diff --git a/specification/graphrbac/data-plane/1.6/graphrbac.json b/specification/graphrbac/data-plane/1.6/graphrbac.json index 233de4c19bbe..86962b1d8a0e 100644 --- a/specification/graphrbac/data-plane/1.6/graphrbac.json +++ b/specification/graphrbac/data-plane/1.6/graphrbac.json @@ -261,6 +261,92 @@ } } }, + "/{tenantID}/applications/{applicationObjectId}/owners": { + "get": { + "tags": [ + "ApplicationOwners" + ], + "operationId": "Applications_ListOwners", + "summary": "Directory objects that are owners of the application.", + "description": "The owners are a set of non-admin users who are allowed to modify this object.", + "parameters": [ + { + "name": "applicationObjectId", + "in": "path", + "required": true, + "type": "string", + "description": "The object ID of the application for which to get owners." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/tenantIDInPath" + } + ], + "responses": { + "200": { + "description": "OK. The operation was successful.", + "schema": { + "$ref": "#/definitions/DirectoryObjectListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/GraphError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": null + } + } + }, + "/{tenantID}/applications/{applicationObjectId}/$links/owners": { + "post": { + "tags": [ + "ApplicationOwners" + ], + "operationId": "Applications_AddOwner", + "description": "Add an owner to an application.", + "parameters": [ + { + "name": "applicationObjectId", + "in": "path", + "required": true, + "type": "string", + "description": "The object ID of the application to which to add the owner." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ApplicationAddOwnerParameters" + }, + "description": "The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/tenantIDInPath" + } + ], + "responses": { + "204": { + "description": "No Content. Indicates success. No response body is returned." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/GraphError" + } + } + } + } + }, "/{tenantID}/applications/{applicationObjectId}/keyCredentials": { "get": { "tags": [ @@ -949,6 +1035,48 @@ } } }, + "/{tenantID}/servicePrincipals/{objectId}/owners": { + "get": { + "tags": [ + "ServicePrincipalOwners" + ], + "operationId": "ServicePrincipals_ListOwners", + "summary": "Directory objects that are owners of this service principal.", + "description": "The owners are a set of non-admin users who are allowed to modify this object.", + "parameters": [ + { + "name": "objectId", + "in": "path", + "required": true, + "type": "string", + "description": "The object ID of the service principal for which to get owners." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/tenantIDInPath" + } + ], + "responses": { + "200": { + "description": "OK. The operation was successful.", + "schema": { + "$ref": "#/definitions/DirectoryObjectListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/GraphError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": null + } + } + }, "/{tenantID}/servicePrincipals/{objectId}/keyCredentials": { "get": { "tags": [ @@ -1757,6 +1885,28 @@ }, "description": "Active Directory error message." }, + "DirectoryObject": { + "discriminator": "objectType", + "properties": { + "objectId": { + "type": "string", + "description": "The object ID.", + "readOnly": true + }, + "objectType": { + "type": "string", + "description": "The object type.", + "readOnly": true + }, + "deletionTimestamp": { + "type": "string", + "format": "date-time", + "description": "The time at which the directory object was deleted.", + "readOnly": true + } + }, + "description": "Represents an Azure Active Directory object." + }, "KeyCredential": { "properties": { "startDate": { @@ -1964,15 +2114,12 @@ "description": "Request parameters for updating an existing application." }, "Application": { + "allOf": [ + { + "$ref": "#/definitions/DirectoryObject" + } + ], "properties": { - "objectId": { - "type": "string", - "description": "The object ID." - }, - "objectType": { - "type": "string", - "description": "The object type." - }, "appId": { "type": "string", "description": "The application ID." @@ -2033,6 +2180,18 @@ }, "description": "Application list operation result." }, + "ApplicationAddOwnerParameters": { + "properties": { + "url": { + "type": "string", + "description": "A owner object URL, such as \"https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd\", where \"0b1f9851-1bf0-433f-aec3-cb9272f093dc\" is the tenantId and \"f260bbc4-c254-447b-94cf-293b5ec434dd\" is the objectId of the owner (user, application, servicePrincipal, group) to be added." + } + }, + "required": [ + "url" + ], + "description": "Request parameters for adding a owner to an application." + }, "KeyCredentialListResult": { "properties": { "value": { @@ -2045,6 +2204,18 @@ }, "description": "KeyCredential list operation result." }, + "DirectoryObjectListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DirectoryObject" + }, + "description": "A collection of DirectoryObject." + } + }, + "description": "DirectoryObject list operation result." + }, "KeyCredentialsUpdateParameters": { "properties": { "value": { @@ -2242,15 +2413,12 @@ "description": "Request parameters for creating a new group." }, "ADGroup": { + "allOf": [ + { + "$ref": "#/definitions/DirectoryObject" + } + ], "properties": { - "objectId": { - "type": "string", - "description": "The object ID." - }, - "objectType": { - "type": "string", - "description": "The object type." - }, "displayName": { "type": "string", "description": "The display name of the group." @@ -2264,6 +2432,7 @@ "description": "The primary email address of the group." } }, + "x-ms-discriminator-value": "Group", "description": "Active Directory group information." }, "GroupListResult": { @@ -2364,15 +2533,12 @@ "description": "Request parameters for creating a new service principal." }, "ServicePrincipal": { + "allOf": [ + { + "$ref": "#/definitions/DirectoryObject" + } + ], "properties": { - "objectId": { - "type": "string", - "description": "The object ID." - }, - "objectType": { - "type": "string", - "description": "The object type." - }, "displayName": { "type": "string", "description": "The display name of the service principal." @@ -2529,10 +2695,38 @@ "User": { "allOf": [ { - "$ref": "#/definitions/UserBase" + "$ref": "#/definitions/DirectoryObject" } ], "properties": { + "immutableId": { + "type": "string", + "description": "This must be specified if you are using a federated domain for the user's userPrincipalName (UPN) property when creating a new user account. It is used to associate an on-premises Active Directory user account with their Azure AD user object." + }, + "usageLocation": { + "type": "string", + "description": "A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: \"US\", \"JP\", and \"GB\"." + }, + "givenName": { + "type": "string", + "description": "The given name for the user." + }, + "surname": { + "type": "string", + "description": "The user's surname (family name or last name)." + }, + "userType": { + "type": "string", + "description": "A string value that can be used to classify user types in your directory, such as 'Member' and 'Guest'.", + "enum": [ + "Member", + "Guest" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, "accountEnabled": { "type": "boolean", "description": "Whether the account is enabled." @@ -2553,14 +2747,6 @@ "type": "string", "description": "The primary email address of the user." }, - "objectId": { - "type": "string", - "description": "The object ID." - }, - "objectType": { - "type": "string", - "description": "The object type." - }, "signInNames": { "type": "array", "items": {