Questions tagged [azure-ad-graph-api]

1

votes
1

answer
381

Views

How to create multiple users in azure b2c with graph api?

As the title says I want to be able to take multiple users from a database and add them to my azure B2C tenant. I have already successfully created single users using the B2C graph client. I would also like to know if someone has created a json schema to help in user creation with the B2C graph cl...
1

votes
4

answer
1.4k

Views

Create user with Custom Attributes in Azure AD B2C with Graph API

I am trying to create user with Graph API. user json object is as shown below. I have created a custom attribute called Role. So while creating the user i need to give some value this Role as well. But if i include this custom attribute i am getting error. One or More properties are invalid Create...
Venky
1

votes
1

answer
58

Views

Error 400 - Bad Request an Creating user with Microsoft Graph

I am trying to create a new user in my tenant using Microsoft Graph (v1.0) with help of the Microsoft doc. When I create my user, I always get an error 400 bad request as response. I am using HttpClient to make the post Request. My Function : private async Task BuildUser(string token, string query)...
Challouatte Cyril
0

votes
1

answer
14

Views

Unable to create new user using Azure Active Directory B2C Graph API with chinese character Json data

I am trying to create a user using AAD B2C graph API. It is working fine when the Payload Json is English Character, but If I create the Json Payload with a Chinese character, Its fails. Json Payload: { "givenName": "会话", "surname": "宋", "mail": "[email protected]" "city": "TestCity", "state": "he...
Koushik mondal
0

votes
1

answer
24

Views

ArgumentException: The 'CallbackPath' option must be provided

I implemented active directory authentication for my Asp.Net core 2 application. Every thing works fine on local but once I deployed the application to server it throws error "ArgumentException: The 'CallbackPath' option must be provided." I added call back path on my appsettings file: tried both:...
Kurkula
1

votes
1

answer
65

Views

Getting Me using Azure OAuth 2 Token

I am trying to use Azure OAuth2 to authenticate a user, then get some information about them. Here is what I am doing now. If code is not in URI, redirect them to: https://login.microsoftonline.com/GUID_HERE/oauth2/v2.0/authorize This redirects them back the the URL, but passes the code in the URI T...
tscrip
1

votes
1

answer
759

Views

Changing expired password(s) using Azure Graph API

I have the following Python code to authenticate against the Graph API import requests def login(tenant_name, client_id, client_secret, username, password): url = 'https://login.windows.net/' + tenant_name + '/oauth2/token' payload = { 'grant_type': 'password', 'username': username + '@' + tenant_na...
saps
0

votes
0

answer
8

Views

extension attributes for ad user in azure active directory using Microsoft.Graph

Hi I am trying to add extension property to azure ad user using Microsoft.Graph package. var schema = new SchemaExtension() { Id = "Location", TargetTypes = new List { "User" }, Description = "DescribesLocation", Properties = new List() { new ExtensionSchemaProperty { Name = "LocationCode", Type = "...
ashwinee
1

votes
1

answer
446

Views

Azure ADAL Integrated Security

I'm trying to get Integrated Security (via NTLM via ADFS) to work from the Azure ADAL .NET client (v2.19). Our ADFS server is running ADFS 3.0 with Forms and Windows Authentication enabled (as described here http://blogs.msdn.com/b/josrod/archive/2014/10/15/enabled-forms-based-authentication-in-adfs...
Jeff
3

votes
2

answer
32

Views

Azure AD Graph object ID of multi-tenant app is unique per tenant, how do I get the servicePrincipal ID dynamically?

I'm building an AD multi-tenant app and in order to get the data regarding who is assigned to what role within their tenant, I need to query an endpoint that requires a service principal ID. This ID is unique per tenant and I'm trying to fill it in the API link dynamically, just not sure where to ge...
SebastianG
2

votes
0

answer
28

Views

Unauthorized In Microsoft Graph Api Unable To Get Data

I am currently developing a ASP.NET MVC 5 site which uses the Microsoft Graph API application to retrieve and insert data into Microsoft Planner. Said site already has Azure Active Directory authentication. I am currently using the following code to get the access token to login into the Graph API a...
Matthias McCarthy
2

votes
1

answer
257

Views

Regex full text filter/search in Microsoft Graph API for O365 in request?

I am trying to add a filter in my Microsoft Graph API request on O365 data (like mails, messages, events, etc.) to only get items where certain regex triggers. I found the search feature: Full Text Search Capabilities in Azure AD Graph API (preview), but it seems this feature have been removed (and...
David G.
2

votes
3

answer
690

Views

Azure AD B2C - how to implement custom sign up process?

This is basically a follow up to my prev question - https://stackoverflow.com/a/44738654/2896495. I've implemented an Azure B2C sign up and auth in my web app (.NET Core 2.0) and now I want to add a custom sign up logic with Graph API (as described here - https://docs.microsoft.com/en-us/azure/activ...
alvipeo
2

votes
2

answer
48

Views

How to create app registration using Azure SDK

I need to create an app registration with Azure AD using Azure SDK (or using rest api call, if it's not possible with SDK) normally you do it manually using portal: or calling Azure CLI command az ad app create How can I do it from SDK or REST service
Dzior
17

votes
1

answer
1k

Views

Azure AD Graph call for User creation failing with some obscure error

I have been told to raise a question about Azure AD Graph Api here instead of raising it as an issue for the corresponding GitHub sample repository, I hope Azure Graph API team monitors SO and can help us with this github sample issue Some extra context for the problem: We are using Microsoft.Azure....
Alexey Shcherbak
2

votes
0

answer
43

Views

Microsoft Graph API is reporting B2B User already exists but the user is not visible via Azure Portal

I am trying to invite a B2B user to our Azure Active Directory instance. This user already a member of their Azure AD under their own company (separate instance). I am sending a request to https://graph.microsoft.com/v1.0/invitations I get this response: { HttpsError: [POST https://graph.microsoft....
Doug Molineux
2

votes
1

answer
72

Views

Is AcquireTokenAsync thread-safe?

I am using ADAL's (Microsoft.IdentityModel.Clients.ActiveDirectory v4.3.0) AuthenticationContext.AcquireTokenAsync to acquire a bearer token with a ClientCredential. I am creating a new AuthenticationContext to acquire a token for each request. Is that thread-safe? Or do I have to lock the call to...
Mo B.
4

votes
1

answer
301

Views

Microsoft Graph API auhetication for service apps

We are developing a web application using Microsoft Graph, where the signed in user can, Export all the calendar events to a third party calendar Application. After this initial export, we need to keep the exported data in sync with calendar changes via service app (a scheduled task running on serve...
Ajmal VH
1

votes
1

answer
228

Views

How can I find the Admin Consent URL for an Azure AD App that requires Microsoft Graph “Read directory data” permission?

I am going through the following example: https://azure.microsoft.com/resources/samples/active-directory-dotnet-webapp-groupclaims/ To run the sample, I need Directory.Read.All permission on Microsoft Graph: Configure Permissions for your application. To that extent, in the Settings menu, choose the...
Allan Xu
4

votes
3

answer
2.4k

Views

AuthenticationContex missing method AcquireToken and CreateAuthorizationHeader

I try to work with Azure AD. This is the code I use: Add-Type -Path "D:\GraphAPI\Microsoft.IdentityModel.Clients.ActiveDirectory.2.14.201151115\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.dll" # Change these three values to your application and tenant settings $clientID = "CLIEN...
Stefan
2

votes
1

answer
491

Views

How to get Microsoft Graph API Access token from Node Script?

I'd like to use this library to interact with the graph API for my AD - https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/concepts/nodejs.md However, all of the existing javascript libraries I've found to return access tokens expect a return URL to be passed in, as well as some othe...
Abarnett
3

votes
3

answer
1.6k

Views

Deleting an Application's AppRole in Azure Active Directory

Removing an AppRole from an Application’s manifest produces a 400 Bad Request with the error Property value cannot be deleted unless it is disabled first. When I set the isEnabled property to false and then hit save, I get a successful saven with a 200 OK looking at the browsers developer tools:...
3

votes
1

answer
1k

Views

Programmatically assign users to Azure AD Application using Graph API

I am trying to write a script to assign users to an Azure AD application (servicePrincipal) using Graph API. I am testing this in my sandbox, where I have defined the app and assigned users to it. However, when I query the servicePrincipal, I don't see the users anywhere in the response. Questions:...
babakh
4

votes
1

answer
227

Views

Azure graph api is not working for previous page request (&previous-page=true)

I am using azure AD and importing users and groups from azure. It is working fine with next page request. I am using microsoft test azure ad from below. https://github.com/Azure-Samples/active-directory-dotnet-graphapi-console/blob/master/GraphConsoleAppV3/Constants.cs But not working with previous...
D Aon
3

votes
1

answer
477

Views

Unable to retrieve user email from Azure AD B2C using GraphAPI

I have created an Azure AD B2C tenant and configured local account with username as the login method. I created a signup policy and did a signup through Azure AD B2C signup screen. In the signup screen, I entered an email address and Azure AD B2C sent an email for validation. Once signup succeeded,...
Santhanam
4

votes
1

answer
282

Views

does anyone know if the cosmossdb emulator supports graph api for local dev - or just documentDb api

Does the emulator running locally only support documentDB formats? (explorer only seems to show collections). Not ready to jump straight into azure and wanted to have a go locally first with graph api and Java.
WILLIAM WOODMAN
21

votes
5

answer
6.7k

Views

Inheritance sec rules violated by type: 'System.Net.Http.WebRequestHandler'.

I am Trying to access Active Directory data through graph API. i am getting the following error on running the application. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it o...
user6606680
2

votes
1

answer
1.6k

Views

Azure AD prompt user/admin to re-consent after changing application permissions

I am building a SaaS app that will be authenticating users using Azure AD. Let's say I am asking for just 1 delegated permission from user during consent prompt and user accepts it. Later on my app evolves and need to get more delegated permissions. In that case how do I re-prompt the user with the...
xdev
2

votes
2

answer
408

Views

How to identify different kinds of users in azure b2c

We're looking to query users in the azure ad b2c directory and programmatically extract their login email for all types of users. Which we understand to be: Standard User Guest User (B2B) Local User (B2C user who signed up with email) Social User (B2C user who signed up with a social account) when r...
fei0x
5

votes
1

answer
891

Views

Create application in Azure Active Directory using graph API fails

I'm trying to use the Azure Active Directory Graph API (with the Azure GraphClient nuget package) to create a new application in Azure AD. I've authenticated using an existing AAD application, so I have write access to the directory. However, when creating the new application object the Azure Graph...
RasmusW
2

votes
1

answer
617

Views

How to get O365 License expiration dates using Graph Api

I need to know when my O365 licenses will be expired using O365 APIs. I am using this REST call https://graph.microsoft.com/v1.0/me?$select=assignedLicenses,assignedPlans,id which returns all my assigned licenses and assigned plans. but does not tell me when my licenses will be expired. Is there any...
2

votes
1

answer
397

Views

Azure AD graph API query for non-empty property

How can I query graph.windows.net for accounts in our Azure AD that do have the email property set? I am asking for the query string, or even better a C# statement using ActiveDirectoryClient. It doesn't seem possible to use $filter=email neq '' or other similar $filter construct to exclude users th...
RasmusW
1

votes
2

answer
458

Views

Accessing the Azure Graph API using Application Identity

I'm working with the Azure Graph API, and I notice that I can't read the directories that have signed up via the consent framework. Everything works for user-level permissions. That is, with private async Task AcquireGraphApiTokenAsync(string objectId, AuthenticationContext authContext) { var resul...
Rob Lyndon
2

votes
1

answer
317

Views

How to use the same Bearer token sent by client, to authorise user against SecurityGroup using Azure Graph API

I am following this example https://github.com/Azure-Samples/active-directory-dotnet-native-headless to authenticate user against Azure AD using user credentials (uname,pwd) to acquire a bearer access Token. This token will be sent in the Authorization header to the Rest API. The REST API uses the t...
user1233802
2

votes
3

answer
1.3k

Views

Get-AzureRmRoleAssignment - Access denied to the specified API version

Update: I've found that the issue is not related to the IncludeClassicAdministrators parameter - the problem still occurs without that. I've updated the question accordingly. Background I am writing an Azure Automation script to monitor who has access to my subscriptions. I am calling Get-AzureRmR...
BenV
2

votes
1

answer
554

Views

Query Directory roles of a user in Azure Graph API

I am trying to query the roles (Directory Role) of a user (I have ObjectId and the UPN of the user) by just calling the Graph API once! I'm able to query a user and then use that user to get the DirectoryRoles, but for performance reasons I need to drop the first GET user call. I have looked at this...
Aram
2

votes
1

answer
470

Views

Graph API - Azure AD B2C - throws error - Application with identifier not found

I was following the below link to setup the Azure AD B2C- with Graph API setup https://azure.microsoft.com/en-in/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/ I was able to proceed with powershell command settings, but when I try with the application, when it executes the...
Sivalingaamorthy
2

votes
1

answer
558

Views

batch processing: userPrincipalName already exists when trying to add multiple users async in AAD

I am trying to add multiple users async with AAD graph Like this: IUser user1 = ...; IUser user2 = ...; IUser user3 = ...; List addTasks = new List(); addTasks.Add(activeDirectoryClient.Users.AddUserAsync(user1)); addTasks.Add(activeDirectoryClient.Users.AddUserAsync(user2)); addTasks.Add(activeDire...
trenoncourt
2

votes
2

answer
1.8k

Views

How do I access the GRAPH API to get all users WITHOUT having to login ?

What I want is simple but I have not found a clear answer. I have a simple console app and all I want to do is get all the users in my Azure AD using the new GRAPH API. All the examples I have require the program login (OAuth?). I don't want that. I want to give the code the user/pw and simply start...
punkouter
1

votes
2

answer
2.1k

Views

Error - Connect-MsolService : Your credentials could not be authenticated. Try again

In Powershell, I executed the below cmdlets Connect-MsolService Getting error like below Connect-MsolService : Your credentials could not be authenticated. Try again or contact Technical Support. At line:1 char:1 + Connect-MsolService + ~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OperationStoppe...
Sivalingaamorthy

View additional questions