RoleManagementAlert.ReadWrite.Directory
Allows the app to read and manage all role-based access control (RBAC) alerts for your company's directory, without a signed-in user. This includes managing alert settings, initiating alert scans, dismissing alerts, remediating alert incidents, and reading alert statuses, alert definitions, alert configurations and incidents that lead to an alert.
Permission Details
Read all alert data, configure alerts, and take actions on all alerts for your company's directory
Allows the app to read and manage all role-based access control (RBAC) alerts for your company's directory, without a signed-in user. This includes managing alert settings, initiating alert scans, dismissing alerts, remediating alert incidents, and reading alert statuses, alert definitions, alert configurations and incidents that lead to an alert.
11059518-d6a6-4851-98ed-509268489c4a
Read all alert data, configure alerts, and take actions on all alerts for your company's directory
Allows the app to read and manage the role-based access control (RBAC) alerts for your company's directory, on behalf of the signed-in user. This includes managing alert settings, initiating alert scans, dismissing alerts, remediating alert incidents, and reading alert statuses, alert definitions, alert configurations and incidents that lead to an alert.
435644c6-a5b1-40bf-8f52-fe8e5b53e19c
Properties
Properties is shown from beta metadata because a stable v1.0 schema is not available for this resource mapping.
| Property | Type | Description |
|---|---|---|
id |
String |
Unique identifier of an alert. Inherited from entity. |
alertConfigurations |
unifiedRoleManagementAlertConfiguration collection |
The various configurations of an alert for Microsoft Entra roles. The configurations are predefined and can't be created or deleted, but some of the configurations can be modified. |
alertDefinitions |
unifiedRoleManagementAlertDefinition collection |
Defines an alert, its impact, and measures to mitigate or prevent it. |
alerts |
unifiedRoleManagementAlert collection |
Represents the alert entity. |
operations |
longRunningOperation collection |
Represents operations on resources that take a long time to complete and can run in the background until completion. |
JSON Representation
JSON representation is shown from beta metadata because a stable v1.0 schema is not available for this resource mapping.
{
"@odata.type": "#microsoft.graph.roleManagementAlert",
"id": "String (identifier)"
}Relationships
Relationships is shown from beta metadata because a stable v1.0 schema is not available for this resource mapping.
| Relationship | Type | Description |
|---|---|---|
alertConfigurations |
unifiedRoleManagementAlertConfiguration collection |
The various configurations of an alert for Microsoft Entra roles. The configurations are predefined and can't be created or deleted, but some of the configurations can be modified. |
alertDefinitions |
unifiedRoleManagementAlertDefinition collection |
Defines an alert, its impact, and measures to mitigate or prevent it. |
alerts |
unifiedRoleManagementAlert collection |
Represents the alert entity. |
operations |
longRunningOperation collection |
Represents operations on resources that take a long time to complete and can run in the background until completion. |
Graph Methods
Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
No API methods available for this version.
Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
No deterministic PowerShell command map is available for this permission.
Browse PowerShell docsMicrosoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
Code Examples
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.IdentityGovernance.RoleManagementAlerts.Alerts.Refresh;
var requestBody = new RefreshPostRequestBody
{
ScopeId = "/",
ScopeType = "DirectoryRole",
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
await graphClient.IdentityGovernance.RoleManagementAlerts.Alerts.Refresh.PostAsync(requestBody);const options = {
authProvider,
};
const client = Client.init(options);
const refresh = {
scopeId: '/',
scopeType: 'DirectoryRole'
};
await client.api('/identityGovernance/roleManagementAlerts/alerts/refresh')
.version('beta')
.post(refresh);Import-Module Microsoft.Graph.Beta.Identity.Governance
Update-MgBetaIdentityGovernanceRoleManagementAlert -UnifiedRoleManagementAlertId $unifiedRoleManagementAlertId# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.identitygovernance.rolemanagementalerts.alerts.refresh.refresh_post_request_body import RefreshPostRequestBody
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = RefreshPostRequestBody(
scope_id = "/",
scope_type = "DirectoryRole",
)
await graph_client.identity_governance.role_management_alerts.alerts.refresh.post(request_body)App Registration
Navigate to Azure Portal
Go to App registrations in Microsoft Entra admin center
Add API Permission
Select your app → API permissions → Add a permission → Microsoft Graph
Select Permission Type
Choose Application permissions or delegated permissions and search for RoleManagementAlert.ReadWrite.Directory
Grant Admin Consent
Application permissions always require admin consent.