I want to retrieve the all the Owners of an azure subscription Programmatically. I don't want do it using Powershell.
And i came to know that we can achieve this using Azure Management REST API but could not find the exact API reference to retrieve the owner list from a azure subscription.
Can some one please help me on this.
REST APIs
You should be able to get that information using the Microsoft.Authorization/roleAssignments REST API.
In your case, since you're looking for Owners at Subscription level, the scope would be {scope} will be subscriptions/{subscriptionId}
Also,
Once you get the response, it will contain Role Definitions IDs instead of exact names. For all Built-in Roles, you can know which Role it is before hand by visiting this Microsoft documentation. E.g. Id for Owner role is "8e3af657-a8ff-443c-a75c-2fe8c4bcb635"
To find the Id's for all possible Role Definitions as part of response, you can use Role Definitions - List REST API
Helpful Documentation
Read through this Microsoft Documentation which gives details on how to List out, Grant Access or Remove Access using RBAC and REST API : Manage Access Using RBAC and REST API
UPDATE (Samples and API to get to Classic Administrators as well)
I ran a few samples using my trial subscription. Here are the requests and responses.
To find all the users who have been explicitly assigned "Owner" role at the subscription level
Request:
Response:
NOTICE That Role Definition Id in response is "8e3af657-a8ff-443c-a75c-2fe8c4bcb635". This corresponds to built-in Owner role.
To find all the users who are Owners by the virtue of being Classic Administrators (This is relevant for accounts that sign up for a subscription, but haven't been explicitly assigned Owner role using Azure portal RBAC)
Request: Notice classicAdministrators at the end of URL and the API Version is an old one 2015-06-01
GET https://management.azure.com/subscriptions/6f070baf-bbba-47a5-bbe4-a0450017cdf5/providers/Microsoft.Authorization/classicAdministrators?api-version=2015-06-01
Response: Notice role is ServiceAdministrator;AccountAdministrator