How to get Users with Role permissions
I am using this [subscription api][https://management.azure.com/subscriptions?api-version=2020-01-01] to get the azure subscription details. but in the response we are getting authorization source has role based. How can we fetch the users present in that subscription and what are there permissions(ex- owner, reader)
Firstly, you can use this API to get the role assignment of your subscription, just as below:
Each item record presents a role assignment. And you can find roleDefinitionId which means the role you assigned and principalId means the role assigned to which Azure AD app or user.
So if you want to get the details about the role information, you should call the API below sparately:
GET https://management.azure.com/<value of roleDefinitionId>?api-version=2018-07-01
And if you want to get the details information of principalId, you should call Microsoft Graph API : get directory object just as below:
If you just want to query a user/Azure ad application is assigned with subscription roles, it will be much easier as This API provides a $filter param for us, lets say if you have a user's object ID, you can filter this user's role by request below:
- Can't signin into microsoft account
- TenantGuidNotFound when trying to send email using Microsfot GraphAPI
- Azure Function App Kudu Functions API with empty response
- Get Azure Active Directory password expiry date in PowerShell
- Provision new SQL Azure database into existing, non-terraform managed SQL Server instance
- Azure Logic App HTTP Request Authentication Scope
- Get Log analytics workspace ID of a virtual machine in Azure connected to a workspace in a different subscription
- Enabling minimum apiVersion to 2021-08-01 in Azure API Management causing saving issues or deployment errors for existing logic apps
- Privileged Identity Management - My roles
- Creating a VM in Azure using Powershell
- Creating multiple function apps with one Flex Consumption plan
- Azure Bicep reference existing resources from different subscriptions using ternary operators inside scope property
- Trigger azure function on user registration in b2c
- Migrating from validate-jwt to validate-azure-ad-token policy
- Azure DevOps Pipeline Expression Evaluation
- Using Event Hubs binding for Azure Functions with managed identities?
- How to connect a microsoft SQL Server database to Open Data Discovery (odd-odd-platform)?
- Cosmos DB for MongoDB private endpoint requests blocked by network firewall
- Specifying SAS Token Authorization header with Azure REST API
- Databricks ui is different between different Azure Tenants with activated SCIM Integration
- Download large files in Azure image builder process
- TriggerBuild Could not queue the build because there were validation errors or warnings
- How to filter users in directory by company name with Microsoft Graph Java SDK?
- How to get the azure subscription current cost using PowerShell
- How to automate Azure Data Factory (ADF) credential updates from development to production using Azure DevOps?
- Azure Form Recognizer Set API Version
- Is there a way to deploy a azure function directly to a storage account with private endpoint
- How do I flatten certain properties in a nested structure using Linq for Cosmos noSQL?
- Unable to locate executable file: 'bash'. Please verify either the file path exists
- "We're sorry, your sql database is unavailable" What does this mean exactly in Azure SQL?