For retrieve a specific group by id , I use this request:
https://graph.microsoft.com/v1.0/groups?$filter=id eq 'xxxxx'
Now I am interested in getting many groups, but it looks like the filter does not support multiple elements. When I tried this:
https://graph.microsoft.com/v1.0/groups?$filter=id eq 'xxxxx' or id eq 'yyyy'
It returns this error:
Unsupported or invalid query filter clause specified for property 'id' of resource 'Group'.
Someone can confirm me this?
As the error states the expression groups?$filter=id eq '--group-id-1--' or id eq '--group-id-1--' is not supported but the good news you could utilize /directoryObjects/getByIds endpoint instead to retrieve the list of groups by their ids
Note: the method is available in both v1 and beta versions
Example
POST https://graph.microsoft.com/v1.0/directoryObjects/getByIds
Content-type: application/json
{
"ids":["--group-id-1--","--group-id-2--"],
"types":["group"]
}
Yes, you are right. I can reproduce your issue on my side, not sure why but it should be designed to be like this.
The format of the query is complete right, if we filter by another property except the id, like displayName, it works fine.
https://graph.microsoft.com/v1.0/groups?$filter=displayName eq 'xxxx' or displayName eq 'xxxx'
Related
I am trying to fetch a list of users from the Microsoft Graph API.
A lot of users don't have an email address, those users are systems users that I don't need.
So my query looks like /users?$filter=mail ne null
For another overview I need to show the manager of each user so I tried to add &$expand=manager. But doing so will result in an Unsupported Query.
When I remove the filter parameter it does work.
How can I only fetch relevant users and their managers in a single query?
Optionally I'd like to only receive the ID from managers, as an optimization. I only need the ID because I already fetched all users and their data. /users?$expand=manager($select=id) is what I was trying but I get the error Invalid $select properties.
If you want to use $select inside $expand to select the individual manager's properties, the $levels parameter is required, such as expand=manager($levels=max;$select=id). For more details, please refer to here
For example
https://graph.microsoft.com/v1.0/users?$expand=manager($levels=max;$select=id)
Update
If we want to use Not equals (ne) operators on the $filter query parameter, we must set the ConsistencyLevel header set to eventual and, with the exception of $search, use the $count query parameter (either as a URL segment or $count=true query string). For more details, please refer to here
For example
https://graph.microsoft.com/v1.0/users?$filter=mail ne null&&$expand=manager($levels=1;$select=id)&$count=true
How to get the delta(changed) fields in user of group by using Graph Api. I Am using this URL https://graph.microsoft.com/v1.0/groups/delta/?$filter= id eq 'efa699db-d364-4f1f-8d7d-e77ec7444222'/&$expand=members . with this i'm only getting ID value but i need all the fields.
In the delta request https://graph.microsoft.com/v1.0/groups/?$filter=id eq 'groupid'&$expand=members, it only returns the member id. You could add the $select, but it just returns the specified properties for the group, and not for the member.
Is it possible to query for users, filtered by an X500 proxy address?
Using the following query which filters by an SMTP address, I can return all of my proxy addresses:
/v1.0/users/?$filter=proxyAddresses/any(x:x eq 'smtp:me#here.com')&$select=proxyAddresses
However, if I take one of the X500 addresses that was returned in the above query and try and filter by that:
/v1.0/users/?$filter=proxyAddresses/any(x:x eq 'x500:/o=ExchangeLabs/ou=Exchange Administrative Group (blahblah)/cn=Recipients/cn=trimmed')&$select=proxyAddresses
then I get a 400:
{
"error": {
"code": "Request_UnsupportedQuery",
"message": "Unsupported or invalid query filter clause specified for property 'proxyAddresses' of resource 'User'.",
"innerError": {
"request-id": "adcdefg",
"date": "2019-01-01T01:01:01"
}
}
}
I've tried URL encoding the address, and also tried with and without the "X500:" scheme.
Is filtering by X500 address supported?
I am able to use X500 addresses as filters without any modification to the address from a clone of GraphExplorer. The following queries both return the correct user record
https://graph.microsoft.com/v1.0/users/?$filter=proxyAddresses/any(x:x eq 'x500:/o=Company Exchange/ou=First Administrative Group/cn=Recipients/cn=UIDHere')&$select=proxyAddresses
and
https://graph.microsoft.com/v1.0/users/?$filter=proxyAddresses/any(x:x eq 'X500:/o=Company Exchange/ou=External (FYDIBOHF25SPDLT)/cn=Recipients/cn=z804261192zc46c4az4f6032z322540z')&$select=proxyAddresses
Like Lisa - this is not about parenthesis. I have Any lambda queries on proxyAddresses using X500 addresses containing parentheses that working just fine in Graph Explorer.
I suspect that the issue is actually size of the search string. I repro the error if the size of the search string is greater than 120 characters.
I'm following up with the engineering team.
In the meantime Paul, as a workaround (and excuse my lack of X500 knowledge), is there a way to query using the shortest X500 string?
Hope this helps,
As Dan Kershaw answered - this does seem to be a hard coded limit of 120 characters in the email address being filtered on.
A simple workaround is to trim the email address (including the scheme - "x500:" or "smtp:") to 120 characters, and search using a "startswith":
/v1.0/users/?$filter=proxyAddresses/any(x:startswith(x, 'x500:/o=ExchangeLabs/ou=Exchange Administrative Group (blahblah)/cn=Recipients/cn=trimmed'))&$select=proxyAddresses
This may return more than one match, so its then a case of looking through each returned user, and looking at their "proxyAddresses" collection to see which matches the original untrimmed email address that's being searched for.
I can confirm that this is still an issue as of today's date.
I'm actually using the AzureAD PowerShell cmdlets, which leverage the Graph API.
I couldn't figure out why my query was failing until I found this thread, so thanks for that.
I was getting essentially the same error message in PowerShell:
"Unsupported or invalid query filter clause specified for property 'proxyAddresses' of resource 'Group'."
When I took a substring of the first 120 characters and ran a startsWith, it worked fine.
It's a shame that this issue still hasn't been resolved.
I am writing an application that is expected to sync user's detail from a group present in AAD under a given group. The plan is to use the /groups/delta endpoint.
I am trying to look for an equivalent of the following /groups query parameter for a group in /groups/delta:
https://graph.microsoft.com/v1.0/groups?$filter=displayName+eq+'someGroup'&$expand=members
The expectation is that the response should return newly added/removed members under 'someGroup' and optionally expand some fields ... Any ideas?
There is limited support for $filter and $orderby:
- The only supported $filter expression is for tracking changes on a specific object: $filter=id+eq+{value}. You can filter multiple objects. For example, https://graph.microsoft.com/v1.0/groups/delta/?$filter= id eq '477e9fc6-5de7-4406-bb2a-7e5c83c9ffff' or id eq '004d6a07-fe70-4b92-add5-e6e37b8affff. There is a limit of 50 filtered objects.
Source: microsoftgraph/microsoft-graph-docs
And:
Support for $filter operators varies across Microsoft Graph APIs. The following logical operators are generally supported:
equals (eq)
not equals (ne)
greater than (gt)
greater than or equals (ge)
less than (lt)
less than or equals (le)
and (and)
or (or)
not (not)
Source: Use query parameters to customize responses
I was trying to get all users in my Azure Active Directory filtered by companyName filtering.
The call I used was
/v1.0/users?$select=id,mail,displayName,department&$filter=companyName%20eq%myComapny
but it is returning an error BadRequest .
Am I doing something wrong here?
As Dan said, for now filtering on companyname is not supported.
As a workaround, we can use Azure AD v2 powershell to filter it, like this:
Get-AzureADUser | ?{ $_.CompanyName -eq 'company' }
Hope this helps.
Filtering on companyName is not supported. Can you indicate the scenario for why you need to filter on companyName, please?
As per the recent update from microsoft docs here
We can filter on CompanyName and possibly others too by passing additional header information.
We need to pass :
Header ConsistencyLevel = eventual