Entity - Policy Assignments

Minimum API version 4.0

Note for API version v8.0

As of API version 8.0all the APIs that refer to the Policy Assignments "hide" from the caller any Management Groups on which the caller does not have any Role assignment. This is intended for delegation of administration where the user is supposed to only manage a subset of endpoints, which are specified by means of Management Groups. The delegated administrator should only be able to see information related to his or her Management Groups, and not anything else in the organization. This is done transparently by the APIs unless otherwise noted, i.e., the API is called in the normal way as in previous versions, but the returned results are the ones that you would get if the only existing Management Groups were those on which you have any Role assignment. In other words, trying to access a specific information about Policy assignments on which you have no rights on an assigned Management Group will return an error, and retrieving information about the Policy assignments will return only the assigned Management Groups that are accessible to the calling user.
VerbRequestNotesPermissions required
POST/Consumer/PolicyAssignments

Assigns a Policy to a Management Group

Payload
{
   "PolicyId": 1,
   "ManagementGroupId": 12
}

Requires 'Write' permission on 'GuaranteedState' securable type

New for API version 8.0: Requires 'Assign' permission on the 'PolicyAssignment' securable type

GET/Consumer/PolicyAssignments/{id}Returns a specific Policy assignment object by its IdRequires 'Read' permission on 'GuaranteedState' securable type
GET/Consumer/PolicyAssignmentsReturns all policy assignmentsRequires 'Read' permission on 'GuaranteedState' securable type
DELETE/Consumer/PolicyAssignments/{id}Deletes a specific Policy assignment object by its Id

Requires 'Delete' permission on 'GuaranteedState' securable type

New for API version 8.0: Requires 'Assign' permission on the 'PolicyAssignment' securable type