Reputation: 43
Azure RBAC Rest API call to get Object Type
I am using this call https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01 to get role assignment of subscription. The output is of this gives principalId and other values
Question is How can I differentiate the principalId is user principal or serviceprincipal?
This is needed to for me to query graph api to get appid (if service principle) or display name , upn ( if user principle).
Graph APi has 2 different call for this hence while automating I need to know which one to be called based on object type.
User: https://graph.windows.net/microsoft.com/users/principalid?api-version=1.6
Service Pricipal: https://graph.windows.net/microsoft.com/servicePrincipals/principalid?api-version=1.6
Upvotes: 2
Views: 264
Answers (1)
Reputation: 24529
Graph APi has 2 different call for this hence while automating I need to know which one to be called based on object type.
Based on my understanding, you could use the Objects - Get Objects By Object Ids Rest API to get the objects by principleid, no need to call 2 different calls. You also could get the object type from the response.
POST https://graph.windows.net/{tenantID}/getObjectsByObjectIds?api-version=1.6
I test with 2 principalids, one is the service principal and another is user.
Test Result:
Upvotes: 0
Related Questions
- How to get value from response body in API management policy?
- Azure Rest API Get More Information about Subscriptions, Resource Groups and Resources
- Rest Call to Azure
- Get Azure Resource Details based on the Tag using Rest API
- Azure Authorization: what is scope parameter in REST API?
- Create Object in Azure Analysis Service using REST API call
- Extract non-string value from response object
- How to get list of all roles assignments using RBAC API
- C# - Getting object of any type in Service Fabric RPC Service
- Get Resource Details in Azure Subscription using Java Rest API