Read User Roles
Get roles that are assigned to a user in Office 365.
The Read User Roles action card only reads roles that are activated in an Office 365 tenant.
Also, the card only reads default system roles. It doesn't read custom roles.
Input
| Field | Definition | Type | Required |
|---|---|---|---|
|
User |
|||
|
ID or Username |
User ID or username of the Office 365 user. This is the user's User Principal Name (UPN). A UPN is formed by taking the username and domain and combining them with the @ separator. For example, john.doe@somedomain.com. This could be the user's email address, but not always. |
Text |
TRUE |
If the string for the UPN input begins with the $ character, remove the slash / after /users and enclose the UPN value in parentheses and single quotes. For example, /users('$AdeleVance@contoso.com'). See Known issues with Microsoft Graph.
To search for a B2B user using a UPN input value, encode the hash # character as %23. For example, /users/AdeleVance_adatum.com%23EXT%23@contoso.com.
Output
| Field | Definition | Type |
|---|---|---|
|
ID |
The unique identifier for the user. |
Text |
|
Display Name |
Display name for the directory role. |
Text |
|
Description |
Description for the directory role. |
Text |
|
Role Template ID |
ID of the directoryRoleTemplate on which this role is based. The property must be specified when activating a directory role in a tenant with a POST operation. After the directory role has been activated, the property is read only. |
Text |
For example:
{
"@odata.id": "https://graph.microsoft.com/v2/28d029a7-1d11-4ce0-85f5-d9502f2cd5b1/directoryObjects/06265c7a-1373-4033-8d26-3a9a04226e15/Microsoft.DirectoryServices.DirectoryRole",
"id": "06265c7a-1373-4033-8d26-3a9a04226e15",
"deletedDateTime": null,
"description": "Can reset passwords for non-administrators and Helpdesk Administrators.",
"displayName": "Helpdesk Administrator",
"roleTemplateId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"
}Related topics
Azure Active Directory connector