Role eligibility schedules (MS Graph API)

The MS Graph API connector lets you read and manage role eligibility schedules.

Create a role eligibility schedule request

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--header "Content-Type: application/json" \
--request POST \
--data '{
  "action": "adminAssign",
  "justification": "Justification is required",
  "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
  "directoryScopeId": "/",
  "principalId": "2588c7f0-776e-407e-a1dc-f3a77a28e4fe",
  "scheduleInfo": {
    "startDateTime": "2022-04-10T00:00:00Z",
    "expiration": {
      "type": "noExpiration"
    }
  }
}' \
"http://localhost:8080/openidm/system/azuread/roleEligibilityScheduleRequest"
{
  "_id": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
  "isValidationOnly": false,
  "targetScheduleId": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
  "createdDateTime": "2023-02-15T23:59:45.143Z",
  "__NAME__": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
  "directoryScopeId": "/",
  "principalId": "2588c7f0-776e-407e-a1dc-f3a77a28e4fe",
  "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
  "action": "adminAssign",
  "ticketInfo": {},
  "completedDateTime": "2023-02-15T23:59:45.167Z",
  "justification": "Justification is required",
  "status": "Provisioned",
  "scheduleInfo": {
    "startDateTime": "2023-02-15T23:59:45.168101400Z",
    "expiration": {
      "type": "noExpiration"
    }
  },
  "createdBy": {
    "user": {
      "id": "f516bdc4-0171-42ba-823a-4cbdff160d0f"
    }
  }
}

Read a role eligibility schedule request

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://localhost:8080/openidm/system/azuread/roleEligibilityScheduleRequest/0d8a7bbe-e4ab-4798-8539-728c410ac7b7"
{
  "_id": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
  "isValidationOnly": false,
  "targetScheduleId": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
  "createdDateTime": "2023-02-15T23:59:45.143Z",
  "__NAME__": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
  "directoryScopeId": "/",
  "principalId": "2588c7f0-776e-407e-a1dc-f3a77a28e4fe",
  "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
  "action": "adminAssign",
  "ticketInfo": {},
  "completedDateTime": "2023-02-15T23:59:45.167Z",
  "justification": "Justification is required",
  "status": "Provisioned",
  "scheduleInfo": {
    "startDateTime": "2023-02-15T23:59:45.168101400Z",
    "expiration": {
      "type": "noExpiration"
    }
  },
  "createdBy": {
    "user": {
      "id": "f516bdc4-0171-42ba-823a-4cbdff160d0f"
    }
  }
}

Get role eligibility schedules for a user

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://localhost:8080/openidm/system/azuread/roleEligibilitySchedule?_queryFilter=principalId%20eq%20'2588c7f0-776e-407e-a1dc-f3a77a28e4fe'"
{
  "result": [
    {
      "_id": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
      "modifiedDateTime": "0001-01-01T08:00Z",
      "createdDateTime": "2023-02-15T23:59:45.450Z",
      "principalId": "2588c7f0-776e-407e-a1dc-f3a77a28e4fe",
      "scheduleInfo": {
        "startDateTime": "2023-02-15T23:59:45.450Z",
        "expiration": {
          "type": "noExpiration"
        }
      },
      "createdUsing": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
      "status": "Provisioned",
      "directoryScopeId": "/",
      "__NAME__": "0d8a7bbe-e4ab-4798-8539-728c410ac7b7",
      "roleDefinitionId": "fdd7a751-b60b-444a-984c-02652fe8fa1c",
      "memberType": "Direct"
    }
  ],
  ...
}

Get role eligibility schedule instance

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://localhost:8080/openidm/system/azuread/roleEligibilityScheduleInstance?_queryFilter=principalId+eq+'2588c7f0-776e-407e-a1dc-f3a77a28e4fe'"
{
  "result": [
    {
      "_id": "UX6spHTVBkG5_Zv86oJthH0ZIKwfxAZIp1uoOmyPt1I-1-e",
      "roleDefinitionId": "a4ac7e51-d574-4106-b9fd-9bfcea826d84",
      "directoryScopeId": "/",
      "roleEligibilityScheduleId": "1248840c-f57d-4168-9e2c-1e0d0e9a46f4",
      "__NAME__": "UX6spHTVBkG5_Zv86oJthH0ZIKwfxAZIp1uoOmyPt1I-1-e",
      "principalId": "2588c7f0-776e-407e-a1dc-f3a77a28e4fe",
      "startDateTime": "2023-02-03T21:29:03.217Z",
      "memberType": "Direct"
    }
  ],
  ...
}