ESC
Type to search...
Navigate Open ESC Close

RoleManagement.ReadWrite.Directory

Export JSON
Export CSV
Copy URL
Print
ApplicationDelegated Read/Write User Scope

Allows the app to read and manage the role-based access control (RBAC) settings for your company's directory, without a signed-in user. This includes instantiating directory roles and managing directory role membership, and reading directory role templates, directory roles and memberships.

Delegated Access App-Only Access

Permission Details

Application Permission

Read and write all directory RBAC settings

Allows the app to read and manage the role-based access control (RBAC) settings for your company's directory, without a signed-in user. This includes instantiating directory roles and managing directory role membership, and reading directory role templates, directory roles and memberships.

Permission ID: 9e3f62cf-ca93-4989-b6ce-bf83c28f9fe8
Delegated Permission Admin consent required

Read and write directory RBAC settings

Allows the app to read and manage the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes instantiating directory roles and managing directory role membership, and reading directory role templates, directory roles and memberships.

User sees: Allows the app to read and manage the role-based access control (RBAC) settings for your company's directory, on your behalf. This includes instantiating directory roles and managing directory role membership, and reading directory role templates, directory roles and memberships.
Permission ID: d01b97e9-cbc0-49fe-810a-750afd5527a3

Properties

Property Type Description
id string The unique identifier for an entity. Read-only.
isEnabled booleanNullable Flag indicating if the role is enabled for assignment. If false the role is not available for assignment. Read-only when isBuiltIn is true.
description stringNullable The description for the unifiedRoleDefinition. Read-only when isBuiltIn is true.
templateId stringNullable Custom template identifier that can be set when isBuiltIn is false. This identifier is typically used if one needs an identifier to be the same across different directories. Read-only when isBuiltIn is true.
version stringNullable Indicates the version of the unifiedRoleDefinition object. Read-only when isBuiltIn is true.
isPrivileged booleanNullable Flag indicating if the role is privileged. Microsoft Entra ID defines a role as privileged if it contains at least one sensitive resource action in the rolePermissions and allowedResourceActions objects. Applies only for actions in the microsoft.directory resource namespace. Read-only. Supports $filter (eq).
allowedPrincipalTypes object Types of principals that can be assigned the role. Read-only. The possible values are: user, servicePrincipal, group, unknownFutureValue. This is a multi-valued enumeration that can contain up to three values as a comma-separated string. For example, user, group. Supports $filter (eq).
inheritsPermissionsFrom microsoft.graph.unifiedRoleDefinition collection Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles support this attribute.
resourceScopes array List of scopes permissions granted by the role definition apply to. Currently only / is supported. Read-only when isBuiltIn is true. DO NOT USE. This will be deprecated soon. Attach scope to role assignment.
rolePermissions microsoft.graph.unifiedRolePermission collection List of permissions included in the role. Read-only when isBuiltIn is true. Required.
isBuiltIn booleanNullable Flag indicating if the unifiedRoleDefinition is part of the default set included with the product or custom. Read-only. Supports $filter (eq).
displayName stringNullable The display name for the unifiedRoleDefinition. Read-only when isBuiltIn is true. Required. Supports $filter (eq and startsWith).

Relationships

Relationship Type Description
directory rbacApplication Read-only. Nullable.
entitlementManagement rbacApplication Container for roles and assignments for entitlement management resources.

View all relationships on Microsoft Learn →

Graph Methods

Delegated access App-only access
Methods
GET /directory/administrativeUnits/{id}/scopedRoleMembers
GET /directory/administrativeUnits/{id}/scopedRoleMembers/{id}
GET /directoryRoles
GET /directoryRoles(roleTemplateId='{roleTemplateId}')
GET /directoryRoles(roleTemplateId='{roleTemplateId}')/members
GET /directoryRoles(roleTemplateId='{roleTemplateId}')/scopedMembers
GET /directoryRoles/{role-id}
GET /directoryRoles/{role-id}/members
GET /directoryroles/{role-id}/scopedMembers
GET /directoryRoles/delta
GET /directoryRoleTemplates
GET /directoryRoleTemplates/{id}
GET /policies/roleManagementPolicies?$filter=scopeId eq '/' and scopeType eq 'DirectoryRole'
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/rules
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/rules/{unifiedRoleManagementPolicyRuleId}
GET /policies/roleManagementPolicyAssignments?$filter=scopeId eq '/' and scopeType eq 'DirectoryRole'
GET /policies/roleManagementPolicyAssignments/{unifiedRoleManagementPolicyAssignmentId}
GET /roleManagement
GET /roleManagement/directory
GET /roleManagement/directory/resourceNamespaces
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/directory/roleAssignments
GET /roleManagement/directory/roleAssignments/{id}
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/directory/roleAssignmentScheduleInstances
GET /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstanceId}
GET /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on=parameterValue)
GET /roleManagement/directory/roleAssignmentScheduleRequests
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequestId}
GET /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='parameterValue')
GET /roleManagement/directory/roleAssignmentSchedules
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentScheduleId}
GET /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='parameterValue')
GET /roleManagement/directory/roleDefinitions
GET /roleManagement/directory/roleDefinitions/{id}
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/directory/roleEligibilityScheduleInstances
GET /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstanceId}
GET /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='parameterValue')
GET /roleManagement/directory/roleEligibilityScheduleRequests
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequestId}
GET /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='parameterValue')
GET /roleManagement/directory/roleEligibilitySchedules
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilityScheduleId}
GET /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='parameterValue')
GET /roleManagement/entitlementManagement
GET /roleManagement/entitlementManagement/resourceNamespaces
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/entitlementManagement/roleAssignments
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule
GET /roleManagement/entitlementManagement/roleAssignmentSchedules
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleDefinitions
GET /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule
GET /roleManagement/entitlementManagement/roleEligibilitySchedules
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition
POST /directory/administrativeUnits/{id}/scopedRoleMembers
POST /directoryRoles
POST /directoryRoles/{role-id}/members/$ref
POST /directoryRoles/roleTemplateId={roleTemplateId}/members/$ref
POST /roleManagement/directory/resourceNamespaces
POST /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/directory/roleAssignments
POST /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
POST /roleManagement/directory/roleAssignmentScheduleRequests
POST /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel
POST /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequestId}/cancel
POST /roleManagement/directory/roleAssignmentSchedules
POST /roleManagement/directory/roleDefinitions
POST /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
POST /roleManagement/directory/roleEligibilityScheduleRequests
POST /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel
POST /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequestId}/cancel
POST /roleManagement/directory/roleEligibilitySchedules
POST /roleManagement/entitlementManagement/resourceNamespaces
POST /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/entitlementManagement/roleAssignments
POST /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
POST /roleManagement/entitlementManagement/roleAssignmentScheduleRequests
POST /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel
POST /roleManagement/entitlementManagement/roleAssignmentSchedules
POST /roleManagement/entitlementManagement/roleDefinitions
POST /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
POST /roleManagement/entitlementManagement/roleEligibilityScheduleRequests
POST /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel
POST /roleManagement/entitlementManagement/roleEligibilitySchedules
PATCH /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}
PATCH /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/rules/{unifiedRoleManagementPolicyRuleId}
PATCH /roleManagement
PATCH /roleManagement/directory
PATCH /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
PATCH /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
PATCH /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
PATCH /roleManagement/directory/roleDefinitions/{id}
PATCH /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
PATCH /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
PATCH /roleManagement/entitlementManagement
PATCH /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
PATCH /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
PATCH /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
PATCH /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
PATCH /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
DELETE /directory/administrativeUnits/{id}/scopedRoleMembers/{id}
DELETE /directoryRoles(roleTemplateId='{roleTemplateId}')/members/{id}/$ref
DELETE /directoryRoles/{role-id}/members/{id}/$ref
DELETE /roleManagement/directory
DELETE /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/directory/roleAssignments/{id}
DELETE /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
DELETE /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
DELETE /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
DELETE /roleManagement/directory/roleDefinitions/{id}
DELETE /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
DELETE /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
DELETE /roleManagement/entitlementManagement
DELETE /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
DELETE /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
DELETE /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
DELETE /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
DELETE /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
Methods
GET /administrativeUnits/{id}/scopedRoleMembers
GET /administrativeUnits/{id}/scopedRoleMembers/{id}
GET /directoryRoles
GET /directoryRoles(roleTemplateId='{roleTemplateId}')
GET /directoryRoles(roleTemplateId='{roleTemplateId}')/members
GET /directoryRoles(roleTemplateId='{roleTemplateId}')/scopedMembers
GET /directoryRoles/{role-id}
GET /directoryRoles/{role-id}/members
GET /directoryroles/{role-id}/scopedMembers
GET /directoryRoles/delta
GET /directoryRoleTemplates
GET /directoryRoleTemplates/{id}
GET /policies/roleManagementPolicies?$filter=scopeId eq '/' and scopeType eq 'DirectoryRole'
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/effectiveRules
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/rules
GET /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/rules/{unifiedRoleManagementPolicyRuleId}
GET /policies/roleManagementPolicyAssignments?$filter=scopeId eq '/' and scopeType eq 'DirectoryRole'
GET /policies/roleManagementPolicyAssignments/{unifiedRoleManagementPolicyAssignmentId}
GET /roleManagement
GET /roleManagement/cloudPC
GET /roleManagement/cloudPC/resourceNamespaces
GET /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/cloudPC/roleAssignments
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/directoryScopes
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/directoryScopes/{directoryObject-id}
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/principals
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/principals/{directoryObject-id}
GET /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/roleDefinition
GET /roleManagement/cloudPC/roleDefinitions
GET /roleManagement/cloudPC/roleDefinitions/{id}
GET /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/defender
GET /roleManagement/defender/customAppScopes
GET /roleManagement/defender/customAppScopes/{customAppScope-id}
GET /roleManagement/defender/resourceNamespaces
GET /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/defender/roleAssignments
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/directoryScopes
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/directoryScopes/{directoryObject-id}
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/principals
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/principals/{directoryObject-id}
GET /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/roleDefinition
GET /roleManagement/defender/roleDefinitions
GET /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/deviceManagement
GET /roleManagement/deviceManagement/resourceNamespaces
GET /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/deviceManagement/roleAssignments
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/directoryScopes
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/directoryScopes/{directoryObject-id}
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/principals
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/principals/{directoryObject-id}
GET /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/roleDefinition
GET /roleManagement/deviceManagement/roleDefinitions
GET /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/directory
GET /roleManagement/directory/resourceNamespaces
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespaceId}
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespaceId}/resourceActions
GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespaceId}/resourceActions/{unifiedRbacResourceActionId}
GET /roleManagement/directory/roleAssignmentApprovals
GET /roleManagement/directory/roleAssignmentApprovals/{approval-id}
GET /roleManagement/directory/roleAssignmentApprovals/{approval-id}/steps
GET /roleManagement/directory/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
GET /roleManagement/directory/roleAssignments
GET /roleManagement/directory/roleAssignments/{id}
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/directory/roleAssignmentScheduleInstances
GET /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstancesId}
GET /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='principal')
GET /roleManagement/directory/roleAssignmentScheduleRequests
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule
GET /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequestsId}
GET /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='principal')
GET /roleManagement/directory/roleAssignmentSchedules
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition
GET /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedulesId}
GET /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='principal')
GET /roleManagement/directory/roleDefinitions
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/directory/roleDefinitions/{unifiedRoleDefinitionId}/assignedPrincipals(transitive=@transitive,directoryScopeType='@directoryScopeType',directoryScopeId='@directoryScopeId')
GET /roleManagement/directory/roleEligibilityScheduleInstances
GET /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstancesId}
GET /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='principal')
GET /roleManagement/directory/roleEligibilityScheduleRequests
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule
GET /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequestsId}
GET /roleManagement/directory/RoleEligibilityScheduleRequests/filterByCurrentUser(on='principal')
GET /roleManagement/directory/roleEligibilitySchedules
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition
GET /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedulesId}
GET /roleManagement/directory/transitiveRoleAssignments
GET /roleManagement/directory/transitiveRoleAssignments?$filter=principalId eq '{principalId}'
GET /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/enterpriseApps
GET /roleManagement/enterpriseApps/{rbacApplication-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces
GET /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}/steps
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal
GET /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition
GET /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments
GET /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/entitlementManagement
GET /roleManagement/entitlementManagement/resourceNamespaces
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/entitlementManagement/roleAssignmentApprovals
GET /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}
GET /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}/steps
GET /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
GET /roleManagement/entitlementManagement/roleAssignments
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule
GET /roleManagement/entitlementManagement/roleAssignmentSchedules
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal
GET /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleDefinitions
GET /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition
GET /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule
GET /roleManagement/entitlementManagement/roleEligibilitySchedules
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal
GET /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition
GET /roleManagement/entitlementManagement/transitiveRoleAssignments
GET /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/exchange
GET /roleManagement/exchange/customAppScopes
GET /roleManagement/exchange/customAppScopes/{customAppScope-id}
GET /roleManagement/exchange/resourceNamespaces
GET /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}
GET /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
GET /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
GET /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/authenticationContext
GET /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
GET /roleManagement/exchange/roleAssignments
GET /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET /roleManagement/exchange/roleDefinitions
GET /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}
GET /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
GET /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
GET /roleManagement/exchange/transitiveRoleAssignments
GET /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}
GET /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
GET /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}/directoryScope
GET /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}/principal
GET /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}/roleDefinition
GET roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='principal')
POST /administrativeUnits/{id}/scopedRoleMembers
POST /directoryRoles
POST /directoryRoles/{role-id}/members/$ref
POST /directoryRoles/roleTemplateId={roleTemplateId}/members/$ref
POST /roleManagement/cloudPC/resourceNamespaces
POST /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/cloudPC/roleAssignments
POST /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes
POST /roleManagement/cloudPC/roleDefinitions
POST /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/defender/resourceNamespaces
POST /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/defender/roleAssignments
POST /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes
POST /roleManagement/defender/roleDefinitions
POST /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/deviceManagement/resourceNamespaces
POST /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/deviceManagement/roleAssignments
POST /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes
POST /roleManagement/deviceManagement/roleDefinitions
POST /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/directory/resourceNamespaces
POST /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/directory/roleAssignmentApprovals
POST /roleManagement/directory/roleAssignmentApprovals/{approval-id}/steps
POST /roleManagement/directory/roleAssignments
POST /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
POST /roleManagement/directory/roleAssignmentScheduleRequests
POST /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel
POST /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequestsId}/cancel
POST /roleManagement/directory/roleAssignmentSchedules
POST /roleManagement/directory/roleDefinitions
POST /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
POST /roleManagement/directory/roleEligibilityScheduleRequests
POST /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel
POST /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequestsId}/cancel
POST /roleManagement/directory/roleEligibilitySchedules
POST /roleManagement/directory/transitiveRoleAssignments
POST /roleManagement/enterpriseApps
POST /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces
POST /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}/steps
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel
POST /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules
POST /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments
POST /roleManagement/entitlementManagement/resourceNamespaces
POST /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/entitlementManagement/roleAssignmentApprovals
POST /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}/steps
POST /roleManagement/entitlementManagement/roleAssignments
POST /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
POST /roleManagement/entitlementManagement/roleAssignmentScheduleRequests
POST /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel
POST /roleManagement/entitlementManagement/roleAssignmentSchedules
POST /roleManagement/entitlementManagement/roleDefinitions
POST /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
POST /roleManagement/entitlementManagement/roleEligibilityScheduleRequests
POST /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel
POST /roleManagement/entitlementManagement/roleEligibilitySchedules
POST /roleManagement/entitlementManagement/transitiveRoleAssignments
POST /roleManagement/exchange/customAppScopes
POST /roleManagement/exchange/resourceNamespaces
POST /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/importResourceActions
POST /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions
POST /roleManagement/exchange/roleAssignments
POST /roleManagement/exchange/roleDefinitions
POST /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom
POST /roleManagement/exchange/transitiveRoleAssignments
PATCH /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}
PATCH /policies/roleManagementPolicies/{unifiedRoleManagementPolicyId}/rules/{unifiedRoleManagementPolicyRuleId}
PATCH /roleManagement
PATCH /roleManagement/cloudPC
PATCH /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}
PATCH /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
PATCH /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/defender
PATCH /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}
PATCH /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
PATCH /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/deviceManagement
PATCH /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}
PATCH /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
PATCH /roleManagement/deviceManagement/roleDefinitions/{id}
PATCH /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/directory
PATCH /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/directory/roleAssignmentApprovals/{approval-id}
PATCH /roleManagement/directory/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
PATCH /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
PATCH /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
PATCH /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
PATCH /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
PATCH /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
PATCH /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/entitlementManagement
PATCH /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}
PATCH /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
PATCH /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
PATCH /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
PATCH /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
PATCH /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
PATCH /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
PATCH /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/exchange
PATCH /roleManagement/exchange/customAppScopes/{customAppScope-id}
PATCH /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}
PATCH /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
PATCH /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
PATCH /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}/appScope
PATCH /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}
PATCH /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
PATCH /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}
PATCH /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /administrativeUnits/{id}/scopedRoleMembers/{id}
DELETE /directoryRoles(roleTemplateId='{roleTemplateId}')/members/{id}/$ref
DELETE /directoryRoles/{role-id}/members/{id}/$ref
DELETE /roleManagement/cloudPC
DELETE /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/cloudPC/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}
DELETE /roleManagement/cloudPC/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
DELETE /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/cloudPC/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/defender
DELETE /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/defender/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}
DELETE /roleManagement/defender/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
DELETE /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/defender/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/deviceManagement
DELETE /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/deviceManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}
DELETE /roleManagement/deviceManagement/roleAssignments/{unifiedRoleAssignmentMultiple-id}/appScopes/{appScope-id}
DELETE /roleManagement/deviceManagement/roleDefinitions/{id}
DELETE /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/deviceManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/directory
DELETE /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/directory/roleAssignmentApprovals/{approval-id}
DELETE /roleManagement/directory/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
DELETE /roleManagement/directory/roleAssignments/{id}
DELETE /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
DELETE /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
DELETE /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
DELETE /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
DELETE /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
DELETE /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/directory/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/enterpriseApps/{rbacApplication-id}/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/entitlementManagement
DELETE /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}
DELETE /roleManagement/entitlementManagement/roleAssignmentApprovals/{approval-id}/steps/{approvalStep-id}
DELETE /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition
DELETE /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}
DELETE /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}
DELETE /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}
DELETE /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}
DELETE /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/entitlementManagement/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/exchange
DELETE /roleManagement/exchange/customAppScopes/{customAppScope-id}
DELETE /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}
DELETE /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}
DELETE /roleManagement/exchange/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id}/resourceScope
DELETE /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/exchange/roleAssignments/{unifiedRoleAssignment-id}/appScope
DELETE /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}
DELETE /roleManagement/exchange/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}
DELETE /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}
DELETE /roleManagement/exchange/transitiveRoleAssignments/{unifiedRoleAssignment-id}/appScope
Commands
Get-MgBetaPolicyRoleManagementPolicyAssignment
Get-MgDirectoryAdministrativeUnitScopedRoleMember
Get-MgDirectoryRole
Get-MgDirectoryRoleDelta
Get-MgDirectoryRoleMember
Get-MgDirectoryRoleScopedMember
Get-MgDirectoryRoleTemplate
Get-MgPolicyRoleManagementPolicy
Get-MgPolicyRoleManagementPolicyAssignment
Get-MgPolicyRoleManagementPolicyRule
Get-MgRoleManagementDirectoryRoleAssignment
Get-MgRoleManagementDirectoryRoleAssignmentSchedule
Get-MgRoleManagementDirectoryRoleAssignmentScheduleInstance
Get-MgRoleManagementDirectoryRoleAssignmentScheduleRequest
Get-MgRoleManagementDirectoryRoleDefinition
Get-MgRoleManagementDirectoryRoleEligibilitySchedule
Get-MgRoleManagementDirectoryRoleEligibilityScheduleInstance
Get-MgRoleManagementDirectoryRoleEligibilityScheduleRequest
Get-MgRoleManagementEntitlementManagementRoleAssignment
Get-MgRoleManagementEntitlementManagementRoleDefinition
Invoke-MgFilterRoleManagementDirectoryRoleAssignmentScheduleByCurrentUser
Invoke-MgFilterRoleManagementDirectoryRoleAssignmentScheduleInstanceByCurrentUser
Invoke-MgFilterRoleManagementDirectoryRoleAssignmentScheduleRequestByCurrentUser
Invoke-MgFilterRoleManagementDirectoryRoleEligibilityScheduleByCurrentUser
Invoke-MgFilterRoleManagementDirectoryRoleEligibilityScheduleInstanceByCurrentUser
Invoke-MgFilterRoleManagementDirectoryRoleEligibilityScheduleRequestByCurrentUser
New-MgDirectoryAdministrativeUnitScopedRoleMember
New-MgDirectoryRole
New-MgDirectoryRoleMemberByRef
New-MgRoleManagementDirectoryRoleAssignmentScheduleRequest
New-MgRoleManagementDirectoryRoleDefinition
New-MgRoleManagementDirectoryRoleEligibilityScheduleRequest
New-MgRoleManagementEntitlementManagementRoleAssignment
Remove-MgDirectoryAdministrativeUnitScopedRoleMember
Remove-MgDirectoryRoleMemberDirectoryObjectByRef
Remove-MgRoleManagementDirectoryRoleAssignment
Remove-MgRoleManagementDirectoryRoleDefinition
Stop-MgRoleManagementDirectoryRoleAssignmentScheduleRequest
Stop-MgRoleManagementDirectoryRoleEligibilityScheduleRequest
Update-MgPolicyRoleManagementPolicy
Update-MgPolicyRoleManagementPolicyRule
Update-MgRoleManagementDirectoryRoleDefinition
Commands
Get-MgBetaAdministrativeUnitScopedRoleMember
Get-MgBetaDirectoryRole
Get-MgBetaDirectoryRoleByRoleTemplateId
Get-MgBetaDirectoryRoleDelta
Get-MgBetaDirectoryRoleMember
Get-MgBetaDirectoryRoleScopedMember
Get-MgBetaDirectoryRoleTemplate
Get-MgBetaPolicyRoleManagementPolicy
Get-MgBetaPolicyRoleManagementPolicyAssignment
Get-MgBetaPolicyRoleManagementPolicyEffectiveRule
Get-MgBetaPolicyRoleManagementPolicyRule
Get-MgBetaRoleManagementDirectoryResourceNamespace
Get-MgBetaRoleManagementDirectoryResourceNamespaceResourceAction
Get-MgBetaRoleManagementDirectoryRoleAssignment
Get-MgBetaRoleManagementDirectoryRoleAssignmentSchedule
Get-MgBetaRoleManagementDirectoryRoleAssignmentScheduleInstance
Get-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest
Get-MgBetaRoleManagementDirectoryRoleDefinition
Get-MgBetaRoleManagementDirectoryRoleEligibilitySchedule
Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleInstance
Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest
Get-MgBetaRoleManagementDirectoryTransitiveRoleAssignment
Get-MgBetaRoleManagementExchangeRoleAssignment
Get-MgBetaRoleManagementExchangeRoleDefinition
Invoke-MgBetaAssignedRoleManagementCloudPcRoleDefinitionPrincipal
Invoke-MgBetaAssignedRoleManagementDeviceManagementRoleDefinitionPrincipal
Invoke-MgBetaAssignedRoleManagementDirectoryRoleDefinitionInheritPermissionFromPrincipal
Invoke-MgBetaAssignedRoleManagementDirectoryRoleDefinitionPrincipal
Invoke-MgBetaAssignedRoleManagementEnterpriseAppRoleDefinitionInheritPermissionFromPrincipal
Invoke-MgBetaAssignedRoleManagementEnterpriseAppRoleDefinitionPrincipal
Invoke-MgBetaAssignedRoleManagementEntitlementManagementRoleDefinitionInheritPermissionFromPrincipal
Invoke-MgBetaAssignedRoleManagementEntitlementManagementRoleDefinitionPrincipal
Invoke-MgBetaAssignedRoleManagementExchangeRoleDefinitionPrincipal
Invoke-MgBetaFilterRoleManagementDirectoryRoleAssignmentScheduleByCurrentUser
Invoke-MgBetaFilterRoleManagementDirectoryRoleAssignmentScheduleInstanceByCurrentUser
Invoke-MgBetaFilterRoleManagementDirectoryRoleAssignmentScheduleRequestByCurrentUser
Invoke-MgBetaFilterRoleManagementDirectoryRoleEligibilityScheduleByCurrentUser
Invoke-MgBetaFilterRoleManagementDirectoryRoleEligibilityScheduleInstanceByCurrentUser
Invoke-MgBetaFilterRoleManagementDirectoryRoleEligibilityScheduleRequestByCurrentUser
New-MgBetaAdministrativeUnitScopedRoleMember
New-MgBetaDirectoryRole
New-MgBetaDirectoryRoleMemberByRef
New-MgBetaRoleManagementCloudPcRoleDefinition
New-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest
New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest
New-MgBetaRoleManagementExchangeRoleAssignment
Remove-MgBetaAdministrativeUnitScopedRoleMember
Remove-MgBetaDirectoryRoleMemberDirectoryObjectByRef
Remove-MgBetaRoleManagementCloudPcRoleDefinition
Remove-MgBetaRoleManagementExchangeRoleAssignment
Stop-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest
Stop-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest
Update-MgBetaPolicyRoleManagementPolicy
Update-MgBetaPolicyRoleManagementPolicyRule
Update-MgBetaRoleManagementCloudPcRoleDefinition

Code Examples

C# / .NET SDK 
// Install: dotnet add package Microsoft.Graph
// Install: dotnet add package Azure.Identity
using Microsoft.Graph;
using Azure.Identity;

// Delegated permissions - interactive user sign-in
var scopes = new[] { "RoleManagement.ReadWrite.Directory" };
var options = new InteractiveBrowserCredentialOptions
{
    ClientId = "YOUR_CLIENT_ID",
    TenantId = "YOUR_TENANT_ID",
    RedirectUri = new Uri("http://localhost")
};
var credential = new InteractiveBrowserCredential(options);
var graphClient = new GraphServiceClient(credential, scopes);

// Example: GET /me
var result = await graphClient.Me.GetAsync();
Console.WriteLine($"User: {result?.DisplayName}");

// Application permissions - daemon/service app
var tenantId = "YOUR_TENANT_ID";
var clientId = "YOUR_CLIENT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";

var credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var graphClient = new GraphServiceClient(credential);

// Example: GET /users/{user-id}
var users = await graphClient.Users.GetAsync();
foreach (var user in users?.Value ?? [])
{
    Console.WriteLine($"User: {user.DisplayName}");
}
JavaScript / TypeScript 
// npm install @azure/msal-browser @microsoft/microsoft-graph-client
import { PublicClientApplication } from "@azure/msal-browser";
import { Client } from "@microsoft/microsoft-graph-client";
import { AuthCodeMSALBrowserAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/authCodeMsalBrowser";

const msalConfig = {
    auth: {
        clientId: "YOUR_CLIENT_ID",
        authority: "https://login.microsoftonline.com/YOUR_TENANT_ID"
    }
};

const pca = new PublicClientApplication(msalConfig);
await pca.initialize();

// Delegated: Login with required scope
const loginResponse = await pca.loginPopup({
    scopes: ["RoleManagement.ReadWrite.Directory"]
});

const authProvider = new AuthCodeMSALBrowserAuthenticationProvider(pca, {
    account: loginResponse.account,
    scopes: ["RoleManagement.ReadWrite.Directory"],
    interactionType: "popup"
});

const graphClient = Client.initWithMiddleware({ authProvider });

// Example: GET /me
const result = await graphClient.api("/me").get();
console.log(result);

// Application: Use client credentials (Node.js backend only)
// npm install @azure/identity @microsoft/microsoft-graph-client
import { ClientSecretCredential } from "@azure/identity";
import { TokenCredentialAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/azureTokenCredentials";

const credential = new ClientSecretCredential(
    "YOUR_TENANT_ID",
    "YOUR_CLIENT_ID", 
    "YOUR_CLIENT_SECRET"
);

const authProvider = new TokenCredentialAuthenticationProvider(credential, {
    scopes: ["https://graph.microsoft.com/.default"]
});

const graphClient = Client.initWithMiddleware({ authProvider });
const result = await graphClient.api("/users").get();
console.log(result);
PowerShell 
# Install Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Scope CurrentUser

# Delegated access - interactive sign-in
Connect-MgGraph -Scopes "RoleManagement.ReadWrite.Directory"

# Verify connection
Get-MgContext | Select-Object Account, TenantId, Scopes

# Example: GET /me
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/me"
$result | ConvertTo-Json -Depth 5

# Application access with certificate
$params = @{
    ClientId = "YOUR_CLIENT_ID"
    TenantId = "YOUR_TENANT_ID"
    CertificateThumbprint = "YOUR_CERT_THUMBPRINT"
}
Connect-MgGraph @params

# Or with client secret (not recommended for production)
# Connect-MgGraph -ClientSecretCredential $credential

# Example: GET /users
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/users"
$result | ConvertTo-Json -Depth 5

# Always disconnect when done
Disconnect-MgGraph
Python 
# pip install msgraph-sdk azure-identity
from azure.identity import InteractiveBrowserCredential, ClientSecretCredential
from msgraph import GraphServiceClient
import asyncio

# Delegated permissions - interactive browser sign-in
credential = InteractiveBrowserCredential(
    client_id="YOUR_CLIENT_ID",
    tenant_id="YOUR_TENANT_ID"
)
scopes = ["RoleManagement.ReadWrite.Directory"]
client = GraphServiceClient(credential, scopes)

async def get_data():
    # Example: GET /me
    result = await client.me.get()
    print(f"User: {result.display_name}")
    return result

asyncio.run(get_data())

# Application permissions - client credentials
credential = ClientSecretCredential(
    tenant_id="YOUR_TENANT_ID",
    client_id="YOUR_CLIENT_ID",
    client_secret="YOUR_CLIENT_SECRET"
)
scopes = ["https://graph.microsoft.com/.default"]
client = GraphServiceClient(credential, scopes)

async def get_users():
    # Example: GET /users
    result = await client.users.get()
    for user in result.value:
        print(f"User: {user.display_name}")
    return result

asyncio.run(get_users())

App Registration

1

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

2

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

3

Select Permission Type

Choose Application permissions or Delegated permissions and search for RoleManagement.ReadWrite.Directory

4

Grant Admin Consent

Application permissions always require admin consent. Click "Grant admin consent" in the Azure portal.