@lap v0.3
# Machine-readable API spec. Each @endpoint block is one API call.
@api GraphRbacManagementClient
@base https://graph.windows.net
@version 1.6
@auth OAuth2
@common_fields {api-version: any # Client API version., tenantID: any # The tenant ID.}
@endpoints 56
@hint download_for_search
@toc {tenantID}(56)

@endpoint GET /{tenantID}/me
@desc Gets the details for the currently logged-in user.
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/me/ownedObjects
@desc Get the list of directory objects that are owned by the user.
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/applications
@desc Create a new application.
@required {parameters: map # The parameters for creating an application.}
@returns(201) The application was created successfully.

@endpoint GET /{tenantID}/applications
@desc Lists applications by filter parameters.
@optional {$filter: any # The filters to apply to the operation.}
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/deletedApplications/{objectId}/restore
@desc Restores the deleted application in the directory.
@required {objectId: any # Application object ID.}
@returns(200) The application was restored successfully.

@endpoint GET /{tenantID}/deletedApplications
@desc Gets a list of deleted applications in the directory.
@optional {$filter: any # The filter to apply to the operation.}
@returns(200) The applications were retrieved successfully.

@endpoint DELETE /{tenantID}/deletedApplications/{applicationObjectId}
@desc Hard-delete an application.
@required {applicationObjectId: any # Application object ID.}
@returns(204) No Content

@endpoint DELETE /{tenantID}/applications/{applicationObjectId}
@desc Delete an application.
@required {applicationObjectId: any # Application object ID.}
@returns(204) No Content

@endpoint GET /{tenantID}/applications/{applicationObjectId}
@desc Get an application by object ID.
@required {applicationObjectId: any # Application object ID.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/applications/{applicationObjectId}
@desc Update an existing application.
@required {applicationObjectId: any # Application object ID., parameters: map # Parameters to update an existing application.}
@returns(204) No Content

@endpoint GET /{tenantID}/applications/{applicationObjectId}/owners
@desc Directory objects that are owners of the application.
@required {applicationObjectId: any # The object ID of the application for which to get owners.}
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/applications/{applicationObjectId}/$links/owners
@desc Add an owner to an application.
@required {applicationObjectId: any # The object ID of the application to which to add the owner., parameters: map # The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd.}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint DELETE /{tenantID}/applications/{applicationObjectId}/$links/owners/{ownerObjectId}
@desc Remove a member from owners.
@required {applicationObjectId: any # The object ID of the application from which to remove the owner., ownerObjectId: any # Owner object id}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint GET /{tenantID}/applications/{applicationObjectId}/keyCredentials
@desc Get the keyCredentials associated with an application.
@required {applicationObjectId: any # Application object ID.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/applications/{applicationObjectId}/keyCredentials
@desc Update the keyCredentials associated with an application.
@required {applicationObjectId: any # Application object ID., parameters: map # Parameters to update the keyCredentials of an existing application.}
@returns(204) No Content

@endpoint GET /{tenantID}/applications/{applicationObjectId}/passwordCredentials
@desc Get the passwordCredentials associated with an application.
@required {applicationObjectId: any # Application object ID.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/applications/{applicationObjectId}/passwordCredentials
@desc Update passwordCredentials associated with an application.
@required {applicationObjectId: any # Application object ID., parameters: map # Parameters to update passwordCredentials of an existing application.}
@returns(204) No Content

@endpoint POST /{tenantID}/isMemberOf
@desc Checks whether the specified user, group, contact, or service principal is a direct or transitive member of the specified group.
@required {parameters: map # The check group membership parameters.}
@returns(200) OK. Indicates success. Returns true if the user, contact, group, or service principal is a direct or a transitive member of the specified group; otherwise, false.

@endpoint DELETE /{tenantID}/groups/{groupObjectId}/$links/members/{memberObjectId}
@desc Remove a member from a group.
@required {groupObjectId: any # The object ID of the group from which to remove the member., memberObjectId: any # Member object id}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint POST /{tenantID}/groups/{groupObjectId}/$links/members
@desc Add a member to a group.
@required {groupObjectId: any # The object ID of the group to which to add the member., parameters: map # The URL of the member object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd.}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint POST /{tenantID}/groups
@desc Create a group in the directory.
@required {parameters: map # The parameters for the group to create.}
@returns(201) Created

@endpoint GET /{tenantID}/groups
@desc Gets list of groups for the current tenant.
@optional {$filter: any # The filter to apply to the operation.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/groups/{objectId}/members
@desc Gets the members of a group.
@required {objectId: any # The object ID of the group whose members should be retrieved.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/groups/{objectId}
@desc Gets group information from the directory.
@required {objectId: any # The object ID of the user for which to get group information.}
@returns(200) OK. The operation was successful.

@endpoint DELETE /{tenantID}/groups/{objectId}
@desc Delete a group from the directory.
@required {objectId: any # The object ID of the group to delete.}
@returns(204) No Content

@endpoint POST /{tenantID}/groups/{objectId}/getMemberGroups
@desc Gets a collection of object IDs of groups of which the specified group is a member.
@required {objectId: any # The object ID of the group for which to get group membership., parameters: map # Group filtering parameters.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/groups/{objectId}/owners
@desc Directory objects that are owners of the group.
@required {objectId: any # The object ID of the group for which to get owners.}
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/groups/{objectId}/$links/owners
@desc Add an owner to a group.
@required {objectId: any # The object ID of the application to which to add the owner., parameters: map # The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd.}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint DELETE /{tenantID}/groups/{objectId}/$links/owners/{ownerObjectId}
@desc Remove a member from owners.
@required {objectId: any # The object ID of the group from which to remove the owner., ownerObjectId: any # Owner object id}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint POST /{tenantID}/servicePrincipals
@desc Creates a service principal in the directory.
@required {parameters: map # Parameters to create a service principal.}
@returns(201) The service principal was created successfully.

@endpoint GET /{tenantID}/servicePrincipals
@desc Gets a list of service principals from the current tenant.
@optional {$filter: any # The filter to apply to the operation.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/servicePrincipalsByAppId/{applicationID}/objectId
@desc Gets an object id for a given application id from the current tenant.
@required {applicationID: any # The application ID.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/servicePrincipals/{objectId}
@desc Updates a service principal in the directory.
@required {objectId: any # The object ID of the service principal to delete., parameters: map # Parameters to update a service principal.}
@returns(204) No Content

@endpoint DELETE /{tenantID}/servicePrincipals/{objectId}
@desc Deletes a service principal from the directory.
@required {objectId: any # The object ID of the service principal to delete.}
@returns(204) No Content

@endpoint GET /{tenantID}/servicePrincipals/{objectId}
@desc Gets service principal information from the directory. Query by objectId or pass a filter to query by appId
@required {objectId: any # The object ID of the service principal to get.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/servicePrincipals/{objectId}/appRoleAssignedTo
@desc Principals (users, groups, and service principals) that are assigned to this service principal.
@required {objectId: any # The object ID of the service principal for which to get owners.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/servicePrincipals/{objectId}/appRoleAssignments
@desc Applications that the service principal is assigned to.
@required {objectId: any # The object ID of the service principal for which to get owners.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/servicePrincipals/{objectId}/owners
@desc Directory objects that are owners of this service principal.
@required {objectId: any # The object ID of the service principal for which to get owners.}
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/servicePrincipals/{objectId}/$links/owners
@desc Add an owner to a service principal.
@required {objectId: any # The object ID of the service principal to which to add the owner., parameters: map # The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd.}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint DELETE /{tenantID}/servicePrincipals/{objectId}/$links/owners/{ownerObjectId}
@desc Remove a member from owners.
@required {objectId: any # The object ID of the service principal from which to remove the owner., ownerObjectId: any # Owner object id}
@returns(204) No Content. Indicates success. No response body is returned.

@endpoint GET /{tenantID}/servicePrincipals/{objectId}/keyCredentials
@desc Get the keyCredentials associated with the specified service principal.
@required {objectId: any # The object ID of the service principal for which to get keyCredentials.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/servicePrincipals/{objectId}/keyCredentials
@desc Update the keyCredentials associated with a service principal.
@required {objectId: any # The object ID for which to get service principal information., parameters: map # Parameters to update the keyCredentials of an existing service principal.}
@returns(204) No Content

@endpoint GET /{tenantID}/servicePrincipals/{objectId}/passwordCredentials
@desc Gets the passwordCredentials associated with a service principal.
@required {objectId: any # The object ID of the service principal.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/servicePrincipals/{objectId}/passwordCredentials
@desc Updates the passwordCredentials associated with a service principal.
@required {objectId: any # The object ID of the service principal., parameters: map # Parameters to update the passwordCredentials of an existing service principal.}
@returns(204) No Content

@endpoint POST /{tenantID}/users
@desc Create a new user.
@required {parameters: map # Parameters to create a user.}
@returns(201) Created. Indicates success. The new user is returned in the response body.

@endpoint GET /{tenantID}/users
@desc Gets list of users for the current tenant.
@optional {$filter: any # The filter to apply to the operation., $expand: any # The expand value for the operation result., $top: any # (Optional) Set the maximum number of results per response.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/users/{upnOrObjectId}
@desc Gets user information from the directory.
@required {upnOrObjectId: any # The object ID or principal name of the user for which to get information.}
@returns(200) OK. The operation was successful.

@endpoint PATCH /{tenantID}/users/{upnOrObjectId}
@desc Updates a user.
@required {upnOrObjectId: any # The object ID or principal name of the user to update., parameters: map # Parameters to update an existing user.}
@returns(204) No Content.

@endpoint DELETE /{tenantID}/users/{upnOrObjectId}
@desc Delete a user.
@required {upnOrObjectId: any # The object ID or principal name of the user to delete.}
@returns(204) No Content

@endpoint POST /{tenantID}/users/{objectId}/getMemberGroups
@desc Gets a collection that contains the object IDs of the groups of which the user is a member.
@required {objectId: any # The object ID of the user for which to get group membership., parameters: map # User filtering parameters.}
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/getObjectsByObjectIds
@desc Gets the directory objects specified in a list of object IDs. You can also specify which resource collections (users, groups, etc.) should be searched by specifying the optional types parameter.
@required {parameters: map # Objects filtering parameters.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/domains
@desc Gets a list of domains for the current tenant.
@optional {$filter: any # The filter to apply to the operation.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/domains/{domainName}
@desc Gets a specific domain in the current tenant.
@required {domainName: any # name of the domain.}
@returns(200) OK. The operation was successful.

@endpoint GET /{tenantID}/oauth2PermissionGrants
@desc Queries OAuth2 permissions grants for the relevant SP ObjectId of an app.
@optional {$filter: any # This is the Service Principal ObjectId associated with the app}
@returns(200) OK. The operation was successful.

@endpoint POST /{tenantID}/oauth2PermissionGrants
@desc Grants OAuth2 permissions for the relevant resource Ids of an app.
@optional {body: any # The relevant app Service Principal Object Id and the Service Principal Object Id you want to grant.}
@returns(201) OK. The operation was successful.

@endpoint DELETE /{tenantID}/oauth2PermissionGrants/{objectId}
@desc Delete a OAuth2 permission grant for the relevant resource Ids of an app.
@required {objectId: any # The object ID of a permission grant.}
@returns(204) No Content

@end