When running a POST with addKey using the old Azure AD Graph API (v1.6),
https://graph.windows.net/tenant_id/applications/app_oid/addKey?api-version=1.6, I get a response body with a return value containing the keyId of the newly created keyCredential:
"statusCode": 200,
"body": {
"odata.metadata": "https://graph.windows.net/tenantid/$metadata#Collection(Microsoft.DirectoryServices.KeyCredential)",
"value": [
{
"customKeyIdentifier": "A053F5114BC7F7C07F700CF2C4ACE47BBFD82D23",
"endDate": "2022-06-08T14:34:03Z",
"keyId": "fbbaf346-168a-4c90-97ca-346bcd43988d",
"startDate": "2020-06-08T14:34:03Z",
"type": "AsymmetricX509Cert",
"usage": "Verify",
"value": null
}
]
},
When running a POST with addKey using the latest version of the Microsoft Graph API (Microsoft Graph REST API v1.0),
https://graph.microsoft.com/v1.0/applications/app_oid/addKey,
I get a response body without the return value containing the keyId of the newly created keyCredential (the new keyCredential is created and can be seen in the list of keyCredentials belonging to the application, in the Azure portal):
"statusCode": 200,
"body": {
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.keyCredential"
}
Is there a way to get a return value containing the keyId (like in the Azure AD Graph API v1.6 example above) in the response?
According to the Ms graph document, you get odata.context by using
POST https://graph.microsoft.com/v1.0/applications/{id}/addKey
and you can get the key Id of the key credential by using the below query.
https://graph.microsoft.com/v1.0/applications/id
Currently it is not possible to get the keyId in the returnvalue from addKey using Microsoft Graph REST API v1.0, according to MSFT. Uservoice can be raised.
Related
I have a Logic App that retrieves the responses submitted by the users through Microsoft Forms.
When I see the Logic App Run, I can see the descriptor for each field (MuleSoft, IoT & Integration, Encuesta de tecnologías, ...), for example:
But in the "Show raw outputs" I can't see those fields, I get an identifier (rcb6ccf0fc9e44f74b44fa2715fec4f27, ...):
How I can retrieve those descriptors??
The solution is to add a 'Send an HTTP request to SharePoint' action to get the details of the form.
The Site Address is: https://forms.office.com
The Method is: GET
The Uri is: /formapi/api/forms('')?select=id,title,questions&$expand=questions($expand=choices)
This returns a JSON with all the questions and for each question the ID, Title and more info about the question.
We can implement a loop through these questions and with each ID, extract the response from the Microsoft Forms:
foreach": "#body('Send_an_HTTP_request_to_SharePoint')['questions']"
And Compose the result:
"Compose": {
"inputs": {
"Id": "#{items('For_each')['id']}",
"Name": "#items('For_each')['title']",
"Value": "#{body('Get_response_details')[item()['id']]}"
},
"runAfter": {},
"type": "Compose"
}
These are field identifiers. You can retrieve them directly from the Dynamic content of Get response details.
Alternatively, you can build your own JSON body(in your case Get response details) from Compose connector.
I am attempting to use the Create Contacts endpoint for Microsoft Graph API (Doc is here: https://learn.microsoft.com/en-us/graph/api/user-post-contacts?view=graph-rest-1.0&tabs=http) to register new contact for my user. I created body as described in API documentation but getting the error below:
{
"error": {
"code": "Request_BadRequest",
"message": "A value without a type name was found and no expected type is available. When the model is specified, each value in the payload must have a type which can be either specified in the payload, explicitly by the caller or implicitly inferred from the parent value.",
"innerError": {
"request-id": "daf78520-50e6-444b-97a2-779762b3e6ed",
"date": "2020-01-23T14:20:18"
}
}
}
Requests used:
1. POST https://graph.microsoft.com/v1.0/{{tenant_id}}/contacts;
2. POST https://graph.microsoft.com/v1.0/me/contacts;
Request body example:
{
"givenName": "Yulia",
"surname": "Lukianenko",
"emailAddresses": [
{
"address": "yulia#lukianenko.onmicrosoft.com",
"name": "Yulia Lukianenko"
}
],
"businessPhones": [
"+1 732 555 0102"
]
}
Did somebody meet such kind of issue? How you resolved it?
Thank you in advance for your help!
POST request is incorrect here.
It should be :
https://graph.microsoft.com/v1.0/me/contacts
Also you need to make sure "Contacts.ReadWrite" permission is granted to the app registered in AAD.
P.S: I used the same JSON in your example using graphExplorer and contact was created successfully.
Currently, calls to Microsoft Graph call to retrieve user photo metadata is missing the ETag property. Is there any way to add this to the response along with the width, height information that is currently returned? Here is a sample response.
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#users('<user-id>')/photo/$entity",
"#odata.mediaContentType": "image/Jpeg",
"width": 128,
"height": 128,
"id": "128X128"
}
Notice the ETag is not returned with the response.
While to the contrary, the Outlook REST API V2.0 does return this information in its response for its equivalent API call:
{
"#odata.context": "https://outlook.office.com/api/v2.0/$metadata#Me/photo/$entity",
"#odata.id": "https://outlook.office.com/api/v2.0/Users('ddfcd489-628b-7d04-b48b-20075df800e5#1717622f-1d94-c0d4-9d74-f907ad6677b4')/photo",
"#odata.mediaContentType": "image/jpeg",
"#odata.mediaEtag": "\"BA09D118\"",
"Id": "240X240",
"Width": 240,
"Height": 240
}
Can this functionality be added to Microsoft Graph so that subsequent checks for changes to user photos do not require retrieval of the entire binary image photo data but instead simply the metadata information with this vital ETag property?
UPDATE:
Apparently, the #odata.mediaEtag is returned with the https://graph.microsoft.com/v1.0/me/photos API, but I'm again mainly interested/wondering why it is NOT being returned with the Users API for a custom domain-based tenant user: https://graph.microsoft.com/beta/users/{user_id}/photo.
ANOTHER UPDATE:
Based on a reply below, I did some digging, and realized that my Azure tenants do not have Exchange/Outlook/Mail enabled for any of my users (by design). Is there different behavior for this API call when users are mail-enabled and when they are not? If so, should that not be clarified somewhere Microsoft? Or does the API need to be updated to include the mediaETag for all scenarios? Please advise.
I am trying to create a "LocalAccount" in a B2C domain via the Azure AD Graph API.
To do this I registered an app (via Azure Active Directory -> App registrations (legacy)) and add all permissions for "Windows Azure Active Directory".
The request to create the user is
add_user_json = {
"accountEnabled": True,
"creationType": "LocalAccount",
"signInNames": [{
"type": "emailAddress",
"value": "test#email.com"
},
{
"type": "emailAddress",
"value": "test2#email.com"
}],
"displayName": user_id,
"mailNickname": user_id,
"passwordProfile": {
"password": "aPassword",
"forceChangePasswordNextLogin": "true"
},
"passwordPolicies": "DisablePasswordExpiration"
}
and the endpoint "https://graph.windows.net/{tenant}.onmicrosoft.com/users?api-version=1.6" (I tried "https://graph.windows.net/myorganization/users?api-version=1.6", too).
The error I get is "One or more properties contains invalid values."
Furthermore, if I create a new user via the sign up flow it is possible to create a local account.
Does anybody have an idea what I did wrong?
The "One or more properties contains invalid values." error is occurring because a user object can't have more than one signInName entry of the same type.
There's a really good utility here with the code to help you.
Look at the create example there
One obvious one is:
"forceChangePasswordNextLogin": "true"
This needs to be "false".
I am using Microsoft Graph API delta query to track changes in my Azure AD.
I want to obtain only changed properties. So I have set 'ocp-aad-dq-include-only-changed-properties' header value to 'true' to get only changed properties. But even after using this header I am receiving all user properties.
Is there any other option to get only changed properties? or Do I need to use any other header?
Given below the detail description of the operations that I am trying.
Example:
Initial Delta request
GET https://graph.microsoft.com/v1.0/users/delta?$select=displayName,givenName,surname
Headers:
ocp-aad-dq-include-only-changed-properties : true
Response:
In the initial response, I am getting all users.
DeltaLink request after updating 'displayName' attribute
GET https://graph.microsoft.com/v1.0/users/delta?$deltatoken=KhFiGlAZqewNAThmCVnNxqPu5gOBegrm1CaV
Headers:
ocp-aad-dq-include-only-changed-properties : true
Here I have added 'ocp-aad-dq-include-only-changed-properties' header still I am getting all attributes of the User
Response:
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users",
"#odata.deltaLink": "https://graph.microsoft.com/v1.0/users/delta?$deltatoken=o8xFasdpZ7QDP14TyDfj9AeibJxMlXAtgB0Nb",
"value": [
{
"businessPhones": [],
"displayName": "jhon4",
"givenName": null,
"jobTitle": null,
"mail": null,
"mobilePhone": null,
"officeLocation": null,
"preferredLanguage": null,
"surname": null,
"userPrincipalName": "jhon.smith#testdomain.onmicrosoft.com",
"id": "942h93c9-af17-6sad2d98cc8"
}
]
}
Update Request
PATCH https://graph.microsoft.com/v1.0/users/jhon.smith#testdomain.onmicrosoft.com
Payload:
{
"displayName": "jhon4",
}
The ocp-aad-dq-include-only-changed-properties header is a feature of the Azure AD Graph API and isn't supported in Microsoft Graph.
While they're extremely similar, these two APIs have several distinct features differences (such as this one). You can read more about the differences (and the overall plan) at Microsoft Graph or the Azure AD Graph.
to get only the changed properties, use this header:
prefer:return=minimal