Adding Restore Operator Roles

You can add a restore operator role to an organization with the specified ID.

Request

POST https://<hostname>:4443/v6/Organizations/{organizationId}/RbacRoles

Request Headers

The request header must contain an authorization token of the current session.

Request Parameters

The following parameter must be specified in the URL of the request:

Parameter

Type

Description

organizationId

string

Specifies the identification number of the Microsoft 365 organization. For more information on how to get this parameter, see Getting Organizations.

Request Body

The request body must contain the following properties:

Property

Type

Description

name

string

Specifies the name of a restore operator role.

description

string

Specifies the description of a restore operator role.

roleType

string

Specifies the restore operator role type. The following types are available:

  • EntireOrganization. Restore operators are allowed to explore and restore backed-up data of all objects (except teams) within the specified Microsoft 365 organization.
  • SpecificObjects. Restore operators are allowed to explore and restore backed-up data of the specified objects.

Note: For the restore operator role of the SpecificObjects type, you must specify a collection of objects to manage. Restore operators will be able to explore and restore backed-up data of these objects. For more information about properties that you must specify for different types of objects to manage and objects that are excluded from the restore operator role scope, see selectedItems and excludedItems.

operators

restoreOperators

Specifies one or more restore operators that you want to add to a restore operator role.

 

selectedItems

selectedItems

Specifies one or more objects that you want to add to a restore operator role as objects to manage. Restore operators will be able to explore and restore data from backups created by Veeam Backup for Microsoft 365 for these objects.

excludedItems

excludedItems

Specifies one or more objects that you want to exclude from the scope of a restore operator role. Restore operators will not be able to explore and restore data from backups created by Veeam Backup for Microsoft 365 for these objects.

Response

The server returns the following response to the client.

Response Codes

A successfully completed operation returns a response code 201 Created.

Response Headers

The response to this request contains the following headers. The response may also include additional standard HTTPS headers.

Header

Description

Content-length

The length of the response body.

Content-type

The media type and syntax of the response body message: application/json; charset=utf-8

Response Body

The response body contains the following properties:

Property

Type

Description

id

string

An identification number of a restore operator role.

organizationId

string

Specifies the backed-up organization ID.

name

string

A restore operator role name.

description

string

Description of a restore operator role.

roleType

string

Specifies the restore operator role type. The following types are available:

  • EntireOrganization. Restore operators are allowed to explore and restore backed-up data of all objects (except teams) within the specified Microsoft 365 organization.
  • SpecificObjects. Restore operators are allowed to explore and restore backed-up data of the specified objects.

_links

Dictionary of string [key] and Object [value]

Links to related resources (navigation property).

Examples

Example 1

The example shows how to add a restore operator role of the EntireOrganization type.

Request:

POST https://abc.tech.local:4443/v6/Organizations/e60dfb9c-ac58-4463-879f-9855ac35576b/RbacRoles

 

Request Header:

Authorization: Bearer <Access-Token>

 

Request Body:

{

 "name": "Restore Operator Role 3",

 "description": "new role",

 "roleType": "EntireOrganization",

 "operators": [

   {

   "type": "User",

   "user": {

     "id": "6c6d2495-ca27-4b4a-8c93-956bacb8b4b400000000-0000-0000-0000-000000000000",

     "displayName": "Restore Operator",

     "name": "restore_operator@abc.onmicrosoft.com",

     "type": "User"

     }

   }

 ],

 "excludedItems": [

   {

     "type":"Group",

     "group": {

       "id": "acbf8c6c-dd8b-4a4c-8256-dd9a63077fa900000000-0000-0000-0000-000000000000",

       "displayName": "Excluded Objects",

       "name": "excluded@abc.onmicrosoft.com",

       "type": "Security"

     }

  }

]

 

Response:

201 Created

 

Response Body:

{

 "id": "cbb66428-eaaf-45de-a503-035fc2d36211",

 "organizationId": "e60dfb9c-ac58-4463-879f-9855ac35576b",

 "name": "Restore Operator Role 3",

 "description": "new role",

 "roleType": "EntireOrganization",

 "_links": {

   "self": {

     "href": "/v6/rbacRoles/cbb66428-eaaf-45de-a503-035fc2d36211"

   },

   "organization": {

     "href": "/v6/organizations/e60dfb9c-ac58-4463-879f-9855ac35576b"

   },

   "operators": {

     "href": "/v6/rbacRoles/cbb66428-eaaf-45de-a503-035fc2d36211/operators"

   },

   "excludedItems": {

     "href": "/v6/rbacRoles/cbb66428-eaaf-45de-a503-035fc2d36211/excludedItems"

   }

 }

}

Example 2

The example shows how to add a restore operator role of the SpecificObjects type.

Request:

POST https://abc.tech.local:4443/v6/Organizations/e60dfb9c-ac58-4463-879f-9855ac35576b/RbacRoles

 

Request Header:

Authorization: Bearer <Access-Token>

 

Request Body:

{

 "name": "Restore Operator Role 4",

 "roleType": "SpecificObjects",

 "operators": [

   {

   "type": "User",

   "user": {

     "id": "6c6d2495-ca27-4b4a-8c93-956bacb8b4b400000000-0000-0000-0000-000000000000",

     "displayName": "Restore Operator",

     "name": "restore_operator@abc.onmicrosoft.com",

     "type": "User"

     }

   }

 ],  

 "selectedItems": [

    {

   "type": "User",

   "user": {

     "id": "9bdd0fca-7210-450e-bfeb-c0dca2e1b36c00000000-0000-0000-0000-000000000000",

     "displayName": "User3",

     "name": "user3@abc.onmicrosoft.com",

     "type": "User"

   }

 },

 {

   "type": "Group",

   "group": {

     "id": "95e4e659-9039-45ef-826c-d1ba4b8e5d2500000000-0000-0000-0000-000000000000",

     "displayName": "ABC",

     "name": "abc1@abc.onmicrosoft.com",

     "type": "Office365"

   }

 },

 {

   "type": "Site",

   "site": {

     "id": "5359c4b5-5e3f-4fbb-a97f-a916bcba00a1ea863003-4637-4414-ad37-1757dd8f85cc",

     "url": "https://abc.sharepoint.com/sites/ABC_site",

     "title": "ABC_site",

     "isCloud": true,

     "isPersonal": false

   }

 }

 ],

 "excludedItems": [

   {

   "type": "User",

   "user": {

     "id": "88b14a1f-c0bd-435a-9d18-7c703ff1fb1400000000-0000-0000-0000-000000000000",

     "displayName": "Administrator",

     "name": "admin@abc.onmicrosoft.com",

     "type": "User"

     }

  }

]

 

Response:

201 Created

 

Response Body:

{

 "id": "2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f",

 "organizationId": "e60dfb9c-ac58-4463-879f-9855ac35576b",

 "name": "Restore Operator Role 4",

 "description": "",

 "roleType": "SpecificObjects",

 "_links": {

   "self": {

     "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f"

   },

   "organization": {

     "href": "/v6/organizations/e60dfb9c-ac58-4463-879f-9855ac35576b"

   },

   "operators": {

     "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f/operators"

   },

   "selectedItem": {

     "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f/selectedItems"

   },

   "excludedItems": {

     "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f/excludedItems"

   }

 }

}