePeriod . The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z . |
id |
String |
The unique identifier for the Cloud PC. Read-only. |
imageDisplayName |
String |
Name of the OS image that's on the Cloud PC. |
lastLoginResult |
cloudPcLoginResult |
The last login result of the Cloud PC. For example, { "time": "2014-01-01T00:00:00Z"} . |
lastModifiedDateTime |
DateTimeOffset |
The last modified date and time of the Cloud PC. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z . |
lastRemoteActionResult |
cloudPcRemoteActionResult |
The last remote action result of the enterprise Cloud PCs. The supported remote actions are: Reboot , Rename , Reprovision , Restore , and Troubleshoot . |
managedDeviceId |
String |
The Intune device ID of the Cloud PC. |
managedDeviceName |
String |
The Intune device name of the Cloud PC. |
onPremisesConnectionName |
String |
The Azure network connection that is applied during the provisioning of Cloud PCs. |
osVersion |
cloudPcOperatingSystem |
The version of the operating system (OS) to provision on Cloud PCs. Possible values are: windows10 , windows11 , and unknownFutureValue . |
provisioningPolicyId |
String |
The provisioning policy ID of the Cloud PC. |
provisioningPolicyName |
String |
The provisioning policy that is applied during the provisioning of Cloud PCs. |
servicePlanId |
String |
The service plan ID of the Cloud PC. |
servicePlanName |
String |
The service plan name of the Cloud PC. |
servicePlanType |
cloudPcServicePlanType |
The service plan type of the Cloud PC. |
status |
cloudPcStatus |
The status of the Cloud PC. Possible values are: notProvisioned , provisioning , provisioned , upgrading , inGracePeriod , deprovisioning , failed , restoring . |
statusDetails |
cloudPcStatusDetails |
The details of the Cloud PC status. |
userAccountType |
cloudPcUserAccountType |
The account type of the user on provisioned Cloud PCs. Possible values are: standardUser , administrator , and unknownFutureValue . |
userPrincipalName |
String |
The user principal name (UPN) of the user assigned to the Cloud PC. |
Property |
Type |
Description |
id |
String |
Key of the audit entity. Read-only. |
displayName |
String |
Event display name. Read-only. |
componentName |
String |
Component name. Read-only. |
actor |
cloudPcAuditActor |
Azure AD user and application associated with the audit event. Read-only. |
activity |
String |
Friendly name of the activity. Optional. |
activityDateTime |
DateTimeOffset |
The date time in UTC when the activity was performed. Read-only. |
activityType |
String |
The type of activity that was performed. Read-only. |
activityOperationType |
cloudPcAuditActivityOperationType |
The HTTP operation type of the activity. Possible values include create , delete , patch and other . Read-only. |
activityResult |
cloudPcAuditActivityResult |
The result of the activity. Read-only. |
correlationId |
String |
The client request identifier, used to correlate activity within the system. Read-only. |
resources |
cloudPcAuditResource collection |
List of cloudPcAuditResource objects. Read-only. |
category |
cloudPcAuditCategory |
Audit category. Read-only. |
Property |
Type |
Description |
displayName |
String |
The image's display name. |
expirationDate |
Date |
The date the image became unavailable. |
id |
String |
Unique identifier for the image resource on the Cloud PC. Read-only. |
lastModifiedDateTime |
DateTimeOffset |
The data and time that the image was last modified. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. For example, midnight UTC on Jan 1, 2014 appears as '2014-01-01T00:00:00Z'. |
operatingSystem |
String |
The image's operating system. For example: Windows 10 Enterprise. |
osBuildNumber |
String |
The image's OS build version. For example: 1909. |
osStatus |
cloudPcDeviceImageOsStatus |
The OS status of this image. Possible values are: supported , supportedWithWarning , unknownFutureValue . |
sourceImageResourceId |
String |
The ID of the source image resource on Azure. Required format: "/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}". |
status |
cloudPcDeviceImageStatus |
The status of the image on Cloud PC. Possible values are: pending , ready , failed . |
statusDetails |
cloudPcDeviceImageStatusDetails |
The details of the image's status, which indicates why the upload failed, if applicable. Possible values are: internalServerError , sourceImageNotFound , osVersionNotSupported , sourceImageInvalid , and sourceImageNotGeneralized . |
version |
String |
The image version. For example: 0.0.1, 1.5.13. |
Property |
Type |
Description |
storageAccountId |
String |
The ID of the storage account. |
storageAccountName |
String |
The name of the storage account. |
Property |
Type |
Description |
displayName |
String |
The official display name of the gallery image. Read-only. |
endDate |
Date |
The date in which this image is no longer within long-term support. The Cloud PC will continue to provide short-term support. Read-only. |
expirationDate |
Date |
The date when the image is no longer available. Read-only. |
id |
String |
Unique identifier for the gallery image resource on the Cloud PC. Read-only. |
offer |
String |
The offer name of the gallery image. This value will be passed to Azure to get the image resource. Read-only. |
offerDisplayName |
String |
The official display offer name of the gallery image. For example, Windows 10 Enterprise + OS Optimizations. Read-only. |
publisher |
String |
The publisher name of the gallery image. This value will be passed to Azure to get the image resource. Read-only. |
recommendedSku |
String |
Recommended Cloud PC SKU for this gallery image. Read-only. |
sizeInGB |
Int32 |
The size of this image in gigabytes. Read-only. |
sku |
String |
The SKU name of the gallery image. This value will be passed to Azure to get the image resource. Read-only. |
skuDisplayName |
String |
The official display stock keeping unit (SKU) name of this gallery image. For example, 2004. Read-only. |
startDate |
Date |
The date when the image becomes available. Read-only. |
status |
cloudPcGalleryImageStatus |
The status of the gallery image on the Cloud PC. Possible values are: supported , supportedWithWarning , notSupported , unknownFutureValue . Read-only. |
Property |
Type |
Description |
cloudPcId |
String |
The unique identifier of the Cloud PC. |
cloudPcLaunchUrl |
String |
The connect URL of the Cloud PC. |
Property |
Type |
Description |
id |
String |
Unique identifier for the Azure network connection. Read-only. |
managedBy |
cloudPcManagementService |
Specifies which services manage the Azure network connection. Possible values are: windows365 , devBox and unknownFutureValue . Read-only. |
type |
cloudPcOnPremisesConnectionType |
Specifies how the provisioned Cloud PC will be joined to Azure Active Directory. Default value is hybridAzureADJoin . Possible values are: azureADJoin , hybridAzureADJoin , unknownFutureValue . |
displayName |
String |
The display name for the Azure network connection. |
subscriptionId |
String |
The ID of the target Azure subscription that’s associated with your tenant. |
subscriptionName |
String |
The name of the target Azure subscription. Read-only. |
adDomainName |
String |
The fully qualified domain name (FQDN) of the Active Directory domain you want to join. Optional. |
adDomainUsername |
String |
The username of an Active Directory account (user or service account) that has permissions to create computer objects in Active Directory. Required format: [email protected] Optional. |
adDomainPassword |
String |
The password associated with adDomainUsername. |
organizationalUnit |
String |
The organizational unit (OU) in which the computer account is created. If left null, the OU that’s configured as the default (a well-known computer object container) in your Active Directory domain (OU) is used. Optional. |
resourceGroupId |
String |
The ID of the target resource group. Required format: "/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}". |
virtualNetworkId |
String |
The ID of the target virtual network. Required format: "/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}". |
subnetId |
String |
The ID of the target subnet. Required format: "/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkId}/subnets/{subnetName}". |
healthCheckStatus |
cloudPcOnPremisesConnectionStatus |
The status of the most recent health check done on the Azure network connection. For example, if status is "passed", the Azure network connection has passed all checks run by the service. Possible values are: pending , running , passed , failed , unknownFutureValue . Read-only. |
healthCheckStatusDetails |
cloudPcOnPremisesConnectionStatusDetails |
The details of the connection's health checks and the corresponding results. Returned only on $select .For an example that shows how to get the inUse property, see Example 2: Get the selected properties of an Azure network connection, including healthCheckStatusDetails. Read-only. |
inUse |
Boolean |
When true , the Azure network connection is in use. When false , the connection is not in use. You cannot delete a connection that’s in use. Returned only on $select . For an example that shows how to get the **i |
Property |
Type |
Description |
id |
String |
The ID of the organization settings. |
osVersion |
cloudPcOperatingSystem |
The version of the operating system (OS) to provision on Cloud PCs. The possible values are: windows10 , windows11 , unknownFutureValue . |
userAccountType |
cloudPcUserAccountType |
The account type of the user on provisioned Cloud PCs. The possible values are: standardUser , administrator , unknownFutureValue . |
windowsSettings |
cloudPcWindowsSettings |
Represents the Cloud PC organization settings for a tenant. A tenant has only one **c |
Property |
Type |
Description |
description |
String |
The provisioning policy description. |
displayName |
String |
The display name for the provisioning policy. |
domainJoinConfiguration |
cloudPcDomainJoinConfiguration |
Specifies how Cloud PCs will join Azure Active Directory. |
id |
String |
Unique identifier for the Cloud PC provisioning policy. Read-only. |
imageDisplayName |
String |
The display name for the OS image you’re provisioning. |
imageId |
String |
The ID of the OS image you want to provision on Cloud PCs. The format for a gallery type image is: {publisher_offer_sku}. Supported values for each of the parameters are as follows:- publisher: Microsoftwindowsdesktop.
- offer: windows-ent-cpc.
- sku: 21h1-ent-cpc-m365, 21h1-ent-cpc-os, 20h2-ent-cpc-m365, 20h2-ent-cpc-os, 20h1-ent-cpc-m365, 20h1-ent-cpc-os, 19h2-ent-cpc-m365 and 19h2-ent-cpc-os.
|
imageType |
cloudPcProvisioningPolicyImageType |
The type of OS image (custom or gallery) you want to provision on Cloud PCs. Possible values are: gallery , custom . |
microsoftManagedDesktop |
microsoftManagedDesktop |
The specific settings for the Microsoft Managed Desktop, which enables customers to get a managed device experience for the Cloud PC. Before you can enable Microsoft Managed Desktop, an admin must configure it. |
onPremisesConnectionId |
String |
The ID of the cloudPcOnPremisesConnection. To ensure that Cloud PCs have network connectivity and that they domain join, choose a connection with a virtual network that’s validated by the Cloud PC service. |
windowsSettings |
cloudPcWindowsSettings |
Specific Windows settings to configure while creating Cloud PCs for this provisioning policy. |
Property |
Type |
Description |
azureStorageAccountId |
String |
The resource ID of the Azure Storage account in which the Cloud PC snapshot is being saved. |
azureStorageAccountName |
String |
The name of the Azure Storage account in which the Cloud PC snapshot is being saved. |
inReview |
Boolean |
True if the Cloud PC is set to in review by the administrator. |
restorePointDateTime |
DateTimeOffset |
The specific date and time of the Cloud PC snapshot that was taken and saved automatically, when the Cloud PC is set to in review. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as 2014-01-01T00:00:00Z . |
reviewStartDateTime |
DateTimeOffset |
The specific date and time when the Cloud PC was set to in review. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as 2014-01-01T00:00:00Z . |
subscriptionId |
String |
The ID of the Azure subscription in which the Cloud PC snapshot is being saved, in GUID format. |
subscriptionName |
String |
The name of the Azure subscription in which the Cloud PC snapshot is being saved. |
userAccessLevel |
cloudPcUserAccessLevel |
The access level of the end user on the Cloud PC. Possible values are: unrestricted , restricted . |
Property |
Type |
Description |
displayName |
String |
The name for the service plan. Read-only. |
id |
String |
Unique identifier for the service plan. Read-only. |
ramInGB |
Int32 |
The size of the RAM in GB. Read-only. |
storageInGB |
Int32 |
The size of the OS Disk in GB. Read-only. |
type |
cloudPcServicePlanType |
The type of the service plan. Possible values are: enterprise , business , unknownFutureValue . Read-only. |
userProfileInGB |
Int32 |
The size of the user profile disk in GB. Read-only. |
vCpuCount |
Int32 |
The number of vCPUs. Read-only. |
Property |
Type |
Description |
cloudPcId |
String |
The unique identifier for the Cloud PC. |
createdDateTime |
DateTimeOffset |
The date and time at which the snapshot was taken. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z . |
id |
String |
The unique identifier for the snapshot of the Cloud PC device at a specific point in time. Inherited from entity. |
lastRestoredDateTime |
DateTimeOffset |
The date and time at which the snapshot was last used to restore the Cloud PC device. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z . |
status |
cloudPcSnapshotStatus |
The status of the Cloud PC snapshot. The possible values are: ready , unknownFutureValue . |
Property |
Type |
Description |
id |
String |
The ID of the source image. |
displayName |
String |
The display name for the source image. |
subscriptionId |
String |
The ID of subscription that hosts the source image. |
subscriptionDisplayName |
String |
The display name of subscription that hosts the source image. |
Property |
Type |
Description |
subscriptionId |
String |
The ID of the subscription. |
subscriptionName |
String |
The name of the subscription. |
Property |
Type |
Description |
id |
String |
Unique identifier for the supported region. Read-only. |
displayName |
String |
The name for the supported region. Read-only. |
Property |
Type |
Description |
id |
String |
Unique identifier for the Cloud PC user setting. Read-only. |
displayName |
String |
The setting name displayed in the user interface. |
localAdminEnabled |
Boolean |
Indicates whether the local admin option is enabled. Default value is false . To enable the local admin option, change the setting to true . If the local admin option is enabled, the end user can be an admin of the Cloud PC device. |
selfServiceEnabled |
Boolean |
Indicates whether the self-service option is enabled. Default value is false . To enable the self-service option, change the setting to true . If the self-service option is enabled, the end user is allowed to perform some self-service operations, such as upgrading the Cloud PC through the end user portal. |
restorePointSetting |
cloudPcRestorePointSetting |
Defines how frequently a restore point is created that is, a snapshot is taken) for users' provisioned Cloud PCs (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific point in time. |
lastModifiedDateTime |
DateTimeOffset |
The last date and time the setting was modified. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. |
createdDateTime |
DateTimeOffset |
The date and time the setting was created. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. |
Property |
Type |
Description |
displayName |
String |
The display name of the cloud PC connection. Required. Read-only. |
healthCheckStatus |
String |
The health status of the cloud PC connection. Possible values are: pending , running , passed , failed , unknownFutureValue . Required. Read-only. |
id |
String |
The unique identifier for the cloud PC connection. Required. Read-only. |
lastRefreshedDateTime |
DateTimeOffset |
Date and time the entity was last updated in the multi-tenant management platform. Required. Read-only. |
tenantDisplayName |
String |
The display name for the managed tenant. Required. Read-only. |
tenantId |
String |
The Azure Active Directory tenant identifier for the managed tenant. Required. Read-only. |
Property |
Type |
Description |
cloudPcStatus |
String |
The status of the cloud PC. Possible values are: notProvisioned , provisioning , provisioned , upgrading , inGracePeriod , deprovisioning , failed . Required. Read-only. |
displayName |
String |
The display name for the cloud PC. Required. Read-only. |
id |
String |
The unique identifier for the cloud PC. Required. Read-only. |
lastRefreshedDateTime |
DateTimeOffset |
Date and time the entity was last updated in the multi-tenant management platform. Required. Read-only. |
managedDeviceId |
String |
The managed device identifier for the cloud PC. Optional. Read-only. |
managedDeviceName |
String |
The managed device display name for the cloud PC. Optional. Read-only. |
provisioningPolicyId |
String |
The provisioning policy identifier for the cloud PC. Required. Read-only. |
servicePlanName |
String |
The service plan name for the cloud PC. Required. Read-only. |
tenantDisplayName |
String |
The display name for the managed tenant. Required. Read-only. |
tenantId |
String |
The Azure Active Directory tenant identifier for the managed tenant. Required. Read-only. |
userPrincipalName |
String |
The user principal name (UPN) of the user assigned to the cloud PC. Required. Read-only. |
Property |
Type |
Description |
id |
String |
The unique identifier for the cloud PC overview. Required. Read-only. |
lastRefreshedDateTime |
DateTimeOffset |
Date and time the entity was last updated in the multi-tenant management platform. Optional. Read-only. |
numberOfCloudPcConnectionStatusFailed |
Int32 |
The number of cloud PC connections that have a status of failed . Optional. Read-only. |
numberOfCloudPcConnectionStatusPassed |
Int32 |
The number of cloud PC connections that have a status of passed . Optional. Read-only. |
numberOfCloudPcConnectionStatusPending |
Int32 |
The number of cloud PC connections that have a status of pending . Optional. Read-only. |
numberOfCloudPcConnectionStatusRunning |
Int32 |
The number of cloud PC connections that have a status of running . Optional. Read-only. |
numberOfCloudPcConnectionStatusUnkownFutureValue |
Int32 |
The number of cloud PC connections that have a status of unknownFutureValue . Optional. Read-only. |
numberOfCloudPcStatusDeprovisioning |
Int32 |
The number of cloud PCs that have a status of deprovisioning . Optional. Read-only. |
numberOfCloudPcStatusFailed |
Int32 |
The number of cloud PCs that have a status of failed . Optional. Read-only. |
numberOfCloudPcStatusInGracePeriod |
Int32 |
The number of cloud PCs that have a status of inGracePeriod . Optional. Read-only. |
numberOfCloudPcStatusNotProvisioned |
Int32 |
The number of cloud PCs that have a status of notProvisioned . Optional. Read-only. |
numberOfCloudPcStatusProvisioned |
Int32 |
The number of cloud PCs that have a status of provisioned . Optional. Read-only. |
numberOfCloudPcStatusProvisioning |
Int32 |
The number of cloud PCs that have a status of provisioning . Optional. Read-only. |
numberOfCloudPcStatusUnknown |
Int32 |
The number of cloud PCs that have a status of unknown . Optional. Read-only. |
numberOfCloudPcStatusUpgrading |
Int32 |
The number of cloud PCs that have a status of upgrading . Optional. Read-only. |
tenantDisplayName |
String |
The display name for the managed tenant. Optional. Read-only. |
totalCloudPcConnectionStatus |
Int32 |
The total number of cloud PC connection statuses for the given managed tenant. Optional. Read-only. |
totalCloudPcStatus |
Int32 |
The total number of cloud PC statues for the given managed tenant. Optional. Read-only. |
Property |
Type |
Description |
id |
String |
The unique identifier for the role assignment. Key, not nullable, Read-only. Inherited from entity. |
roleDefinitionId |
String |
Identifier of the role definition the assignment is for. Read only. Supports $filter (eq , in ). |
principalId |
String |
Identifier of the principal to which the assignment is granted. Supports $filter (eq , in ). |
directoryScopeId |
String |
Identifier of the directory object representing the scope of the assignment. Either this property or appScopeId is required. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to limit the scope to an application only. Supports $filter (eq , in ). |
appScopeId |
String |
Identifier of the app-specific scope when the assignment scope is app-specific. Either this property or **d |
Property |
Type |
Description |
appScopeIds |
String collection |
Ids of the app specific scopes when the assignment scopes are app specific. The scopes of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. App scopes are scopes that are defined and understood by this application only. |
description |
String |
Description of the role assignment. |
directoryScopeIds |
String collection |
Ids of the directory objects representing the scopes of the assignment. The scopes of an assignment determine the set of resources for which the principals have been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. App scopes are scopes that are defined and understood by this application only. |
displayName |
String |
Name of the role assignment. Required. |
id |
String |
The unique identifier for the unifiedRoleAssignmentMultiple. Key, not nullable, Read-only. |
roleDefinitionId |
String |
Identifier of the unifiedRoleDefinition the assignment is for. |
principalIds |
String collection |
Identifiers of the principals to which the assignment is granted. Supports $filter (any operator only). |
Property |
Type |
Description |
description |
String |
The description for the unifiedRoleDefinition. Read-only when isBuiltIn is true . |
displayName |
String |
The display name for the unifiedRoleDefinition. Read-only when isBuiltIn is true . Required. Supports $filter (eq , in ). |
id |
String |
The unique identifier for the role definition. Key, not nullable, Read-only. Inherited from entity. Supports $filter (eq , in ). |
isBuiltIn |
Boolean |
Flag indicating whether the role definition is part of the default set included in Azure Active Directory (Azure AD) or a custom definition. Read-only. Supports $filter (eq , in ). |
isEnabled |
Boolean |
Flag indicating whether the role is enabled for assignment. If false the role is not available for assignment. Read-only when isBuiltIn is true. |
resourceScopes |
String collection |
List of the scopes or permissions the role definition applies to. Currently only / is supported. Read-only when isBuiltIn is true. DO NOT USE. This will be deprecated soon. Attach scope to role assignment. |
rolePermissions |
unifiedRolePermission collection |
List of permissions included in the role. Read-only when isBuiltIn is true . Required. |
templateId |
String |
Custom template identifier that can be set when isBuiltIn is false but is read-only when isBuiltIn is true . This identifier is typically used if one needs an identifier to be the same across different directories. |
version |
String |
Indicates version of the role definition. Read-only when **i |