azure.graphrbac.operations module

class azure.graphrbac.operations.ObjectsOperations(client, config, serializer, deserializer)[source]

Bases: object

ObjectsOperations operations.

Parameters:
  • client – Client for service requests.
  • config – Configuration of service client.
  • serializer – An object model serializer.
  • deserializer – An objec model deserializer.
get_current_user(custom_headers=None, raw=False, **operation_config)[source]

Gets the details for current logged in user.

Parameters:
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

AADObject

Return type:

ClientRawResponse if raw=true

get_objects_by_object_ids(parameters, custom_headers=None, raw=False, **operation_config)[source]

Gets AD group membership by provided AD object Ids.

Parameters:
  • parameters (GetObjectsParameters) – Objects filtering parameters.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

AADObjectPaged

get_objects_by_object_ids_next(next_link, custom_headers=None, raw=False, **operation_config)[source]

Gets AD group membership by provided AD object Ids.

Parameters:
  • next_link (str) – Next link for list operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

AADObjectPaged

class azure.graphrbac.operations.ApplicationsOperations(client, config, serializer, deserializer)[source]

Bases: object

ApplicationsOperations operations.

Parameters:
  • client – Client for service requests.
  • config – Configuration of service client.
  • serializer – An object model serializer.
  • deserializer – An objec model deserializer.
Variables:

api_version – Client Api Version. Constant value: “1.6”.

create(parameters, custom_headers=None, raw=False, **operation_config)[source]

Create a new application. Reference: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx.

Parameters:
  • parameters (ApplicationCreateParameters) – Parameters to create an application.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

Application

Return type:

ClientRawResponse if raw=true

delete(application_object_id, custom_headers=None, raw=False, **operation_config)[source]

Delete an application. Reference: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx.

Parameters:
  • application_object_id (str) – Application object id
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

get(application_object_id, custom_headers=None, raw=False, **operation_config)[source]

Get an application by object Id. Reference: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx.

Parameters:
  • application_object_id (str) – Application object id
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

Application

Return type:

ClientRawResponse if raw=true

list(filter=None, custom_headers=None, raw=False, **operation_config)[source]

Lists applications by filter parameters. Reference: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx.

Parameters:
  • filter (str) – The filters to apply on the operation
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ApplicationPaged

list_key_credentials(application_object_id, custom_headers=None, raw=False, **operation_config)[source]

Get keyCredentials associated with the application by object Id. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#keycredential-type.

Parameters:
  • application_object_id (str) – Application object id
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

KeyCredentialPaged

list_password_credentials(application_object_id, custom_headers=None, raw=False, **operation_config)[source]

Gets passwordCredentials associated with an existing application. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#passwordcredential-type.

Parameters:
  • application_object_id (str) – Application object id
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

PasswordCredentialPaged

patch(application_object_id, parameters, custom_headers=None, raw=False, **operation_config)[source]

Update existing application. Reference: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx.

Parameters:
  • application_object_id (str) – Application object id
  • parameters (ApplicationUpdateParameters) – Parameters to update an existing application.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

update_key_credentials(application_object_id, value=None, custom_headers=None, raw=False, **operation_config)[source]

Update keyCredentials associated with an existing application. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#keycredential-type.

Parameters:
  • application_object_id (str) – Application object id
  • value (list of KeyCredential) – KeyCredential list.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

update_password_credentials(application_object_id, value=None, custom_headers=None, raw=False, **operation_config)[source]

Updates passwordCredentials associated with an existing application. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#passwordcredential-type.

Parameters:
  • application_object_id (str) – Application object id
  • value (list of PasswordCredential) – PasswordCredential list.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

class azure.graphrbac.operations.GroupsOperations(client, config, serializer, deserializer)[source]

Bases: object

GroupsOperations operations.

Parameters:
  • client – Client for service requests.
  • config – Configuration of service client.
  • serializer – An object model serializer.
  • deserializer – An objec model deserializer.
Variables:

api_version – Client Api Version. Constant value: “1.6”.

add_member(group_object_id, url, custom_headers=None, raw=False, **operation_config)[source]

Add a memeber to a group. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/groups-operations#AddGroupMembers.

Parameters:
  • group_object_id (str) – Group object id
  • url (str) – Member Object Url as “https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd”, where “0b1f9851-1bf0-433f-aec3-cb9272f093dc” is the tenantId and “f260bbc4-c254-447b-94cf-293b5ec434dd” is the objectId of the member (user, application, servicePrincipal, group) to be added.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

create(display_name, mail_nickname, custom_headers=None, raw=False, **operation_config)[source]

Create a group in the directory. Reference: http://msdn.microsoft.com/en-us/library/azure/dn151676.aspx.

Parameters:
  • display_name (str) – Group display name
  • mail_nickname (str) – Mail nick name
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ADGroup

Return type:

ClientRawResponse if raw=true

delete(group_object_id, custom_headers=None, raw=False, **operation_config)[source]

Delete a group in the directory. Reference: http://msdn.microsoft.com/en-us/library/azure/dn151676.aspx.

Parameters:
  • group_object_id (str) – Object id
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

get(object_id, custom_headers=None, raw=False, **operation_config)[source]

Gets group information from the directory.

Parameters:
  • object_id (str) – User objectId to get group information.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ADGroup

Return type:

ClientRawResponse if raw=true

get_group_members(object_id, custom_headers=None, raw=False, **operation_config)[source]

Gets the members of a group.

Parameters:
  • object_id (str) – Group object Id who’s members should be retrieved.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

AADObjectPaged

get_group_members_next(next_link, custom_headers=None, raw=False, **operation_config)[source]

Gets the members of a group.

Parameters:
  • next_link (str) – Next link for list operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

AADObjectPaged

get_member_groups(object_id, security_enabled_only, custom_headers=None, raw=False, **operation_config)[source]

Gets a collection that contains the Object IDs of the groups of which the group is a member.

Parameters:
  • object_id (str) – Group filtering parameters.
  • security_enabled_only (bool) – If true only membership in security enabled groups should be checked. Otherwise membership in all groups should be checked
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

strPaged

is_member_of(group_id, member_id, custom_headers=None, raw=False, **operation_config)[source]

Checks whether the specified user, group, contact, or service principal is a direct or a transitive member of the specified group.

Parameters:
  • group_id (str) – The object ID of the group to check.
  • member_id (str) – The object ID of the contact, group, user, or service principal to check for membership in the specified group.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

CheckGroupMembershipResult

Return type:

ClientRawResponse if raw=true

list(filter=None, custom_headers=None, raw=False, **operation_config)[source]

Gets list of groups for the current tenant.

Parameters:
  • filter (str) – The filter to apply on the operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ADGroupPaged

list_next(next_link, custom_headers=None, raw=False, **operation_config)[source]

Gets list of groups for the current tenant.

Parameters:
  • next_link (str) – Next link for list operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ADGroupPaged

remove_member(group_object_id, member_object_id, custom_headers=None, raw=False, **operation_config)[source]

Remove a memeber from a group. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/groups-operations#DeleteGroupMember.

Parameters:
  • group_object_id (str) – Group object id
  • member_object_id (str) – Member Object id
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

class azure.graphrbac.operations.ServicePrincipalsOperations(client, config, serializer, deserializer)[source]

Bases: object

ServicePrincipalsOperations operations.

Parameters:
  • client – Client for service requests.
  • config – Configuration of service client.
  • serializer – An object model serializer.
  • deserializer – An objec model deserializer.
Variables:

api_version – Client Api Version. Constant value: “1.6”.

create(parameters, custom_headers=None, raw=False, **operation_config)[source]

Creates a service principal in the directory.

Parameters:
  • parameters (ServicePrincipalCreateParameters) – Parameters to create a service principal.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ServicePrincipal

Return type:

ClientRawResponse if raw=true

delete(object_id, custom_headers=None, raw=False, **operation_config)[source]

Deletes service principal from the directory.

Parameters:
  • object_id (str) – Object id to delete service principal information.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

get(object_id, custom_headers=None, raw=False, **operation_config)[source]

Gets service principal information from the directory.

Parameters:
  • object_id (str) – Object id to get service principal information.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ServicePrincipal

Return type:

ClientRawResponse if raw=true

list(filter=None, custom_headers=None, raw=False, **operation_config)[source]

Gets list of service principals from the current tenant.

Parameters:
  • filter (str) – The filter to apply on the operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ServicePrincipalPaged

list_key_credentials(object_id, custom_headers=None, raw=False, **operation_config)[source]

Get keyCredentials associated with the service principal by object Id. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#keycredential-type.

Parameters:
  • object_id (str) – Object id to get service principal information.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

KeyCredentialPaged

list_next(next_link, custom_headers=None, raw=False, **operation_config)[source]

Gets list of service principals from the current tenant.

Parameters:
  • next_link (str) – Next link for list operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

ServicePrincipalPaged

list_password_credentials(object_id, custom_headers=None, raw=False, **operation_config)[source]

Gets passwordCredentials associated with an existing service principal. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#passwordcredential-type.

Parameters:
  • object_id (str) – Object id to get service principal information.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

PasswordCredentialPaged

update_key_credentials(object_id, value=None, custom_headers=None, raw=False, **operation_config)[source]

Update keyCredentials associated with an existing service principal. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#keycredential-type.

Parameters:
  • object_id (str) – Object id to get service principal information.
  • value (list of KeyCredential) – KeyCredential list.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

update_password_credentials(object_id, value=None, custom_headers=None, raw=False, **operation_config)[source]

Updates passwordCredentials associated with an existing service principal. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#passwordcredential-type.

Parameters:
  • object_id (str) – Object id to get service principal information.
  • value (list of PasswordCredential) – PasswordCredential list.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

class azure.graphrbac.operations.UsersOperations(client, config, serializer, deserializer)[source]

Bases: object

UsersOperations operations.

Parameters:
  • client – Client for service requests.
  • config – Configuration of service client.
  • serializer – An object model serializer.
  • deserializer – An objec model deserializer.
Variables:

api_version – Client Api Version. Constant value: “1.6”.

create(parameters, custom_headers=None, raw=False, **operation_config)[source]

Create a new user. Reference: https://msdn.microsoft.com/library/azure/ad/graph/api/users-operations#CreateUser.

Parameters:
  • parameters (UserCreateParameters) – Parameters to create a user.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

User

Return type:

ClientRawResponse if raw=true

delete(upn_or_object_id, custom_headers=None, raw=False, **operation_config)[source]

Delete a user. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#DeleteUser.

Parameters:
  • upn_or_object_id (str) – user object id or user principal name (upn)
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true

get(upn_or_object_id, custom_headers=None, raw=False, **operation_config)[source]

Gets user information from the directory. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#GetAUser.

Parameters:
  • upn_or_object_id (str) – User object Id or user principal name to get user information.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

User

Return type:

ClientRawResponse if raw=true

get_member_groups(object_id, security_enabled_only, custom_headers=None, raw=False, **operation_config)[source]

Gets a collection that contains the Object IDs of the groups of which the user is a member.

Parameters:
  • object_id (str) – User filtering parameters.
  • security_enabled_only (bool) – If true only membership in security enabled groups should be checked. Otherwise membership in all groups should be checked
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

strPaged

list(filter=None, custom_headers=None, raw=False, **operation_config)[source]

Gets list of users for the current tenant. Reference https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#GetUsers.

Parameters:
  • filter (str) – The filter to apply on the operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

UserPaged

list_next(next_link, custom_headers=None, raw=False, **operation_config)[source]

Gets list of users for the current tenant.

Parameters:
  • next_link (str) – Next link for list operation.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

UserPaged

update(upn_or_object_id, parameters, custom_headers=None, raw=False, **operation_config)[source]

Updates an exisitng user. Reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#UpdateUser.

Parameters:
  • upn_or_object_id (str) – User object Id or user principal name to get user information.
  • parameters (UserUpdateParameters) – Parameters to update an exisitng user.
  • custom_headers (dict) – headers that will be added to the request
  • raw (bool) – returns the direct response alongside the deserialized response
  • operation_configOperation configuration overrides.
Return type:

None

Return type:

ClientRawResponse if raw=true