Currently, calls to Microsoft Graph call to retrieve user photo metadata is missing the ETag property. Is there any way to add this to the response along with the width, height information that is currently returned? Here is a sample response.
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#users('<user-id>')/photo/$entity",
"#odata.mediaContentType": "image/Jpeg",
"width": 128,
"height": 128,
"id": "128X128"
}
Notice the ETag is not returned with the response.
While to the contrary, the Outlook REST API V2.0 does return this information in its response for its equivalent API call:
{
"#odata.context": "https://outlook.office.com/api/v2.0/$metadata#Me/photo/$entity",
"#odata.id": "https://outlook.office.com/api/v2.0/Users('ddfcd489-628b-7d04-b48b-20075df800e5#1717622f-1d94-c0d4-9d74-f907ad6677b4')/photo",
"#odata.mediaContentType": "image/jpeg",
"#odata.mediaEtag": "\"BA09D118\"",
"Id": "240X240",
"Width": 240,
"Height": 240
}
Can this functionality be added to Microsoft Graph so that subsequent checks for changes to user photos do not require retrieval of the entire binary image photo data but instead simply the metadata information with this vital ETag property?
UPDATE:
Apparently, the #odata.mediaEtag is returned with the https://graph.microsoft.com/v1.0/me/photos API, but I'm again mainly interested/wondering why it is NOT being returned with the Users API for a custom domain-based tenant user: https://graph.microsoft.com/beta/users/{user_id}/photo.
ANOTHER UPDATE:
Based on a reply below, I did some digging, and realized that my Azure tenants do not have Exchange/Outlook/Mail enabled for any of my users (by design). Is there different behavior for this API call when users are mail-enabled and when they are not? If so, should that not be clarified somewhere Microsoft? Or does the API need to be updated to include the mediaETag for all scenarios? Please advise.
Related
I have a Logic App that retrieves the responses submitted by the users through Microsoft Forms.
When I see the Logic App Run, I can see the descriptor for each field (MuleSoft, IoT & Integration, Encuesta de tecnologías, ...), for example:
But in the "Show raw outputs" I can't see those fields, I get an identifier (rcb6ccf0fc9e44f74b44fa2715fec4f27, ...):
How I can retrieve those descriptors??
The solution is to add a 'Send an HTTP request to SharePoint' action to get the details of the form.
The Site Address is: https://forms.office.com
The Method is: GET
The Uri is: /formapi/api/forms('')?select=id,title,questions&$expand=questions($expand=choices)
This returns a JSON with all the questions and for each question the ID, Title and more info about the question.
We can implement a loop through these questions and with each ID, extract the response from the Microsoft Forms:
foreach": "#body('Send_an_HTTP_request_to_SharePoint')['questions']"
And Compose the result:
"Compose": {
"inputs": {
"Id": "#{items('For_each')['id']}",
"Name": "#items('For_each')['title']",
"Value": "#{body('Get_response_details')[item()['id']]}"
},
"runAfter": {},
"type": "Compose"
}
These are field identifiers. You can retrieve them directly from the Dynamic content of Get response details.
Alternatively, you can build your own JSON body(in your case Get response details) from Compose connector.
When running a POST with addKey using the old Azure AD Graph API (v1.6),
https://graph.windows.net/tenant_id/applications/app_oid/addKey?api-version=1.6, I get a response body with a return value containing the keyId of the newly created keyCredential:
"statusCode": 200,
"body": {
"odata.metadata": "https://graph.windows.net/tenantid/$metadata#Collection(Microsoft.DirectoryServices.KeyCredential)",
"value": [
{
"customKeyIdentifier": "A053F5114BC7F7C07F700CF2C4ACE47BBFD82D23",
"endDate": "2022-06-08T14:34:03Z",
"keyId": "fbbaf346-168a-4c90-97ca-346bcd43988d",
"startDate": "2020-06-08T14:34:03Z",
"type": "AsymmetricX509Cert",
"usage": "Verify",
"value": null
}
]
},
When running a POST with addKey using the latest version of the Microsoft Graph API (Microsoft Graph REST API v1.0),
https://graph.microsoft.com/v1.0/applications/app_oid/addKey,
I get a response body without the return value containing the keyId of the newly created keyCredential (the new keyCredential is created and can be seen in the list of keyCredentials belonging to the application, in the Azure portal):
"statusCode": 200,
"body": {
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.keyCredential"
}
Is there a way to get a return value containing the keyId (like in the Azure AD Graph API v1.6 example above) in the response?
According to the Ms graph document, you get odata.context by using
POST https://graph.microsoft.com/v1.0/applications/{id}/addKey
and you can get the key Id of the key credential by using the below query.
https://graph.microsoft.com/v1.0/applications/id
Currently it is not possible to get the keyId in the returnvalue from addKey using Microsoft Graph REST API v1.0, according to MSFT. Uservoice can be raised.
In my current project I'm using Microsofts Azure B2C Actice Directory.
My plan is to update a speciffic property (testClaim) of every single user.
What I'm actually doing ist loading all the users in my AD and updating each of them in an foreach-loop.
var requestBody = new SetTestClaimRequest
{
ClaimName = "testClaim",
Value = "thisIsATestValue"
};
var client = new RestClient("myRes");
var request = new RestRequest(Method.PUT);
request.AddJsonBody(requestBody);
The problem I'm facing is, that the GraphApi begins to block my requests, after just a few, and just answering with the following error:
Error Calling the Graph API:
{
"odata.error": {
"code": "Request_ThrottledTemporarily",
"message": {
"lang": "en",
"value": "Your request is throttled temporarily. Please try after 150 seconds."
},
"requestId": "ccf8a936-490e-4c4a-87aa-125157b2e6dd",
"date": "2020-04-17T12:37:44"
}
}
Is there a way to avoid this without throttling my request?
In my opinion throttling isn't a choice cause it would take multiple hours to update the amount of users im dealing with.
No, there is no way to bypass throttling limits. It may take some hours to process at the accepted rate. Try 1000 ops per minute maximum. Make sure to implement back off logic if you get a HTTP 429.
I would like to filter Users from Microsoft Graph API based on onPremisesSamAccountName, which is currently not available with Graph API.
We have the internal employee id to be stored with onPremisesSamAccountName variable which is present in users API of Microsoft Graph. We are trying to filter with onPremisesSamAccountName property to filter based on the internal employee id. Currently, we are not able to do that with Graph API but we really need this to be working or would be happy if we get to know any possible workarounds.
https://graph.microsoft.com/v1.0/users?$filter=onPremisesSamAccountName eq '[some-id]'&$select= userPrincipalName,displayName,department,jobTitle,companyName,onPremisesSamAccountName,....[more list of fields for select]
The expected outcome is to show the required result but the response what we got is as follows:
{
"error": {
"code": "Request_UnsupportedQuery",
"message": "Unsupported or invalid query filter clause specified for property 'onPremisesSamAccountName' of resource 'User'.",
"innerError": {
"request-id": "[request-id from request]",
"date": "[date on which request is made]"
}
}
}
As you can see, the filter is not supported for property 'onPremisesSamAccountName'.
If you do have this requirement, you can post your idea at Microsoft Graph UserVoice.
I was able to do a filter using onPremisesUserPrincipalName - you could check what is returned using this property and see if you can make it work
I want to update the birthday of a user using the patch request.
Updating other properties works as expected but the moment the birthday property is included, the following error returned:
The request is currently not supported on the targeted entity set
I already tried to update the user to be sure the permissions are fine.
Application permissions are used.
This PATCH request to /V1.0/users/{id} works:
{
"givenName": "Fridas"
}
Passing this request body however:
{
"givenName":"Fridas",
"birthday" : "2014-01-01T00:00:00Z
}
throws an error
{
"error":
{
"code":"BadRequest",
"message":"The request is currently not supported on the targeted entity set",
"innerError":
{
"request-id":"5f0d36d1-0bff-437b-9dc8-5579a7ec6e72",
"date":"2019-08-13T15:27:40"
}
}
}
When I update the birthday separately, I get a 500 error. Print screens below. Updating the user id works fine, birthday does not.
Same user id is used in the request.
I'm not sure why this happens, but a workaround, albeit an annoying one, is to update birthday separately from other attributes.
E.g.
PATCH https://graph.microsoft.com/v1.0/users/userid
{
"birthday" : "2014-01-01T00:00:00Z"
}
Here is a screenshot from MS Graph Explorer:
In fact, this is a limitation in the current system.
User is a composite type. Under the covers some properties in user are mastered by different services, and we currently don't support updates across multiple services.
"birthday" is not mastered by Azure AD. So we can't update it with other properties mastered by Azure AD in the same call.
It is strongly recommended that you update this property separately. I can update it from my side. So you need a backend engineer to track this request for you.
This seems to affect more than Birthday.
Skills[] and Responsibilities[] are also returning 500 Internal Server Error when using PATCH request via REST API with:
{"skills": ["TESTING", "ANOTHER SKILL"]}
Same happens via the GraphServiceClient - except the result is:
Failed to call the Web Api: InternalServerError
Content: {
"error": {"code": "-1, Microsoft.Office.Server.Directory.DirectoryObjectUnauthorizedAccessException",
"message": "Attempted to perform an unauthorized operation.",
"innerError": {
"request-id": "1c2ccc54-0a0c-468f-a18c-6bdfbad4077d",
"date": "2019-08-28T13:23:55"
}}}
These requests work on the Graph Explorer page, but not via calls to the API.