DelegatedAdminRelationship.ReadWrite.All
Allows the app to manage (create-update-terminate) Delegated Admin relationships with customers as well as role assignments to security groups for active Delegated Admin relationships on behalf of the signed-in user.
Graph Methods
Type: A = Application Permission, D = Delegate Permission
Delegate Permission
|
|
| Id |
885f682f-a990-4bad-a642-36736a74b0c7 |
| Consent Type |
Admin |
| Display String |
Manage Delegated Admin relationships with customers |
| Description |
Allows the app to manage (create-update-terminate) Delegated Admin relationships with customers as well as role assignments to security groups for active Delegated Admin relationships on behalf of the signed-in user. |
Application Permission
|
|
| Id |
cc13eba4-8cd8-44c6-b4d4-f93237adce58 |
| Display String |
Manage Delegated Admin relationships with customers |
| Description |
Allows the app to manage (create-update-terminate) Delegated Admin relationships with customers and role assignments to security groups for active Delegated Admin relationships without a signed-in user. |
Resources
| Property |
Type |
Description |
| accessContainer |
delegatedAdminAccessContainer |
The access container through which members are assigned access. For example, a security group. |
| accessDetails |
delegatedAdminAccessDetails |
The access details containing the identifiers of the administrative roles that the partner is assigned in the customer tenant. |
| createdDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and in UTC time when the access assignment was created. Read-only. |
| id |
String |
The unique identifier of the access assignment. Read-only. Inherited from entity. |
| lastModifiedDateTime |
DateTimeOffset |
The date and time in ISO 8601 and in UTC time when this access assignment was last modified. Read-only. |
| status |
delegatedAdminAccessAssignmentStatus |
The status of the access assignment. Read-only. The possible values are: pending, active, deleting, deleted, error, unknownFutureValue. |
| Property |
Type |
Description |
| accessContainerId |
String |
The identifier of the access container (for example, a security group). For "securityGroup" access containers, this must be a valid ID of an Azure AD security group in the Microsoft partner's tenant. |
| accessContainerType |
delegatedAdminAccessContainerType |
The type of access container (for example, security group) that will be assigned one or more roles through a delegated admin relationship. The possible values are: securityGroup, unknownFutureValue. |
| Property |
Type |
Description |
| unifiedRoles |
unifiedRole collection |
The directory roles that the Microsoft partner is assigned in the customer tenant. |
| Property |
Type |
Description |
| displayName |
String |
The Azure AD display name of the customer tenant. Read-only. Supports $orderBy. |
| id |
String |
The Azure AD-assigned unique identifier of the customer. Read-only. Inherited from entity. |
| tenantId |
String |
The Azure AD-assigned tenant ID of the customer. Read-only. |
| Property |
Type |
Description |
| accessDetails |
delegatedAdminAccessDetails |
The access details containing the identifiers of the administrative roles that the partner admin is requesting in the customer tenant. |
| activatedDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and in UTC time when the relationship became active. Read-only. |
| createdDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and in UTC time when the relationship was created. Read-only. |
| customer |
delegatedAdminRelationshipCustomerParticipant |
The display name and unique identifier of the customer of the relationship. This is configured either by the partner at the time the relationship is created or by the system after the customer approves the relationship. Cannot be changed by the customer. |
| displayName |
String |
The display name of the relationship used for ease of identification. Must be unique across all delegated admin relationships of the partner. This is set by the partner only when the relationship is in the created status and cannot be changed by the customer. |
| duration |
Duration |
The duration of the relationship in ISO 8601 format. Must be a value between P1D and P2Y inclusive. This is set by the partner only when the relationship is in the created status and cannot be changed by the customer. |
| endDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and in UTC time when the status of relationship changes to either terminated or expired. Calculated as endDateTime = activatedDateTime + duration. Read-only. |
| id |
String |
The unique identifier of the relationship. Read-only. Inherited from entity. |
| lastModifiedDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and in UTC time when the relationship was last modified. Read-only. |
| status |
delegatedAdminRelationshipStatus |
The status of the relationship. Read Only. The possible values are: activating, active, approvalPending, approved, created, expired, expiring, terminated, terminating, terminationRequested, unknownFutureValue. Supports $orderBy. |
| Property |
Type |
Description |
| displayName |
String |
The display name of the customer tenant as set by Azure AD. Read only |
| tenantId |
String |
The Azure AD-assigned tenant ID of the customer tenant. |
| Property |
Type |
Description |
| createdDateTime |
DateTimeOffset |
The time in ISO 8601 format and in UTC time when the long-running operation was created. Read-only. |
| data |
String |
The data (payload) for the operation. Read-only. |
| id |
String |
The unique identifier of the delegated admin long-running operation. Read-only. Inherited from entity. |
| lastModifiedDateTime |
DateTimeOffset |
The time in ISO 8601 format and in UTC time when the long-running operation was last modified. Read-only. |
| operationType |
delegatedAdminRelationshipOperationType |
The type of long-running operation. The possible values are: delegatedAdminAccessAssignmentUpdate, unknownFutureValue. Read-only. |
| status |
longRunningOperationStatus |
The status of the operation. Read-only. The possible values are: notStarted, running, succeeded, failed, unknownFutureValue. Read-only. Supports $orderBy. |
| Property |
Type |
Description |
| action |
delegatedAdminRelationshipRequestAction |
The action to be performed on the delegated admin relationship. |
| createdDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and in UTC time when the relationship request was created. Read-only. |
| id |
String |
The unique identifier of the relationship request. Read-only. Inherited from entity. |
| lastModifiedDateTime |
DateTimeOffset |
The date and time in ISO 8601 format and UTC time when this relationship request was last modified. Read-only. |
| status |
delegatedAdminRelationshipRequestStatus |
The status of the request. Read-only. The possible values are: created, pending, succeeded, failed, unknownFutureValue. |