| title | List accessPackageAssignments |
|---|---|
| description | Retrieve a list of accesspackageassignment objects. |
| author | markwahl-msft |
| ms.localizationpriority | medium |
| ms.subservice | entra-id-governance |
| doc_type | apiPageType |
| ms.date | 04/04/2024 |
Namespace: microsoft.graph
In Microsoft Entra entitlement management, retrieve a list of accessPackageAssignment objects.
For directory-wide administrators, the resulting list includes all the assignments, current and well as expired, that the caller has access to read, across all catalogs and access packages. If the caller is on behalf of a delegated user who is assigned only to catalog-specific delegated administrative roles, the request must supply a filter to indicate a specific access package, such as: $filter=accessPackage/id eq 'a914b616-e04e-476b-aa37-91038f0b165b'.
[!INCLUDE national-cloud-support]
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
[!INCLUDE permissions-table]
[!INCLUDE rbac-entitlement-catalog-reader]
GET /identityGovernance/entitlementManagement/assignmentsThis method supports the $select, $filter, and $expand OData query parameters to help customize the response.
If the user or app is assigned only to catalog-specific administrative roles, the request must supply a filter to indicate a specific access package, such as: $filter=accessPackage/id eq 'a914b616-e04e-476b-aa37-91038f0b165b'.
- To return the target subject and access package, include
$expand=target,accessPackage. - To retrieve only delivered assignments, you can include a query
$filter=state eq 'Delivered'. - To retrieve only assignments for a particular user, you can include a query with assignments targeting the object ID of that user:
$expand=target&$filter=target/objectid+eq+'7deff43e-1f17-44ef-9e5f-d516b0ba11d4'. - To retrieve only assignments for a particular user and a particular access package, you can include a query with assignments targeting that access package and the object ID of that user:
$expand=accessPackage,target&$filter=accessPackage/id eq '9bbe5f7d-f1e7-4eb1-a586-38cdf6f8b1ea' and target/objectid eq '7deff43e-1f17-44ef-9e5f-d516b0ba11d4'.
For general information, see OData query parameters.
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this method returns a 200 OK response code and a collection of accessPackageAssignment objects in the response body.
GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/assignments[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-Type: application/json
{
"value": [
{
"id": "2a353749-3749-2a35-4937-352a4937352a",
"state": "delivered",
"status": "Delivered",
"expiredDateTime": "2019-04-25T23:45:40.42Z",
"schedule": {
"@odata.type": "microsoft.graph.entitlementManagementSchedule"
}
}
]
}