GDAP API: Provision Security Groups Based On Template Roles


This article is describing our current GDAP API endpoint parameters, payloads and which call methods to use for specific tasks, and how to combine these workflows in C# implementation for Provisioning Security Groups based on Publish Template Data.

Resource Links

Swagger UI -

Base URL:


API: Create Security Groups By Template
Method: POST


Key Value Description
providerId 918c6a1a-******-e0343eea7e0b Microsoft Partner Tenant Id
templateId 54d4fa48-80a3-46a5-abcf-5ad0f85078af Provide Template Id that has been published
userId 72b06fb0-fde6-4a78-9339-f0413ebcfd38 User Object Id from your Tenant's AAD that will be assigned as owner to the Security groups



Key Value Description
Authorization Bearer {accesstoken} Your access token here


JSON Response 1 (If access is valid and the account has permissions) :

    "Message""Admin Agents group mapped to newly created security groups.",
    "SecurityGroups": [
        "Success: CSP-SG CSP-SG Insights administrator a4156524-eb3f-46a4-866d-c780000b85dd",
        "Success: CSP-SG CSP-SG Network administrator f35310c9-4f68-4372-bbb2-795c7ccfc166",
        "Success: CSP-SG CSP-SG Security administrator fcd5080e-85bf-4a7e-932b-d618be021f93",
        "Success: CSP-SG CSP-SG Groups administrator a64d88b5-172b-4b67-bd7d-f7dd5a3ed4a6"

JSON Response 2 (If the access token is not valid or lacks permissions for the call):


Response type will default to - 401 (Unauthorized)

C# Method Example:

public async Task<string> CreateSecurityGroups(string baseUrl, string providerId, string bearer, string templateId, string userId)
string uri = $"{baseUrl}CreateSecurityGroupsByTemplate?providerId={providerId}&templateId={templateId}&userId={userId}";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri);
request.Method = "POST";
request.Headers.Add("Authorization", $"Bearer {bearer}");
request.Accept = "application/json";
request.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;
request.ContentLength = 0;

using (HttpWebResponse response = (HttpWebResponse)await request.GetResponseAsync())
using (Stream stream = response.GetResponseStream())
using (StreamReader reader = new StreamReader(stream))
return await reader.ReadToEndAsync();


Calling this method from code:

var publish = await gdapTemplateOps.CreateSecurityGroups(CurrentBaseUrl, "Provider ID HERE", bearerToken.access_token, tb_TemplateId.Text, tb_UserIdSecGrps.Text);

Was this article helpful?

0 out of 0 found this helpful

Add comment

Please sign in to leave a comment.