Approve-CafPimRole
Approves a PIM Role assignment request for a single user.
Syntax
Approve-CafPimRole
-Justification <string>
[-UserId <string>]
[-UserName <string>]
[-RoleId <string>]
[-Tenant <string>]
Description
Checks if the user is eligible for the role and activates the assignment.
Example
Approve-CafPimRole -Tenant "contoso.com"
Parameter
-Justification
The justification for the approval.
| Property | Value |
|---|---|
| Type: | string |
| Default value: | None |
| Required: | True |
-UserId
The id of the user who created the approval request.
| Property | Value |
|---|---|
| Type: | string |
| Default value: | None |
| Required: | False |
-UserName
The starting part of the UPN of the user who created the approval request.
We only can provide the startsWith functionality here because Azure Graph does not expose contains to default callers.
| Property | Value |
|---|---|
| Type: | string |
| Default value: | None |
| Required: | False |
-RoleId
The id of the role. Default role is "Global Administrator".
| Property | Value |
|---|---|
| Type: | string |
| Default value: | "62e90394-69f5-4237-9190-012177145e10" |
| Required: | False |
-Tenant The tenant id or domain name.
| Property | Value |
|---|---|
| Type: | string |
| Default value: | None |
| Required: | False |