accessReview resource type (deprecated)
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Caution
This version of the access review API is deprecated and will stop returning data on May 19, 2023. Please use access reviews API.
Represents a Microsoft Entra access review.
Methods
| Method | Return Type | Description |
|---|---|---|
| List access reviews | accessReview collection | List accessReviews for a businessFlowTemplate. |
| Get access review | accessReview | Get an access review with a specific id. |
| Create access review | accessReview | Create a new accessReview. |
| Update access review | accessReview | Update an accessReview. |
| Delete access review | None. | Delete an accessReview. |
| List reviewers | userIdentity collection | Get the reviewers of an accessReview. |
| Add reviewer | None. | Add a reviewer to an accessReview. |
| Remove reviewer | None. | Remove a reviewer from an accessReview. |
| List decisions | accessReviewDecision collection | Get the decisions of an accessReview. |
| List my decisions | accessReviewDecision collection | As a reviewer, get my decisions of an accessReview. |
| Send reminder | None. | Send a reminder to the reviewers of an accessReview. |
| Stop | None. | Stop an accessReview. |
| Reset | None. | Reset the decisions in an in-progress accessReview. |
| Apply decisions | None. | Apply the decisions from a completed accessReview. |
Properties
| Property | Type | Description |
|---|---|---|
| id | String | The feature-assigned unique identifier of an access review. |
| displayName | String | The access review name. Required on create. |
| startDateTime | DateTimeOffset | The date and time when the review is scheduled to be start. This date can be in the future. Required on create. |
| endDateTime | DateTimeOffset | The DateTime when the review is scheduled to end. This must be at least one day later than the start date. Required on create. |
| status | String | This read-only field specifies the status of an accessReview. The typical states include Initializing, NotStarted, Starting,InProgress, Completing, Completed, AutoReviewing, and AutoReviewed. |
| description | String | The description provided by the access review creator, to show to the reviewers. |
| businessFlowTemplateId | String | The business flow template identifier. Required on create. This value is case sensitive. |
| reviewerType | String | The relationship type of reviewer to the target object, one of: self, delegated, entityOwners. Required on create. |
| createdBy | userIdentity | The user who created this review. |
| reviewedEntity | identity | The object for which the access review is reviewing the access rights assignments. This identity can be the group for the review of memberships of users in a group, or the app for a review of assignments of users to an application. Required on create. |
| settings | accessReviewSettings | The settings of an accessReview, see type definition below. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| reviewers | userIdentity collection | The collection of reviewers for an access review, if access review reviewerType is of type delegated. |
| decisions | accessReviewDecision collection | The collection of decisions for this access review. |
| myDecisions | accessReviewDecision collection | The collection of decisions for the caller, if the caller is a reviewer. |
| instances | accessReview collection | The collection of access reviews instances past, present, and future, if this object is a recurring access review. |
Whether these relationships are present on an object, depends upon whether the object is a one-time access review, the series of a recurring access review, or an instance of a recurring access review.
| Scenario | Has reviewers? | Has decisions and myDecisions? | Has instances? |
|---|---|---|---|
| One-time access review | Yes | Yes, once started | No |
| Recurring access review | Yes | No | Yes |
| Instance of a recurring access review | Yes | Yes, once started | No |
JSON representation
The following JSON representation shows the resource type.
{
"id": "string (identifier)",
"displayName": "string",
"startDateTime": "string (timestamp)",
"endDateTime": "string (timestamp)",
"status": "string",
"description": "string",
"businessFlowTemplateId": "string (identifier)",
"reviewerType": "string",
"createdBy": {"@odata.type": "microsoft.graph.userIdentity"},
"reviewedEntity": {"@odata.type": "microsoft.graph.identity"},
"settings": {"@odata.type": "microsoft.graph.accessReviewSettings"},
"reviewers": [{"@odata.type": "microsoft.graph.userIdentity"}]
}