Questions tagged [azure-ad-graph-api]

1

votes
0

answer
87

Views

Possible to update an Exchange o365 Online meeting Location to another room with graphapi or graph explorer

I am able to update the meeting event but does not update location to an actual room on Azure Active directory, only updates to text. So say someroom is an meeting room.. we only get 'someroom' text location. Is this possible? how Trying this. Also read maybe I need location.AdditonalData , but s...
Hell.Bent
1

votes
1

answer
188

Views

Why can't I create a managed device on Intune?

I am trying to create a managed device in Intune but I am getting different errors. This is the documentation I am using https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/intune_devices_manageddevice_create. I am testing the functionality using Graph Explorer so I do not need t...
Jerica
1

votes
1

answer
190

Views

Azure Graph 403 Authorization_RequestDenied using service principal from VSTS

I have a service principal that is used by VSTS to run an Azure Powershell script. The command i'm trying to call is Get-AzureRmRoleAssignment. I'm getting the following error message 'Exception': { 'Request': { 'Method': 'POST', 'RequestUri': 'https://graph.windows.net/********/getObjectsByObjectId...
user9360564
1

votes
0

answer
236

Views

O365 Webhook Subscriptions for All Users Calendars

There is an existing question which already has an answer; however, the answer comes from a Microsoft developer and reads, 'We are working to support the scenario you are requesting...' and goes on to provide a method which doesn't seem to answer my question. Original article: Using Microsoft graph...
user1477388
1

votes
1

answer
202

Views

acquireTokenAsync method throwing error if userId is not passed

I'm using the Active Directory Authentication Library (ADAL) library for Apache Cordova on an Ionic mobile application. I'm running into an issue calling acquireTokenAsync Note: I'm using Microsoft Intune and I've enabled broker Authentication The generated token from the acquireTokenAsync call 'ap...
lee whitbeck
1

votes
0

answer
82

Views

Create access token from azure AD using assertion flow for access token received from Identity server

Requirement: CompanyA(uses Identity server and has user store) Web API wants to call CompanyB(uses Azure AD and does not have user store) web API with user identity in the token. Becuase CompanyB has to provide user's resource on the api. CompanyA web api called from client of companyA using access...
Raj
1

votes
0

answer
275

Views

is it possible to inject a custom claim into an OAuth2 access token?

The customer scenario is the following: Both App1 and App2 are registered in the same tenant App1 uses client credentials flow to request an (app-permission) access token for App2. AzureAD is the Identity Provider This customer is looking for a way to inject a custom claim (something like “my co...
Bac_Hoang
1

votes
2

answer
268

Views

Azure B2C cannot access graph api

I got an access token to fetch the graph client using the following code: string graphResourceID = 'https://graph.windows.net'; string tenantID = ConfigurationManager.AppSettings['ida:Domain']; string aadInstance = 'https://login.microsoftonline.com/' + tenantID + '/oauth2/v2.0/token'; Micros...
1

votes
0

answer
68

Views

Azure AD B2B authentication - dynamic trusted issuers for multi-tenant applications

I'm converting a web application to enable Azure AD B2B collaboration. Currently it is authenticating internal organisation users via Azure AD (V2 Microsoft Graph API) and is validating the token issuer like this: TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, Val...
Florin D. Preda
1

votes
1

answer
472

Views

“Access Token missing or malformed” error while accessing Azure AD Graph API

I have an account on Azure where we run various applications in docker containers. I would like to connect to Active Directory on this account and be able to manage various aspects such as creating new users, etc. I found following API browser: https://docs.microsoft.com/en-us/rest/api/graphrbac/use...
1

votes
0

answer
231

Views

Update Azure AD App appRoles through MS Graph Explorer

I am trying to update AppRoles of my Azure AD app through MS Graph Explorer. The App is for setup SSO with our AWS account. The URI looks like below. GET query returns all the properties of the Service Principal correctly. https://graph.microsoft.com/beta/servicePrincipals/2141b14a-096a-4f26-a73f-41...
Tomking Chen
1

votes
1

answer
86

Views

Microsoft Graph Api - Azure Active Directory B2B collaboration invitation redemption - lost access to documents

I noticed very weird issue. If user has Microsoft Account and accept invitation, system remove permission to all shared documents. upload document: await _graphClient.Drives[_driveId].Root.ItemWithPath(itemWithPath) .Content.Request() .PutAsync(fileStream) create guest: await _graphClient.Invitat...
Dariusz Basznianin
1

votes
1

answer
110

Views

AAD Graph API returns 404 after call to AcquireTokenAsync, but not after call to AcquireTokenSilentAsync

So I have an application that's calling the graph API. See the following snippet: When the try (AquireTokenSilent) is called, the Web Request completes successfully no problem. However, when make the same web request with the token I get from AcquireTokenAsync, I'm getting a 404 error and an excepti...
Scuba Steve
1

votes
1

answer
61

Views

Way to get unique user location from Azure User Graph

To get list of unique user location from all users in the Azure AD
Archana REddy
1

votes
1

answer
91

Views

Azure AD B2C - Retrieve account lockout time

After N failed login attempts with a wrong password the account get's locked. Documentation says the lockout interval increases after further failed login attempts: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-smart-lockout#manage-azure-ad-smart-lockout-valu...
Tamas Molnar
1

votes
0

answer
129

Views

Azure AD App-Only Authentication in an asp.net CORE 2.0 Web API

Most of the examples for asp.net CORE web API's I have seen are leveraging the authentication 'middleware', which get added in the Startup file and it seems to make the code very elegant. However I am not authenticating the user in any way, instead I'm using Azure AD App-Only to access Graph and Sh...
Tracy
1

votes
0

answer
36

Views

Error when I 'm trying to create message draft using Microsoft Graph API

I used this instructions: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_post_messages I got bearer token and users, but when I try create message using Postman it throw exception My request: https://graph.microsoft.com/v1.0/users/4850bf92-08ff-41f3-9891-51561239aaa54/m...
Bzzik
1

votes
0

answer
73

Views

getAccessTokenAsync return 13005

I am trying to integrate microsoft graph api into our outlook add-in. I have registered add-in by following below documentation. https://docs.microsoft.com/en-us/office/dev/add-ins/develop/register-sso-add-in-aad-v2 I have updated add-in manifest and added webapplicationinfo based on below documenta...
Gnanasuriyan
0

votes
0

answer
3

Views

Microsoft Azure AD graph API, How to get the user mail in response with botbuilder version 4 in node js?

I had created a Azure active directory v1 in azure for the OAuth connection settings to the bot. I got the user's access token successfully, then I make call to GET https://graph.microsoft.com/v1.0/me with an Authorization: Bearer header. { '@odata.context': 'https://graph.microsoft.com/v1.0/$meta...
Prakash
1

votes
1

answer
65

Views

Unable to reset password for On-Premises using Microsoft Graph

I'm using Microsoft Graph for resetting users' password. I'm able to do for the users with domain.onmicrosoft.com but not with domain.com users who are in On-Prem active directory. On-Prem has latest version on Azure AD Connect and password write back is enabled. On Azure, password reset has been en...
Naveen
1

votes
1

answer
121

Views

Azure AD GraphServiceClient can't set AdditionalData against User

I am using the GraphServiceClient with .Net Core 2. I am trying to add AdditionalData to my Users using the following code var updated = new User() { AdditionalData = new Dictionary { {'OtherEmail', otherEmail}, {'OtherRole', otherRole} }, }; await _graphClient.Users[user.Id].Request().UpdateAsync(u...
Lenny D
1

votes
1

answer
32

Views

Microsoft /adminconcent endpoint - Who authorized my app?

I have an Azure client application that uses Microsoft graph APIs. I am using the workflow described at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow to have admin authorize my azure client application for his tenant. This flow ends up giving my cl...
Urjit
1

votes
0

answer
83

Views

Change My Profile using Azure AD Graph API

I want to allow a user to change his/her profile attributes like Country,city, email etc. from my application using Azure AD Graph API. Currently using following code IUser CurrentUser = await activeDirectoryClient.Me.ExecuteAsync(); CurrentUser.City = 'SomeCity'; await CurrentUser.UpdateAsync();...
umer
1

votes
1

answer
78

Views

Add event to O365 group calendar with “Application” permission

Use Case My application needs to dynamically create Office 365 Outlook calendars, share them with a variable number of Office 365 users, and manage the calendar events at any time. Approach Since the application needs to manage the calendars at any time, it needs to authenticate with Application Per...
Gwyn Howell
1

votes
0

answer
45

Views

Create Azure SSO Application using the Graph API

I am trying to create an Azure SSO application using the graph API (no console). I am able to create an application using: https://docs.microsoft.com/en-us/graph/api/application-post-applications?view=graph-rest-beta What I am having trouble with figuring out how to do using the graph API is the Set...
gprime
1

votes
1

answer
56

Views

GraphServiceClient get group from name

I am trying to find all members of a given group, and I only have the group name (and not the id). Is there anyway to get a group from name with the GraphServiceClient? Onlything I found requires id: var users = await graphClient.Groups[group.Id].Members.Request().GetAsync();
Thomas Segato
1

votes
1

answer
73

Views

Custom Attributes/Properties in AAD .. Finding them in MS Graph

I have large AAD Dynamic group that I need to search and query membership for (100K+ member group) and search for users by name. This group is generated based on a custom attribute on the user in AAD. I am trying to figure out if I can get this information out the MS Graph or if I need to move thes...
snowCrabs
1

votes
2

answer
64

Views

Microsoft graph rest api v1.0: Access to B2C tenant users

I want to get user information, not only from Azure Active Directory, but also from Azure B2C Tenant Users. I was able to reproduce results for AAD users, but I couldn't find enough resource as for how to access to B2C Users (e.g. Gmail.com). I get this error when I swap to my desired clientid/clien...
Gemini
1

votes
0

answer
54

Views

Changes to the manifest of my azure app are not seen in the azure portal

I want to programatically mirror AWS IAM Roles to my SAML federation, using a lambda, with lambda like this developer I want to verify what the least privilege access the credentials for the automation software need to have in Azure, so i tried a simple python script to mimic this (see below). I am...
Andreas
1

votes
2

answer
50

Views

How to fix 'User login. Teams is disabled for your tenant.' error in graph api call

I want to use Teams graph api to retrieve all channels of a team (group). I use a 'Get' request on 'https://graph.microsoft.com/v1.0/teams/{GroupId}/channels' The response is 'Access Denied', 'User login. Teams is disabled for your tenant.' Other informations: I don't have any issue when I use Teams...
Harold Jabraud
1

votes
0

answer
46

Views

Azure AD access token expire time configuration

I have two applications registered in AD tenant(lets say App A and App B). App A has API access to App B and it uses client credential flow to acquire access token. Access token expire time is 60mins default and Requirement is to set 10mins. I have followed instructions available on these links,...
Raj
1

votes
0

answer
28

Views

Ingest more than 30k users details from Azure Active Directory

I am facing an issue with iterating over 39k azure ad users in Azure Active directory. I am able to get the ad users from Microsoft Graph API page by page. As the Graph API provides results page by page, our scaling is limited to the number of records in a single page. Thus, it takes a long time (m...
yashm
1

votes
1

answer
685

Views

Azure AD: Change user password from Custom App

We are using several LDAPs in our company, that includes Azure AD for Office365, Google, and OpenLDAP - internal one. We are working on some sort of independent front web face where users would be able to change some of their data including password, any change made by user should be automatically u...
Briksins
1

votes
2

answer
657

Views

Azure AD - Custom Application Roles via Powershell

I've been playing with RBAC in Azure AD, in particular custom application roles. It all works well, but is a bit manual, i.e. downloading, editing and uploading the manifest and then assigning each user/group to one of these roles via the management portal. Is there a way to do that via powershell...
MattDuFeu
1

votes
1

answer
2.1k

Views

Azure AD Graph API Bearer Token with ADAL JS

As Learning application , i am using AngularJS,ADAL js and WebAPI as Mentioned in this post. Angularjs-authentication-using-azure-active-directory-authentication-library-adal Tutorial is very neat and clean for the implementation. After the authentication i am trying to add a User in the Azure AD[T...
joshua
1

votes
1

answer
209

Views

Graph API Client token authentication issue

My website is using the GraphClient Library (http://www.nuget.org/packages/Microsoft.Azure.ActiveDirectory.GraphClient) to query Azure AD. Its using its own credentials and authorization token to access graph.windows.net and this works fine. I'm trying to change it so that when users log into my we...
Russell
1

votes
1

answer
567

Views

Azure Graph api client remove member from group

I have trouble to remove user from group. I have no problem with adding a user. I do not recieve any error from myGroup.Members.Remove(user as DirectoryObject);. Is it a bug? ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(); User user = (User)await client.Users.GetByObj...
Benjamin Leetmaa
1

votes
2

answer
553

Views

Azure AD Reporting API: Inconsistent results between portal and API

I'm using the Getting started with the Azure AD Reporting API PowerShell example with some additional steps to take advantage of nextLink and grab all the data in my date range. The data consistently comes back missing the oldest 24 hours worth of logs. I can see the logs exist via the portal or b...
Rick_2CA
1

votes
1

answer
419

Views

Azure Active Directory Object Permissions

I have an Azure Active Directory Application (and associated Service Principal). That Service Principal needs to be able to add and remove members from an Azure Active Directory Group...so I have added Read and write directory data under Application Permissions: And I have code that uses the Client...
Jeff
1

votes
2

answer
217

Views

Azure AD for Office 365 does not show in new portal

In new Azure Portal i don't see any way to manage AD. Customer does not really have Azure AD subscription just Office 365. But i can see it in old Management, add APPS that work with AD and everything. How can i do that in new Azure Portal? Demonstrated on this screnshot using same account: https://...
Evlo

View additional questions