Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Represents a customized RBAC scope object from each RBAC provider. This resource is a subtype of appScope, which is a scope defined and understood by a specific application. A custom app scope has its own lifecycle for role assignment objects across various RBAC providers. A custom app scope can also store custom attributes sourced from different RBAC providers.
For example, in the Exchange Online provider, customAppScope maps to management role scope that can be managed separately by Exchange administrators. The CRUD operations for customAppScope entities are supported. You can use the ID of a customAppScope as the appScopeId of a unifiedRoleAssignment.
The following providers are supported:
- Exchange Online RBAC provider
- Microsoft Defender XDR Unified RBAC provider
Inherits from appScope.
Methods
| Method | Return Type | Description |
|---|---|---|
| List for Exchange Online and Defender | customAppScope collection | Get a list of customAppScope objects for the Exchange Online or Defender RBAC providers. |
| List for Defender | customAppScope collection | Get a list of customAppScope objects for the Defender RBAC provider. |
| Create for Exchange Online | customAppScope | Create a new customAppScope object for an RBAC provider. |
| Get for Exchange Online | customAppScope | Get the properties of a customAppScope object for an RBAC provider. |
| Update for Exchange Online | None | Update an existing customAppScope object of an RBAC provider. |
| Delete for Exchange Online | None | Delete a customAppScope object of an RBAC provider. |
Properties
| Property | Type | Description |
|---|---|---|
| customAttributes | customAppScopeAttributesDictionary | An open dictionary type that holds workload-specific properties for the scope object. |
| displayName | String | The display name of the app-specific resource represented by the app scope. Provided for display purposes since the appScopeId is often an immutable, non-human-readable ID. Read-only. Inherited from appScope. |
| id | String | The unique identifier of an app-specific container or resource that represents the scope of the assignment. Usually the immutable ID of the resource. The scope of an assignment determines the set of resources for which the principal has been granted access. Required. Inherited from appScope. |
| type | String | The type of app-specific resource represented by the app scope. Provided for display purposes, so a user interface can convey to the user the kind of app-specific resource represented by the app scope. Read-only. Inherited from appScope. |
Relationships
None.
JSON representation
The following JSON representation shows the resource type.
{
"customAttributes": {
"@odata.type": "microsoft.graph.customAppScopeAttributesDictionary"
},
"displayName": "String",
"id": "String (identifier)",
"type": "String"
}