azure.graphrbac.models module¶
-
class
azure.graphrbac.models.
GraphError
(code=None, message=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory error information.
Parameters: - code (str) – Error code.
- message (str) – Error message value.
-
exception
azure.graphrbac.models.
GraphErrorException
(deserialize, response, *args)[source]¶ Bases:
msrest.exceptions.HttpOperationError
Server responsed with exception of type: ‘GraphError’.
Parameters: - deserialize – A deserializer
- response – Server response to be deserialized.
-
class
azure.graphrbac.models.
KeyCredential
(start_date=None, end_date=None, value=None, key_id=None, usage=None, type=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory Key Credential information.
Parameters: - start_date (datetime) – start date
- end_date (datetime) – end date
- value (str) – value
- key_id (str) – key Id
- usage (str) – usage. Acceptable values are ‘Verify’ and ‘Sign’.
- type (str) – type. Acceptable values are ‘AsymmetricX509Cert’ and ‘Symmetric’.
-
class
azure.graphrbac.models.
PasswordCredential
(start_date=None, end_date=None, key_id=None, value=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory PasswordCredential information.
Parameters: - start_date (datetime) – start date
- end_date (datetime) – end date
- key_id (str) – key Id
- value (str) – value
-
class
azure.graphrbac.models.
ApplicationCreateParameters
(available_to_other_tenants, display_name, identifier_uris, homepage=None, reply_urls=None, key_credentials=None, password_credentials=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for create a new application.
Parameters: - available_to_other_tenants (bool) – Indicates if the application will be available to other tenants
- display_name (str) – Application display name
- homepage (str) – Application homepage
- identifier_uris (list of str) – Application Uris
- reply_urls (list of str) – Application reply Urls
- key_credentials (list of
KeyCredential
) – the list of KeyCredential objects - password_credentials (list of
PasswordCredential
) – the list of PasswordCredential objects
-
class
azure.graphrbac.models.
ApplicationUpdateParameters
(available_to_other_tenants=None, display_name=None, homepage=None, identifier_uris=None, reply_urls=None, key_credentials=None, password_credentials=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for updating an existing application.
Parameters: - available_to_other_tenants (bool) – Indicates if the application will be available to other tenants
- display_name (str) – Application display name
- homepage (str) – Application homepage
- identifier_uris (list of str) – Application Uris
- reply_urls (list of str) – Application reply Urls
- key_credentials (list of
KeyCredential
) – the list of KeyCredential objects - password_credentials (list of
PasswordCredential
) – the list of PasswordCredential objects
-
class
azure.graphrbac.models.
Application
(object_id=None, object_type=None, app_id=None, app_permissions=None, available_to_other_tenants=None, display_name=None, identifier_uris=None, reply_urls=None, homepage=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory user information.
Parameters: - object_id (str) – object Id
- object_type (str) – object type
- app_id (str) – application Id
- app_permissions (list of str) – application permissions
- available_to_other_tenants (bool) – Indicates if the application will be available to other tenants
- display_name (str) – the displayName
- identifier_uris (list of str) – the application identifier Uris
- reply_urls (list of str) – the application reply Urls
- homepage (str) – Application homepage
-
class
azure.graphrbac.models.
KeyCredentialsUpdateParameters
(value=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for KeyCredentials update operation.
Parameters: value (list of KeyCredential
) – KeyCredential list.
-
class
azure.graphrbac.models.
PasswordCredentialsUpdateParameters
(value=None)[source]¶ Bases:
msrest.serialization.Model
Request paramters for PasswordCredentials update operation.
Parameters: value (list of PasswordCredential
) – PasswordCredential list.
-
class
azure.graphrbac.models.
AADObject
(object_id=None, object_type=None, display_name=None, user_principal_name=None, mail=None, mail_enabled=None, security_enabled=None, sign_in_name=None, service_principal_names=None, user_type=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory object information.
Parameters: - object_id (str) – object Id
- object_type (str) – object type
- display_name (str) – object display name
- user_principal_name (str) – principal name
- mail (str) – mail
- mail_enabled (bool) – MailEnabled field
- security_enabled (bool) – SecurityEnabled field
- sign_in_name (str) – signIn name
- service_principal_names (list of str) – the list of service principal names.
- user_type (str) – the user type
-
class
azure.graphrbac.models.
GroupAddMemberParameters
(url)[source]¶ Bases:
msrest.serialization.Model
Request parameters for adding a member to a group.
Parameters: url (str) – Member Object Url as “https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd”, where “0b1f9851-1bf0-433f-aec3-cb9272f093dc” is the tenantId and “f260bbc4-c254-447b-94cf-293b5ec434dd” is the objectId of the member (user, application, servicePrincipal, group) to be added.
-
class
azure.graphrbac.models.
GroupCreateParameters
(display_name, mail_nickname)[source]¶ Bases:
msrest.serialization.Model
Request parameters for create a new group.
Variables are only populated by the server, and will be ignored when sending a request.
Parameters: - display_name (str) – Group display name
- mail_nickname (str) – Mail nick name
Variables: - mail_enabled (bool) – Specifies whether the group is mail-enabled. Must be false. This is because only pure security groups can be created using the Graph API. Default value: False .
- security_enabled (bool) – Specifies whether the group is a security group. Must be true. This is because only pure security groups can be created using the Graph API. Default value: True .
-
mail_enabled
= False¶
-
security_enabled
= True¶
-
class
azure.graphrbac.models.
ADGroup
(object_id=None, object_type=None, display_name=None, security_enabled=None, mail=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory group information.
Parameters: - object_id (str) – object Id
- object_type (str) – object type
- display_name (str) – group display name
- security_enabled (bool) – security enabled field
- mail (str) – mail field
-
class
azure.graphrbac.models.
GroupGetMemberGroupsParameters
(security_enabled_only)[source]¶ Bases:
msrest.serialization.Model
Request parameters for GetMemberGroups API call.
Parameters: security_enabled_only (bool) – If true only membership in security enabled groups should be checked. Otherwise membership in all groups should be checked
-
class
azure.graphrbac.models.
CheckGroupMembershipParameters
(group_id, member_id)[source]¶ Bases:
msrest.serialization.Model
Request parameters for IsMemberOf API call.
Parameters: - group_id (str) – The object ID of the group to check.
- member_id (str) – The object ID of the contact, group, user, or service principal to check for membership in the specified group.
-
class
azure.graphrbac.models.
CheckGroupMembershipResult
(value=None)[source]¶ Bases:
msrest.serialization.Model
Server response for IsMemberOf API call.
Parameters: value (bool) – true if the specified user, group, contact, or service principal has either direct or transitive membership in the specified group; otherwise, false.
-
class
azure.graphrbac.models.
ServicePrincipalCreateParameters
(app_id, account_enabled, key_credentials=None, password_credentials=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for create a new service principal.
Parameters: - app_id (str) – application Id
- account_enabled (bool) – Specifies if the account is enabled
- key_credentials (list of
KeyCredential
) – the list of KeyCredential objects - password_credentials (list of
PasswordCredential
) – the list of PasswordCredential objects
-
class
azure.graphrbac.models.
ServicePrincipal
(object_id=None, object_type=None, display_name=None, app_id=None, service_principal_names=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory service principal information.
Parameters: - object_id (str) – object Id
- object_type (str) – object type
- display_name (str) – service principal display name
- app_id (str) – app id
- service_principal_names (list of str) – the list of names.
-
class
azure.graphrbac.models.
PasswordProfile
(password, force_change_password_next_login=None)[source]¶ Bases:
msrest.serialization.Model
Contains the password profile associated with a user.
Parameters: - password (str) – Password
- force_change_password_next_login (bool) – Force change password on next login
-
class
azure.graphrbac.models.
UserCreateParameters
(account_enabled, display_name, password_profile, user_principal_name, mail_nickname, immutable_id=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for create a new work or school account user.
Parameters: - account_enabled (bool) – Enable the account. If it is enabled then true else false.
- display_name (str) – User display name
- password_profile (
PasswordProfile
) – Password Profile - user_principal_name (str) – The user principal name (someuser@contoso.com). It must contain one of the verified domains for the tenant.
- mail_nickname (str) – The mail alias for the user
- immutable_id (str) – Needs to be specified if you are using a federated domain for the user’s userPrincipalName (UPN) property while creating a new user account. It is used to associate an on-premises Active Directory user account to their Azure AD user object.
-
class
azure.graphrbac.models.
UserUpdateParameters
(account_enabled=None, display_name=None, password_profile=None, mail_nickname=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for updating an existing work or school account user.
Parameters: - account_enabled (bool) – Enable the account. If it is enabled then true else false.
- display_name (str) – User display name
- password_profile (
PasswordProfile
) – Password Profile - mail_nickname (str) – The mail alias for the user
-
class
azure.graphrbac.models.
User
(object_id=None, object_type=None, user_principal_name=None, display_name=None, sign_in_name=None, mail=None, mail_nickname=None)[source]¶ Bases:
msrest.serialization.Model
Active Directory user information.
Parameters: - object_id (str) – object Id
- object_type (str) – object type
- user_principal_name (str) – user principal name
- display_name (str) – user display name
- sign_in_name (str) – user signIn name
- mail (str) – user mail
- mail_nickname (str) – The mail alias for the user
-
class
azure.graphrbac.models.
UserGetMemberGroupsParameters
(security_enabled_only)[source]¶ Bases:
msrest.serialization.Model
Request parameters for GetMemberGroups API call.
Parameters: security_enabled_only (bool) – If true only membership in security enabled groups should be checked. Otherwise membership in all groups should be checked
-
class
azure.graphrbac.models.
GetObjectsParameters
(include_directory_object_references, object_ids=None, types=None)[source]¶ Bases:
msrest.serialization.Model
Request parameters for GetObjectsByObjectIds API call.
Parameters: - object_ids (list of str) – Requested object Ids
- types (list of str) – Requested object types
- include_directory_object_references (bool) – If true, also searches for object ids in the partner tenant
-
class
azure.graphrbac.models.
ApplicationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of Application object
-
class
azure.graphrbac.models.
KeyCredentialPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of KeyCredential object
-
class
azure.graphrbac.models.
PasswordCredentialPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of PasswordCredential object
-
class
azure.graphrbac.models.
ADGroupPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of ADGroup object
-
class
azure.graphrbac.models.
AADObjectPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of AADObject object
-
class
azure.graphrbac.models.
strPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of str object