There are two interfaces in Groups in the api reference document
url: https://developers.onelogin.com/api-docs/1/groups/get-groups
Get Groups: https:///api/1/groups
Get Group by ID: https:///api/1/groups/:id
I need the interface to get the members of group, is there an interface like Get Group Members not listed? or I should achieve it in other way?
Related
I want to create an API in MS Graph to retrieve the groups:
https://graph.microsoft.com/v1.0/groups/{guid_id}/members
How can I retrieve the GUID of SharePoint groups from the current sites and dynamically add it in the query?
Thanks!
You can list all Groups in your organization using
https://graph.microsoft.com/v1.0/groups
which gives you group objects. You would get id for each object which is nothing but the GUID in your above call.
To list all Groups there is a concept of pagination where you would be getting a nextLink which can get you next set of results. See this paging document.
You can also get the groups you are member of using
https://graph.microsoft.com/v1.0/me/transitiveMemberOf/microsoft.graph.group?$count=true
which also gives you the id's of groups.
I can't seem to find the API call to make to check to see if a user that has authenticated themselves is a member of a specific Azure AD group. Retrieving a list of all Azure AD groups the user is a member of would be fine as well. I assume this would be done through the Graph API but I can't seem to find the API I would use for this. How do I get a list of all Azure AD groups the currently authenticated user is a member of?
The previous answer and comments mention using memberOf. However, in most cases you want to use transitiveMemberOf instead: https://learn.microsoft.com/en-us/graph/api/user-list-transitivememberof?view=graph-rest-1.0&tabs=http
memberOf only returns groups that the user is directly a member of whereas transitiveMemberOf respects group nesting.
For example, if User is a member of GroupA and GroupA is a member of GroupB then memberOf will only return GroupA but transitiveMemberOf will return both GroupA and GroupB.
The (v1) Graph API that you're looking for is listed under Users > Groups > List memberOf (https://learn.microsoft.com/en-us/graph/api/user-list-memberof?view=graph-rest-1.0&tabs=http), as confirmed by Allen on the comment. This API will also list the Azure AD role groups for the user.
Note: Just for a general rule, even if the document looks complicated, operation on any resource is listed on the root of Graph API documentation. If you're accessing a property of a user, look at Users. That will help navigating yourself through the documentation.
Another edit: this might be handy for exploring the Graph API https://developer.microsoft.com/en-us/graph/graph-explorer
I am writing my first API with NestJS and I am looking for a smart way of managing access to resources. I have the following simplified structure:
organization:
users
products
users:
email
organization
products:
organization
more data
I use Passport JWT and Local strategies. But I want to make sure only users from inside the organization can update and create products for that organization.
I have looked at nest-access-control but can't figure out if it can be used for this.
You can create a third table called 'memberOrganization', with the following columns:
membersOrganization
idMembersOrganization
idUser
idOrganization
idPermission
and a fourth table:
permissions
idPermission
permission
That way you could check if that user is a member of that organization and what permissions they have (using leftJoins). Depending on permission, you allow the creation of such products.
Holpe this helps.
I'm using Azure ActiveDirectory Graph API. I can list members(users,contacts,other groups) of a group. I noticed, when I add in office.outlook.com a contact (not personal, organizational contact) to a group, it will be a guest user (add a user, it will be a user ofc). When I list members of a group, I get a list of user objects. I got the guest users and the normal users too. I didn't find any solution for that, to list only the contacts (guest users) from a group. My question is, is this possible?
I use this in my code:
https://graph.windows.net/myorganization/groups/{object_id}/members?api-version
If you check the response , you will find userType property in Microsoft.DirectoryServices.User . userType is a string value that can be used to classify user types in your directory, such as "Member" and "Guest".
Unfortunately a service-side filter for this is not currently possible (filtering on the target of a navigation collection - for type and/or any property including extension properties). See this thread . And you could vote for this feature.
Currently you will need to get all members and then filter on the client side , find the guest users that userType value equals Guest .
Is there a call to graph API that returns to me all members of a group - including the users of nested groups?
To get all direct members for a group, there is GetGroupMembers
To get all groups for a user transitively, I have found getMemberGroups
But I didn't find anything to get a list of all members, including subgroups (as in "if I send an email to group xyz, which users will receive it?").
Is there no such function available or did I overlook something?