Role assignment schedules (MS Graph API)

The MS Graph API connector lets you read and manage role assignment schedules.

Create a role assignment schedule request

Request

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--header "Content-Type: application/json" \
--request POST \
--data '{
  "action": "adminAssign",
  "justification": "Justification is required",
  "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
  "directoryScopeId": "/",
  "principalId": "a4375665-cba5-4208-a4f2-12a0d2fc0e85",
  "scheduleInfo": {
    "startDateTime": "2022-04-10T00:00:00Z",
    "expiration": {
      "type": "noExpiration"
    }
  }
}' \
"http://localhost:8080/openidm/system/azuread/roleAssignmentScheduleRequest"

Response

{
  "_id": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
  "scheduleInfo": {
    "startDateTime": "2023-02-16T22:21:04.079921Z",
    "expiration": {
      "type": "noExpiration"
    }
  },
  "isValidationOnly": false,
  "createdBy": {
    "user": {
      "id": "f516bdc4-0171-42ba-823a-4cbdff160d0f"
    }
  },
  "ticketInfo": {},
  "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
  "principalId": "f96413e8-1366-426e-ab24-4d9380f11e2e",
  "__NAME__": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
  "completedDateTime": "2023-02-16T22:21:04.080Z",
  "targetScheduleId": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
  "action": "adminAssign",
  "directoryScopeId": "/",
  "status": "Provisioned",
  "createdDateTime": "2023-02-16T22:21:04.070Z",
  "justification": "Justification is required"
}

Read a role assignment schedule request

Request

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://localhost:8080/openidm/system/azuread/roleAssignmentScheduleRequest/4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0"

Response

{
  "_id": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
  "scheduleInfo": {
    "startDateTime": "2023-02-16T22:21:04.079921Z",
    "expiration": {
      "type": "noExpiration"
    }
  },
  "isValidationOnly": false,
  "createdBy": {
    "user": {
      "id": "f516bdc4-0171-42ba-823a-4cbdff160d0f"
    }
  },
  "ticketInfo": {},
  "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
  "principalId": "f96413e8-1366-426e-ab24-4d9380f11e2e",
  "__NAME__": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
  "completedDateTime": "2023-02-16T22:21:04.080Z",
  "targetScheduleId": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
  "action": "adminAssign",
  "directoryScopeId": "/",
  "status": "Provisioned",
  "createdDateTime": "2023-02-16T22:21:04.070Z",
  "justification": "Justification is required"
}

Get role assignment schedules for a user

Request

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://localhost:8080/openidm/system/azuread/roleAssignmentSchedule?_queryFilter=principalId%20eq%20’f96413e8-1366-426e-ab24-4d9380f11e2e'"

Response

{
  "result": [
    {
      "_id": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
      "__NAME__": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
      "status": "Provisioned",
      "memberType": "Direct",
      "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
      "principalId": "f96413e8-1366-426e-ab24-4d9380f11e2e",
      "createdDateTime": "2023-02-16T22:21:07.727Z",
      "assignmentType": "Assigned",
      "directoryScopeId": "/",
      "createdUsing": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
      "scheduleInfo": {
        "startDateTime": "2023-02-16T22:21:07.727Z",
        "expiration": {
          "type": "noExpiration"
        }
      }
    }
  ],
  ...
}

Get role assignment schedule instance

Request

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://localhost:8080/openidm/system/azuread/roleAssignmentScheduleInstance?_queryFilter=principalId+eq+'f96413e8-1366-426e-ab24-4d9380f11e2e'"

Response

{
  "result": [
    {
      "_id": "UafX_Qu2SkSYTAJlL-j6HOgTZPlmE25CqyRNk4DxHi4-1",
      "assignmentType": "Assigned",
      "memberType": "Direct",
      "principalId": "f96413e8-1366-426e-ab24-4d9380f11e2e",
      "startDateTime": "2023-02-16T22:21:07.727Z",
      "__NAME__": "UafX_Qu2SkSYTAJlL-j6HOgTZPlmE25CqyRNk4DxHi4-1",
      "roleAssignmentScheduleId": "4b49df1e-4b59-4a93-a7c7-ad3b13ad98b0",
      "directoryScopeId": "/",
      "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
      "roleAssignmentOriginId": "UafX_Qu2SkSYTAJlL-j6HOgTZPlmE25CqyRNk4DxHi4-1"
    }
  ],
  ...
}

ICF 1.5.20.21

Role assignment schedules (MS Graph API)

Create a role assignment schedule request

Read a role assignment schedule request

Get role assignment schedules for a user

Get role assignment schedule instance