Adding Restore Operator Roles

In this article

    You can add a restore operator role to an organization with the specified ID.

    Request

    POST https://<hostname>:4443/v6/Organizations/{organizationId}/RbacRoles

    Request Headers

    The request header must contain an authorization token of the current session.

    Request Parameters

    The following parameter must be specified in the URL of the request:

    Parameter

    Type

    Description

    organizationId

    string

    Specifies the identification number of the Microsoft 365 organization. For more information on how to get this parameter, see Getting Organizations.

    Request Body

    The request body must contain the following properties:

    Property

    Type

    Description

    name

    string

    Specifies the name of a restore operator role.

    description

    string

    Specifies the description of a restore operator role.

    roleType

    string

    Specifies the restore operator role type. The following types are available:

    • EntireOrganization. Restore operators are allowed to explore and restore backed-up data of all objects (except teams) within the specified Microsoft 365 organization.
    • SpecificObjects. Restore operators are allowed to explore and restore backed-up data of the specified objects.

    Note: For the restore operator role of the SpecificObjects type, you must specify a collection of objects to manage. Restore operators will be able to explore and restore backed-up data of these objects. For more information about properties that you must specify for different types of objects to manage and objects that are excluded from the restore operator role scope, see selectedItems and excludedItems.

    operators

    restoreOperators

    Specifies one or more restore operators that you want to add to a restore operator role.

     

    selectedItems

    selectedItems

    Specifies one or more objects that you want to add to a restore operator role as objects to manage. Restore operators will be able to explore and restore data from backups created by Veeam Backup for Microsoft 365 for these objects.

    excludedItems

    excludedItems

    Specifies one or more objects that you want to exclude from the scope of a restore operator role. Restore operators will not be able to explore and restore data from backups created by Veeam Backup for Microsoft 365 for these objects.

    Response

    The server returns the following response to the client.

    Response Codes

    A successfully completed operation returns a response code 201 Created.

    Response Headers

    The response to this request contains the following headers. The response may also include additional standard HTTPS headers.

    Header

    Description

    Content-length

    The length of the response body.

    Content-type

    The media type and syntax of the response body message: application/json; charset=utf-8

    Response Body

    The response body contains the following properties:

    Property

    Type

    Description

    id

    string

    An identification number of a restore operator role.

    organizationId

    string

    Specifies the backed-up organization ID.

    name

    string

    A restore operator role name.

    description

    string

    Description of a restore operator role.

    roleType

    string

    Specifies the restore operator role type. The following types are available:

    • EntireOrganization. Restore operators are allowed to explore and restore backed-up data of all objects (except teams) within the specified Microsoft 365 organization.
    • SpecificObjects. Restore operators are allowed to explore and restore backed-up data of the specified objects.

    _links

    Dictionary of string [key] and Object [value]

    Links to related resources (navigation property).

    Examples

    Example 1

    The example shows how to add a restore operator role of the EntireOrganization type.

    Request:

    POST https://abc.tech.local:4443/v6/Organizations/e60dfb9c-ac58-4463-879f-9855ac35576b/RbacRoles

     

    Request Header:

    Authorization: Bearer <Access-Token>

     

    Request Body:

    {

     "name": "Restore Operator Role 3",

     "description": "new role",

     "roleType": "EntireOrganization",

     "operators": [

       {

       "type": "User",

       "user": {

         "id": "6c6d2495-ca27-4b4a-8c93-956bacb8b4b400000000-0000-0000-0000-000000000000",

         "displayName": "Restore Operator",

         "name": "restore_operator@abc.onmicrosoft.com",

         "type": "User"

         }

       }

     ],

     "excludedItems": [

       {

         "type":"Group",

         "group": {

           "id": "acbf8c6c-dd8b-4a4c-8256-dd9a63077fa900000000-0000-0000-0000-000000000000",

           "displayName": "Excluded Objects",

           "name": "excluded@abc.onmicrosoft.com",

           "type": "Security"

         }

      }

    ]

     

    Response:

    201 Created

     

    Response Body:

    {

     "id": "cbb66428-eaaf-45de-a503-035fc2d36211",

     "organizationId": "e60dfb9c-ac58-4463-879f-9855ac35576b",

     "name": "Restore Operator Role 3",

     "description": "new role",

     "roleType": "EntireOrganization",

     "_links": {

       "self": {

         "href": "/v6/rbacRoles/cbb66428-eaaf-45de-a503-035fc2d36211"

       },

       "organization": {

         "href": "/v6/organizations/e60dfb9c-ac58-4463-879f-9855ac35576b"

       },

       "operators": {

         "href": "/v6/rbacRoles/cbb66428-eaaf-45de-a503-035fc2d36211/operators"

       },

       "excludedItems": {

         "href": "/v6/rbacRoles/cbb66428-eaaf-45de-a503-035fc2d36211/excludedItems"

       }

     }

    }

    Example 2

    The example shows how to add a restore operator role of the SpecificObjects type.

    Request:

    POST https://abc.tech.local:4443/v6/Organizations/e60dfb9c-ac58-4463-879f-9855ac35576b/RbacRoles

     

    Request Header:

    Authorization: Bearer <Access-Token>

     

    Request Body:

    {

     "name": "Restore Operator Role 4",

     "roleType": "SpecificObjects",

     "operators": [

       {

       "type": "User",

       "user": {

         "id": "6c6d2495-ca27-4b4a-8c93-956bacb8b4b400000000-0000-0000-0000-000000000000",

         "displayName": "Restore Operator",

         "name": "restore_operator@abc.onmicrosoft.com",

         "type": "User"

         }

       }

     ],  

     "selectedItems": [

        {

       "type": "User",

       "user": {

         "id": "9bdd0fca-7210-450e-bfeb-c0dca2e1b36c00000000-0000-0000-0000-000000000000",

         "displayName": "User3",

         "name": "user3@abc.onmicrosoft.com",

         "type": "User"

       }

     },

     {

       "type": "Group",

       "group": {

         "id": "95e4e659-9039-45ef-826c-d1ba4b8e5d2500000000-0000-0000-0000-000000000000",

         "displayName": "ABC",

         "name": "abc1@abc.onmicrosoft.com",

         "type": "Office365"

       }

     },

     {

       "type": "Site",

       "site": {

         "id": "5359c4b5-5e3f-4fbb-a97f-a916bcba00a1ea863003-4637-4414-ad37-1757dd8f85cc",

         "url": "https://abc.sharepoint.com/sites/ABC_site",

         "title": "ABC_site",

         "isCloud": true,

         "isPersonal": false

       }

     }

     ],

     "excludedItems": [

       {

       "type": "User",

       "user": {

         "id": "88b14a1f-c0bd-435a-9d18-7c703ff1fb1400000000-0000-0000-0000-000000000000",

         "displayName": "Administrator",

         "name": "admin@abc.onmicrosoft.com",

         "type": "User"

         }

      }

    ]

     

    Response:

    201 Created

     

    Response Body:

    {

     "id": "2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f",

     "organizationId": "e60dfb9c-ac58-4463-879f-9855ac35576b",

     "name": "Restore Operator Role 4",

     "description": "",

     "roleType": "SpecificObjects",

     "_links": {

       "self": {

         "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f"

       },

       "organization": {

         "href": "/v6/organizations/e60dfb9c-ac58-4463-879f-9855ac35576b"

       },

       "operators": {

         "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f/operators"

       },

       "selectedItem": {

         "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f/selectedItems"

       },

       "excludedItems": {

         "href": "/v6/rbacRoles/2a1b61aa-6cd9-491c-96e3-85a6dd80dd0f/excludedItems"

       }

     }

    }