title | description | keywords | author | ms.author | manager | ms.date | ms.topic | ms.technology | ms.devlang | ms.service |
---|---|---|---|---|---|---|---|---|---|---|
Graph RBAC libraries for python |
Reference for Graph RBAC libraries for python |
Azure, python, SDK, API, Graph RBAC |
ramya-rao-a |
ramyar |
jfriend |
05/10/2019 |
reference |
azure |
python |
active-directory |
Important
Azure AD Graph is in its retirement phase. For details, updates, and time frames, see Microsoft Graph or the Azure AD Graph.
Moving forward, applications should use the Microsoft Graph API.
Sign-on users and control access to applications and APIs with Active Directory Graph.
pip install azure-graphrbac
Note
You need to change the resource parameter to https://graph.windows.net while creating the credentials instance
from azure.graphrbac import GraphRbacManagementClient
from azure.common.credentials import UserPassCredentials
credentials = UserPassCredentials(
'user@domain.com', # Your user
'my_password', # Your password
resource="https://graph.windows.net"
)
tenant_id = "myad.onmicrosoft.com"
graphrbac_client = GraphRbacManagementClient(
credentials,
tenant_id
)
The following code creates a user, get it directly and by list filtering, and then delete it.
from azure.graphrbac.models import UserCreateParameters, PasswordProfile
user = graphrbac_client.users.create(
UserCreateParameters(
user_principal_name="testbuddy@{}".format(MY_AD_DOMAIN),
account_enabled=False,
display_name='Test Buddy',
mail_nickname='testbuddy',
password_profile=PasswordProfile(
password='MyStr0ngP4ssword',
force_change_password_next_login=True
)
)
)
# user is a User instance
self.assertEqual(user.display_name, 'Test Buddy')
user = graphrbac_client.users.get(user.object_id)
self.assertEqual(user.display_name, 'Test Buddy')
for user in graphrbac_client.users.list(filter="displayName eq 'Test Buddy'"):
self.assertEqual(user.display_name, 'Test Buddy')
graphrbac_client.users.delete(user.object_id)