I have saved some of the users in azure ad and now trying to get the properties of the users. For this I am using below api:
1. https://graph.microsoft.com/v1.0/users/
Documentation: https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http
The above API responds with the default properties, so if you want to get more properties, you have to specifically mention them in the request like:
2. https://graph.microsoft.com/v1.0/users/?$select=userPrincipalName,givenName,surname,businessPhones,officeLocation,companyName
Now the above api is giving me the appropriate response but it only list down the user which are on first page. If you want to get the list of all the users, then you need to mention top in your request like:
3. https://graph.microsoft.com/v1.0/users?$top=998
Above api will give you all the user list. But I am unable to understand how can I merge the 2 and 3 so that it gives me all the user list but the properties which I have mentioned. Thanks
Just try this:
GET https://graph.microsoft.com/v1.0/users/?$select=userPrincipalName,givenName,surname,businessPhones,officeLocation,companyName&$top=998
Using & to connect all query params
Result:
Related
Unable to use Microsoft Graph API to create or update SharePoint list items with client credentials access token (getting access token with out a user), I get the following error,
I'm able to successfully call GET and DELETE methods with the same access tokens for the same site/list, additionally I'm able to call all methods GET/POST/PATCH/DELETE for the same site/list using the user generated access token.
For my use case I need to able to create/update list items with out user access so, followed this article - https://learn.microsoft.com/en-us/graph/auth-v2-service, API has required permissions granted in the application
can't seem to find any documentation on what exactly I'm missing, looks like POST/PATCH endpoints are looking for some user info in the token, but client crendentials do not have any user info so not sure what to do next, Here's the documentation I'm following https://learn.microsoft.com/en-us/graph/api/listitem-create?view=graph-rest-1.0&tabs=http & I've tried using the .net graph client SDK as well and I get the same error message for both POST/PATCH requests.
Any help on how to successfully create/update sharepoint list items via graph api using client credential token would be highly appreciated.
Followed this article in setting up the application in azure ad - https://learn.microsoft.com/en-us/graph/auth-v2-service, Added app roles are as highlited in this article https://learn.microsoft.com/en-us/answers/questions/756563/app-roles-in-client-credentials-scope-in-azure-b2c.html but no luck.
Hope you are not using delegated permission in your personal account ,
Looks like there is something wrong with your API call ,make sure you are using the correct API call - https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items
You can also Try to create and Update in graph explorer- https://learn.microsoft.com/en-us/graph/api/listitem-create?view=graph-rest-1.0&tabs=http#example .
Hope this helps
Thanks
I am trying to implement functionality where I can get list of documents from share-point.I have tried this demo code from Azure directory implementation and login to account and also got details about sites and user data from graph API.
https://github.com/Azure-Samples/ms-identity-android-kotlin
I am able to get site data from graph API :
But when I am trying to get list then getting error or no value
I have also passed this authorization token to REST API but that too doesn't work.
You can try with scope Sites.ReadWrite.All instead of User.read, as I tested it using Graph Explorer and I got access denied as the scope permission was not consented. After I consent the permission, it worked .
Example 1:
Before Consent:
After Constent:
I have created a test list on the Communication Site.
After that when I query for lists , I successfully get the above one I created.
Example 2 :
I also tested it using a Application registered to Azure AD. It didn't return me any error or any value as well when I queried for lists using that app's credential's from Powershell.
After I add Sites.ReadWrite.All to the App's API permission's .
I can successfully get the Values of the lists.
To summarize it , it could be resolved in 2 ways :
Changing the Scope shown on the screenshot given by you to Sites.ReadWrite.All instead of User.Read.
Adding API permissions to the APP registration in the Azure AD for Microsoft Graph as shown in the example 2 second image.
I'm trying to build a small application that can retrieve a particular user's calendar events without a signed in user, that is to utilize the application permissions in Graph API and query the events by authenticating with App ID, Tenant ID and Secret values. I was able to follow this documentation https://learn.microsoft.com/en-us/graph/auth-v2-service and generate JWT tokens to query the graph API. And it worked fine when i tried to retrieve all the users information, or even retrieve a particular users information using the following paths.
/users
/users/{id | userPrincipalName}
Both the above endpoints worked fine and i was able to retrieve details, but when i tried to access the calendar events of a particular user using the following Graph API path
/users/{id | userPrincipalName}/events
I get the following error,
I'm not sure what i'm doing wrong here, i have the following Application permissions set up in Azure AD Portal and the permissions are reflected in the JWT token.
I feel like the token generation part is working fine since the first two Graph API endpoints i mentioned above are functional, but I'm not sure where else I'm going wrong and as to why I'm not able to retrieve a particular user's calendar events. Any help would be much appreciated.
I am using the next endpoint https://graph.microsoft.com/v1.0/users to get all users in my azure tenant but it is not showing all information about the users, it doesnt show information as: creation date, last login date, password last change date and others.
How can I get the information required?
Thanks in advance.
Regards,
Arsenio
https://graph.microsoft.com/v1.0/users api only lists the basic properties. If you need to get the other properties, you need to use $select to get them.
https://graph.microsoft.com/v1.0/users?$select=createdDateTime,displayName
All the available user properties are listed here.
Unfortunately, you cannot get all this info from the one API call and some of them you cannot get at all. For example, last login info you can get from auditLogs endpoint or using select field modification from user API:
https://graph.microsoft.com/v1.0/users?$select=displayName,createdDateTime
All field that you can extract from user API you can find here.
For extracting information about some of users activities you can use directoryAudit call, but I'm not sure that you can extract last password change from it.
I'm currently developing an application that uses an Azure AD instance. I'm trying to query this AD to sync the users to my system. I want to retrieve all the users and their groups. The Microsoft Graph API has the following function for this operation:
https://graph.microsoft.com/v1.0/users?$expand=memberOf
However, this gives me the same response as calling: https://graph.microsoft.com/v1.0/users. Users in my AD do have groups and I did try calling the api with $select instead of $expand, but also without result.
Is this a bug? Am I doing something wrong?
Thanks!
Expanding navigation properties on user entities is currently not working on the production (v1.0). Please see this post for more information: https://stackoverflow.com/a/39022980.