Domains - List Role Assignments

Service:: Admin

API Version:: v1

Returns a list of domain role assignments.

Permissions

The caller must be a Fabric administrator.

Required Delegated Scopes

Tenant.Read.All or Tenant.ReadWrite.All.

Microsoft Entra supported identities

This API supports the Microsoft identities listed in this section.

Identity	Support
User	Yes
Service principal and Managed identities	Yes

Interface

GET https://api.fabric.microsoft.com/v1/admin/domains/{domainId}/roleAssignments

With optional parameters:

GET https://api.fabric.microsoft.com/v1/admin/domains/{domainId}/roleAssignments?continuationToken={continuationToken}

URI Parameters

Name	In	Required	Type	Description
domainId	path	True	string (uuid)	The domain ID.
continuationToken	query		string	A token for retrieving the next page of results.

Responses

Name	Type	Description
200 OK	DomainRoleAssignments	Request completed successfully.
Other Status Codes	ErrorResponse	Common error codes: DomainNotFound - The provided domain was not found UnknownError - An error occurred.

Name

Type

Description

200 OK

DomainRoleAssignments

Request completed successfully.

Other Status Codes

ErrorResponse

Common error codes:

DomainNotFound - The provided domain was not found
UnknownError - An error occurred.

Examples

List domain role assignments example

Sample request

HTTP

GET https://api.fabric.microsoft.com/v1/admin/domains/00cb3785-58b5-408e-9e5f-7a26d28f0b9b/roleAssignments

Sample response

Status code:: 200

{
  "value": [
    {
      "role": "Admin",
      "principal": {
        "displayName": "Eric Solomon",
        "id": "81fac5e1-2a81-421b-a168-110b1c72fa11",
        "type": "User",
        "userDetails": {
          "userPrincipalName": "eric@microsoft.com"
        }
      }
    },
    {
      "role": "Contributor",
      "principal": {
        "id": "f51b705f-a409-4d40-9197-c5d5f349e2f0",
        "displayName": "TestSecurityGroup",
        "type": "Group",
        "groupDetails": {
          "groupType": "SecurityGroup"
        }
      }
    }
  ]
}

Definitions

Name	Description
DomainRole	Represents the domain members by the principal's request type. Additional request types may be added over time.
DomainRoleAssignment	Represents a domain role assignment.
DomainRoleAssignments	A response wrapper for a list of domain role assignments with a continuation token.
ErrorRelatedResource	The error related resource details object.
ErrorResponse	The error response.
ErrorResponseDetails	The error response details.
GroupDetails	Group specific details. Applicable when the principal type is `Group`.
GroupType	The type of the group. Additional group types may be added over time.
Principal	Represents an identity or a Microsoft Entra group.
PrincipalType	The type of the principal. Additional principal types may be added over time.
ServicePrincipalDetails	Service principal specific details. Applicable when the principal type is `ServicePrincipal`.
ServicePrincipalProfileDetails	Service principal profile details. Applicable when the principal type is `ServicePrincipalProfile`.
UserDetails	User principal specific details. Applicable when the principal type is `User`.

DomainRole

Enumeration

Represents the domain members by the principal's request type. Additional request types may be added over time.

Value	Description
Admin	Domain admin.
Contributor	Domain contributor.

DomainRoleAssignment

Object

Represents a domain role assignment.

Name	Type	Description
principal	Principal	The principal.
role	DomainRole	The domain role of the principal.

DomainRoleAssignments

Object

A response wrapper for a list of domain role assignments with a continuation token.

Name	Type	Description
continuationToken	string	The token for the next result set batch. If there are no more records, it's removed from the response.
continuationUri	string	The URI of the next result set batch. If there are no more records, it's removed from the response.
value	DomainRoleAssignment[]	The list of the domain role assignments.

ErrorRelatedResource

Object

The error related resource details object.

Name	Type	Description
resourceId	string	The resource ID that's involved in the error.
resourceType	string	The type of the resource that's involved in the error.

ErrorResponse

Object

The error response.

Name	Type	Description
errorCode	string	A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.
message	string	A human readable representation of the error.
moreDetails	ErrorResponseDetails[]	List of additional error details.
relatedResource	ErrorRelatedResource	The error related resource details.
requestId	string	ID of the request associated with the error.

ErrorResponseDetails

Object

The error response details.

Name	Type	Description
errorCode	string	A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.
message	string	A human readable representation of the error.
relatedResource	ErrorRelatedResource	The error related resource details.

GroupDetails

Object

Group specific details. Applicable when the principal type is Group.

Name	Type	Description
groupType	GroupType	The type of the group. Additional group types may be added over time.

GroupType

Enumeration

The type of the group. Additional group types may be added over time.

Value	Description
Unknown	Principal group type is unknown.
SecurityGroup	Principal is a security group.
DistributionList	Principal is a distribution list.

Principal

Object

Represents an identity or a Microsoft Entra group.

Name	Type	Description
displayName	string	The principal's display name.
groupDetails	GroupDetails	Group specific details. Applicable when the principal type is `Group`.
id	string (uuid)	The principal's ID.
servicePrincipalDetails	ServicePrincipalDetails	Service principal specific details. Applicable when the principal type is `ServicePrincipal`.
servicePrincipalProfileDetails	ServicePrincipalProfileDetails	Service principal profile details. Applicable when the principal type is `ServicePrincipalProfile`.
type	PrincipalType	The type of the principal. Additional principal types may be added over time.
userDetails	UserDetails	User principal specific details. Applicable when the principal type is `User`.

PrincipalType

Enumeration

The type of the principal. Additional principal types may be added over time.

Value	Description
User	Principal is a Microsoft Entra user principal.
ServicePrincipal	Principal is a Microsoft Entra service principal.
Group	Principal is a security group.
ServicePrincipalProfile	Principal is a service principal profile.
EntireTenant	Principal represents all tenant users.

ServicePrincipalDetails

Object

Service principal specific details. Applicable when the principal type is ServicePrincipal.

Name	Type	Description
aadAppId	string (uuid)	The service principal's Microsoft Entra AppId.

ServicePrincipalProfileDetails

Object

Service principal profile details. Applicable when the principal type is ServicePrincipalProfile.

Name	Type	Description
parentPrincipal	Principal	The service principal profile's parent principal.

UserDetails

Object

User principal specific details. Applicable when the principal type is User.

Name	Type	Description
userPrincipalName	string	The user principal name.

Share via

Domains - List Role Assignments

Permissions

Required Delegated Scopes

Microsoft Entra supported identities

Interface

URI Parameters

Responses

Examples

List domain role assignments example

Sample request

Sample response

Definitions

DomainRole

DomainRoleAssignment

DomainRoleAssignments

ErrorRelatedResource

ErrorResponse

ErrorResponseDetails

GroupDetails

GroupType

Principal

PrincipalType

ServicePrincipalDetails

ServicePrincipalProfileDetails

UserDetails