Créer connectedOrganization

Article
11/22/2024

Espace de noms: microsoft.graph

Cette API est disponible dans les déploiements de cloud national suivants.

Service global	Gouvernement des États-Unis L4	Us Government L5 (DOD)	Chine gérée par 21Vianet
✅	✅	✅	✅

Autorisations

Choisissez l’autorisation ou les autorisations marquées comme moins privilégiées pour cette API. Utilisez une autorisation ou des autorisations privilégiées plus élevées uniquement si votre application en a besoin. Pour plus d’informations sur les autorisations déléguées et d’application, consultez Types d’autorisations. Pour en savoir plus sur ces autorisations, consultez les informations de référence sur les autorisations.

Type d’autorisation	Autorisations avec privilèges minimum	Autorisations privilégiées plus élevées
Déléguée (compte professionnel ou scolaire)	EntitlementManagement.ReadWrite.All	Non disponible.
Déléguée (compte Microsoft personnel)	Non prise en charge.	Non prise en charge.
Application	EntitlementManagement.ReadWrite.All	Non disponible.

Conseil

Dans les scénarios délégués avec des comptes professionnels ou scolaires, l’utilisateur connecté doit également se voir attribuer un rôle d’administrateur avec des autorisations de rôle prises en charge via l’option suivante :

Un rôle Microsoft Entra où le rôle le moins privilégié est Administrateur de gouvernance des identités. Il s’agit de l’option la moins privilégiée.

Dans les scénarios d’application uniquement, l’application appelante peut se voir attribuer l’un des rôles pris en charge précédents au lieu de l’autorisation d’application EntitlementManagement.ReadWrite.All . Le rôle Administrateur de gouvernance des identités est moins privilégié que l’autorisation de l’application EntitlementManagement.ReadWrite.All .

Pour plus d’informations, consultez Délégation et rôles dans la gestion des droits d’utilisation et comment déléguer la gouvernance des accès aux gestionnaires de package d’accès dans la gestion des droits d’utilisation.

Requête HTTP

POST /identityGovernance/entitlementManagement/connectedOrganizations

En-têtes de demande

Nom	Description
Autorisation	Porteur {token}. Obligatoire. En savoir plus sur l’authentification et l’autorisation.
Content-Type	application/json. Obligatoire.

Corps de la demande

Dans le corps de la demande, fournissez une représentation JSON de l’objet connectedOrganization .

Vous pouvez spécifier les propriétés suivantes lors de la création d’une instance connectedOrganization.

Propriété	Type	Description
displayName	String	Nom du organization connecté.
description	String	Description du organization connecté.
identitySources	collection identitySource	Collection avec un élément, la source d’identité initiale dans ce organization connecté.
state	connectedOrganizationState	L’état d’un organization connecté définit si les stratégies d’affectation avec le type `AllConfiguredConnectedOrganizationSubjects` d’étendue du demandeur sont applicables ou non. Les valeurs possibles sont les suivantes : `configured`, `proposed`.

Réponse

Si elle réussit, cette méthode renvoie un 201 Created code de réponse et un nouvel objet connectedOrganization dans le corps de la réponse.

Exemples

Exemple 1 : Créer un organization connecté

Demande

POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/connectedOrganizations/
Content-Type: application/json

{
  "displayName":"Connected organization name",
  "description":"Connected organization description",
  "identitySources": [
    {
      "@odata.type": "#microsoft.graph.domainIdentitySource",
      "domainName": "example.com",
      "displayName": "example.com"
      }
  ],
  "state":"proposed"
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Models;

var requestBody = new ConnectedOrganization
{
	DisplayName = "Connected organization name",
	Description = "Connected organization description",
	IdentitySources = new List<IdentitySource>
	{
		new DomainIdentitySource
		{
			OdataType = "#microsoft.graph.domainIdentitySource",
			DomainName = "example.com",
			DisplayName = "example.com",
		},
	},
	State = ConnectedOrganizationState.Proposed,
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.ConnectedOrganizations.PostAsync(requestBody);



mgc identity-governance entitlement-management connected-organizations create --body '{\
  "displayName":"Connected organization name",\
  "description":"Connected organization description",\
  "identitySources": [\
    {\
      "@odata.type": "#microsoft.graph.domainIdentitySource",\
      "domainName": "example.com",\
      "displayName": "example.com"\
      }\
  ],\
  "state":"proposed"\
}\
'



// Code snippets are only available for the latest major version. Current major version is $v1.*

// Dependencies
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
	  //other-imports
)

requestBody := graphmodels.NewConnectedOrganization()
displayName := "Connected organization name"
requestBody.SetDisplayName(&displayName) 
description := "Connected organization description"
requestBody.SetDescription(&description) 


identitySource := graphmodels.NewDomainIdentitySource()
domainName := "example.com"
identitySource.SetDomainName(&domainName) 
displayName := "example.com"
identitySource.SetDisplayName(&displayName) 

identitySources := []graphmodels.IdentitySourceable {
	identitySource,
}
requestBody.SetIdentitySources(identitySources)
state := graphmodels.PROPOSED_CONNECTEDORGANIZATIONSTATE 
requestBody.SetState(&state) 

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
connectedOrganizations, err := graphClient.IdentityGovernance().EntitlementManagement().ConnectedOrganizations().Post(context.Background(), requestBody, nil)


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

ConnectedOrganization connectedOrganization = new ConnectedOrganization();
connectedOrganization.setDisplayName("Connected organization name");
connectedOrganization.setDescription("Connected organization description");
LinkedList<IdentitySource> identitySources = new LinkedList<IdentitySource>();
DomainIdentitySource identitySource = new DomainIdentitySource();
identitySource.setOdataType("#microsoft.graph.domainIdentitySource");
identitySource.setDomainName("example.com");
identitySource.setDisplayName("example.com");
identitySources.add(identitySource);
connectedOrganization.setIdentitySources(identitySources);
connectedOrganization.setState(ConnectedOrganizationState.Proposed);
ConnectedOrganization result = graphClient.identityGovernance().entitlementManagement().connectedOrganizations().post(connectedOrganization);


const options = {
	authProvider,
};

const client = Client.init(options);

const connectedOrganization = {
  displayName: 'Connected organization name',
  description: 'Connected organization description',
  identitySources: [
    {
      '@odata.type': '#microsoft.graph.domainIdentitySource',
      domainName: 'example.com',
      displayName: 'example.com'
      }
  ],
  state: 'proposed'
};

await client.api('/identityGovernance/entitlementManagement/connectedOrganizations/')
	.post(connectedOrganization);


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\ConnectedOrganization;
use Microsoft\Graph\Generated\Models\IdentitySource;
use Microsoft\Graph\Generated\Models\DomainIdentitySource;
use Microsoft\Graph\Generated\Models\ConnectedOrganizationState;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new ConnectedOrganization();
$requestBody->setDisplayName('Connected organization name');
$requestBody->setDescription('Connected organization description');
$identitySourcesIdentitySource1 = new DomainIdentitySource();
$identitySourcesIdentitySource1->setOdataType('#microsoft.graph.domainIdentitySource');
$identitySourcesIdentitySource1->setDomainName('example.com');
$identitySourcesIdentitySource1->setDisplayName('example.com');
$identitySourcesArray []= $identitySourcesIdentitySource1;
$requestBody->setIdentitySources($identitySourcesArray);

$requestBody->setState(new ConnectedOrganizationState('proposed'));

$result = $graphServiceClient->identityGovernance()->entitlementManagement()->connectedOrganizations()->post($requestBody)->wait();


Import-Module Microsoft.Graph.Identity.Governance

$params = @{
	displayName = "Connected organization name"
	description = "Connected organization description"
	identitySources = @(
		@{
			"@odata.type" = "#microsoft.graph.domainIdentitySource"
			domainName = "example.com"
			displayName = "example.com"
		}
	)
	state = "proposed"
}

New-MgEntitlementManagementConnectedOrganization -BodyParameter $params


# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.connected_organization import ConnectedOrganization
from msgraph.generated.models.identity_source import IdentitySource
from msgraph.generated.models.domain_identity_source import DomainIdentitySource
from msgraph.generated.models.connected_organization_state import ConnectedOrganizationState
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = ConnectedOrganization(
	display_name = "Connected organization name",
	description = "Connected organization description",
	identity_sources = [
		DomainIdentitySource(
			odata_type = "#microsoft.graph.domainIdentitySource",
			domain_name = "example.com",
			display_name = "example.com",
		),
	],
	state = ConnectedOrganizationState.Proposed,
)

result = await graph_client.identity_governance.entitlement_management.connected_organizations.post(request_body)

Réponse

Remarque : l’objet de réponse affiché ci-après peut être raccourci pour plus de lisibilité.

HTTP/1.1 201 Created
Content-type: application/json

{
  "id": "35ff48a8-e9d8-4405-8425-0b23694287a4",
  "displayName": "Connected organization name",
  "description": "Connected organization description",
  "createdDateTime": "2021-11-10T01:13:15.541617Z",
  "modifiedDateTime": "2021-11-10T01:13:15.541617Z",
  "state": "proposed",
  "identitySources": []
}

Exemple 2 : Créer un organization connecté avec une identitySource basée sur un ID de locataire

Cet exemple montre la création d’un organization connecté avec une source d’identité basée sur un ID de locataire. L’ID de locataire se trouve par le nom de domaine à l’aide de l’appel tenantRelationship : findTenantInformationByDomainName .

Demande

POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/connectedOrganizations/
Content-Type: application/json

{
  "displayName":"Connected organization name",
  "description":"Connected organization description",
  "identitySources": [
    {
      "@odata.type": "#microsoft.graph.azureActiveDirectoryTenant",
      "displayName": "Contoso",
      "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee"
      }
  ],
  "state":"proposed"
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new ConnectedOrganization
{
	DisplayName = "Connected organization name",
	Description = "Connected organization description",
	IdentitySources = new List<IdentitySource>
	{
		new AzureActiveDirectoryTenant
		{
			OdataType = "#microsoft.graph.azureActiveDirectoryTenant",
			DisplayName = "Contoso",
			TenantId = "aaaabbbb-0000-cccc-1111-dddd2222eeee",
		},
	},
	State = ConnectedOrganizationState.Proposed,
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.IdentityGovernance.EntitlementManagement.ConnectedOrganizations.PostAsync(requestBody);



mgc-beta identity-governance entitlement-management connected-organizations create --body '{\
  "displayName":"Connected organization name",\
  "description":"Connected organization description",\
  "identitySources": [\
    {\
      "@odata.type": "#microsoft.graph.azureActiveDirectoryTenant",\
      "displayName": "Contoso",\
      "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee"\
      }\
  ],\
  "state":"proposed"\
}\
\
'



// Code snippets are only available for the latest major version. Current major version is $v0.*

// Dependencies
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

requestBody := graphmodels.NewConnectedOrganization()
displayName := "Connected organization name"
requestBody.SetDisplayName(&displayName) 
description := "Connected organization description"
requestBody.SetDescription(&description) 


identitySource := graphmodels.NewAzureActiveDirectoryTenant()
displayName := "Contoso"
identitySource.SetDisplayName(&displayName) 
tenantId := "aaaabbbb-0000-cccc-1111-dddd2222eeee"
identitySource.SetTenantId(&tenantId) 

identitySources := []graphmodels.IdentitySourceable {
	identitySource,
}
requestBody.SetIdentitySources(identitySources)
state := graphmodels.PROPOSED_CONNECTEDORGANIZATIONSTATE 
requestBody.SetState(&state) 

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
connectedOrganizations, err := graphClient.IdentityGovernance().EntitlementManagement().ConnectedOrganizations().Post(context.Background(), requestBody, nil)


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

ConnectedOrganization connectedOrganization = new ConnectedOrganization();
connectedOrganization.setDisplayName("Connected organization name");
connectedOrganization.setDescription("Connected organization description");
LinkedList<IdentitySource> identitySources = new LinkedList<IdentitySource>();
AzureActiveDirectoryTenant identitySource = new AzureActiveDirectoryTenant();
identitySource.setOdataType("#microsoft.graph.azureActiveDirectoryTenant");
identitySource.setDisplayName("Contoso");
identitySource.setTenantId("aaaabbbb-0000-cccc-1111-dddd2222eeee");
identitySources.add(identitySource);
connectedOrganization.setIdentitySources(identitySources);
connectedOrganization.setState(ConnectedOrganizationState.Proposed);
ConnectedOrganization result = graphClient.identityGovernance().entitlementManagement().connectedOrganizations().post(connectedOrganization);


const options = {
	authProvider,
};

const client = Client.init(options);

const connectedOrganization = {
  displayName: 'Connected organization name',
  description: 'Connected organization description',
  identitySources: [
    {
      '@odata.type': '#microsoft.graph.azureActiveDirectoryTenant',
      displayName: 'Contoso',
      tenantId: 'aaaabbbb-0000-cccc-1111-dddd2222eeee'
      }
  ],
  state: 'proposed'
};

await client.api('/identityGovernance/entitlementManagement/connectedOrganizations/')
	.version('beta')
	.post(connectedOrganization);


<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\ConnectedOrganization;
use Microsoft\Graph\Beta\Generated\Models\IdentitySource;
use Microsoft\Graph\Beta\Generated\Models\AzureActiveDirectoryTenant;
use Microsoft\Graph\Beta\Generated\Models\ConnectedOrganizationState;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new ConnectedOrganization();
$requestBody->setDisplayName('Connected organization name');
$requestBody->setDescription('Connected organization description');
$identitySourcesIdentitySource1 = new AzureActiveDirectoryTenant();
$identitySourcesIdentitySource1->setOdataType('#microsoft.graph.azureActiveDirectoryTenant');
$identitySourcesIdentitySource1->setDisplayName('Contoso');
$identitySourcesIdentitySource1->setTenantId('aaaabbbb-0000-cccc-1111-dddd2222eeee');
$identitySourcesArray []= $identitySourcesIdentitySource1;
$requestBody->setIdentitySources($identitySourcesArray);

$requestBody->setState(new ConnectedOrganizationState('proposed'));

$result = $graphServiceClient->identityGovernance()->entitlementManagement()->connectedOrganizations()->post($requestBody)->wait();


Import-Module Microsoft.Graph.Beta.Identity.Governance

$params = @{
	displayName = "Connected organization name"
	description = "Connected organization description"
	identitySources = @(
		@{
			"@odata.type" = "#microsoft.graph.azureActiveDirectoryTenant"
			displayName = "Contoso"
			tenantId = "aaaabbbb-0000-cccc-1111-dddd2222eeee"
		}
	)
	state = "proposed"
}

New-MgBetaEntitlementManagementConnectedOrganization -BodyParameter $params


# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.connected_organization import ConnectedOrganization
from msgraph_beta.generated.models.identity_source import IdentitySource
from msgraph_beta.generated.models.azure_active_directory_tenant import AzureActiveDirectoryTenant
from msgraph_beta.generated.models.connected_organization_state import ConnectedOrganizationState
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = ConnectedOrganization(
	display_name = "Connected organization name",
	description = "Connected organization description",
	identity_sources = [
		AzureActiveDirectoryTenant(
			odata_type = "#microsoft.graph.azureActiveDirectoryTenant",
			display_name = "Contoso",
			tenant_id = "aaaabbbb-0000-cccc-1111-dddd2222eeee",
		),
	],
	state = ConnectedOrganizationState.Proposed,
)

result = await graph_client.identity_governance.entitlement_management.connected_organizations.post(request_body)

Réponse

Remarque : l’objet de réponse affiché ci-après peut être raccourci pour plus de lisibilité.

HTTP/1.1 201 Created
Content-type: application/json

{
  "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/entitlementManagement/connectedOrganizations/$entity",
  "id": "922c86cf-65b8-4d94-b6a6-477dde331c7b",
  "displayName": "Connected organization name",
  "description": "Connected organization description",
  "createdDateTime": "2024-10-29T21:55:39.6051923Z",
  "modifiedDateTime": "2024-10-29T21:55:39.6051923Z",
  "state": "proposed",
  "identitySources": []
}

Partager via

Créer connectedOrganization

Autorisations

Requête HTTP

En-têtes de demande

Corps de la demande

Réponse

Exemples

Exemple 1 : Créer un organization connecté

Demande

Réponse

Exemple 2 : Créer un organization connecté avec une identitySource basée sur un ID de locataire

Demande

Réponse

Commentaires

Ressources supplémentaires