在 Azure AD 访问评审中评审自己对组或应用程序的访问权限Review access for yourself to groups or applications in Azure AD access reviews

Azure Active Directory (Azure AD) 借助称为“Azure AD 访问评审”的功能,简化了企业对 Azure AD 及其他 Microsoft Online Services 中的组或应用程序访问权限的管理方式。Azure Active Directory (Azure AD) simplifies how enterprises manage access to groups or applications in Azure AD and other Microsoft Online Services with a feature called Azure AD access reviews.

本文介绍如何评审自己对组或应用程序的访问权限。This article describes how to review your own access to a group or an application.

使用“我的应用”评审访问权限Review your access using My Apps

执行访问评审的第一步是找到并打开访问评审。The first step to perform an access review is to find and open the access review.

重要

接收电子邮件可能存在延迟,在某些情况下,可能需要长达 24 小时来接收。There could be delays in receiving email and it some cases it could take up to 24 hours. 将 azure-noreply@microsoft.com 添加到安全收件人列表以确保收到所有电子邮件。Add azure-noreply@microsoft.com to your safe recipients list to make sure that you are receiving all emails.

  1. 找到要求你执行访问评审的 Microsoft 电子邮件。Look for an email from Microsoft that asks you to review access. 以下示例电子邮件要求评审你对某个组的访问权限。Here is an example email to review your access to a group.

    要求评审你对某个组的访问权限的 Microsoft 示例电子邮件

  2. 单击“评审访问权限”链接,打开访问评审。Click the Review access link to open the access review.

如果未收到该电子邮件,可遵循以下步骤找到待处理的访问评审。If you don't have the email, you can find your pending access reviews by following these steps.

  1. 登录到“我的应用”门户 (https://account.activedirectory.windowsazure.cn/r#/applications)。Sign in to the My Apps portal at https://account.activedirectory.windowsazure.cn/r#/applications.

    “我的应用”门户,其中列出了你有权访问的应用

  2. 在页面右上角,单击用户符号,其中显示了你的姓名和默认组织。In the upper-right corner of the page, click the user symbol, which displays your name and default organization. 如果列出多个组织,请选择已请求访问评审的组织。If more than one organization is listed, select the organization that requested an access review.

  3. 在页面右侧,单击“访问评审”磁贴来查看待处理的访问评审。On the right side of the page, click the Access reviews tile to see a list of the pending access reviews.

    如果该磁贴不可见,则该组织没有要执行的访问评审,此时不需要执行任何操作。If the tile isn't visible, there are no access reviews to perform for that organization and no action is needed at this time.

    应用和组的待处理访问评审列表

  4. 单击你要执行的访问评审对应的“开始评审”链接。Click the Begin review link for the access review you want to perform.

执行访问评审Perform the access review

打开访问评审以后,即可看到自己的访问权限。Once you have opened the access review, you can see your access.

  1. 评审你的访问权限,决定是否仍需要访问权限。Review your access and decide whether you still need access.

    如果请求是评审他人的访问权限,则页面内容会有所不同。If the request is to review access for others, the page will look different. 有关详细信息,请参阅评审对组或应用程序的访问权限For more information, see Review access to groups or applications.

    屏幕截图显示了开放访问评审,其中询问是否仍需访问某个组。

  2. 单击“是”保留访问权限,或者单击“否”删除访问权限。Click Yes to keep your access or click No to remove your access.

  3. 如果单击“是”,你可能需要在“原因”框中指出原因。 If you click Yes, you might need to specify a justification in the Reason box.

    屏幕截图显示已完成的访问评审,其中系统询问你是否仍需访问某个组,且已选择“是”。

  4. 单击“提交” 。Click Submit.

    此时会提交你所做的选择,并会将你返回到“我的应用”门户。Your selection is submitted and you returned to the My Apps portal.

    若要更改响应,请重新打开“访问评审”页面并更新响应。If you want to change your response, reopen the access reviews page and update your response. 在访问评审结束之前,随时可以更改响应。You can change your response at any time until the access review has ended.

    备注

    如果你指出不再需要访问权限,系统不会立即将你删除。If you indicated that you no longer need access, you aren't removed immediately. 系统会在评审结束时或者在管理员停止评审时将你删除。You are removed when the review has ended or when an administrator stops the review.

后续步骤Next steps