title | description | ms.localizationpriority | doc_type | ms.subservice | author |
---|---|---|---|---|---|
scopedRoleMembership resource type |
A scoped-role membership describes a user's membership of a directory role that is further scoped to an Administrative Unit. This provides a mechanism to allow a tenant-wide company administrator to delegate administrative privileges to a user to manage users and groups in a subset of the organization (the administrative unit defines the subset). |
medium |
resourcePageType |
entra-directory-management |
DougKirschner |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
A scoped-role membership describes a user's membership of a directory role that is further scoped to an Administrative Unit. This provides a mechanism to allow a tenant-wide company administrator to delegate administrative privileges to a user to manage users and groups in a subset of the organization (the administrative unit defines the subset).
Direct queries to this resource aren't supported. See the administrative units article to for information on how to query for scoped-role memberships, and adding and removing scoped-role memberships.
Property | Type | Description |
---|---|---|
administrativeUnitId | string | Unique identifier for the administrative unit that the directory role is scoped to |
ID | string | Unique identifier for the scoped-role membership. Read-only. |
roleId | string | Unique identifier for the directory role that the member is in. |
roleMemberInfo | identity | Role member identity information. Represents the user that is a member of this scoped-role. |
None
The following JSON representation shows the resource type.
{
"administrativeUnitId": "string",
"id": "string (identifier)",
"roleId": "string",
"roleMemberInfo": {"@odata.type": "microsoft.graph.identity"}
}