Currently I'm having a Microsoft Tenant with multiple domains assigned to it.
When I create a group I cannot specify the to be used domain. If I try by setting the mail property to a valid value {mailNickName}#{domainAvailable} the api returns an error:
Code: Request_BadRequest
Message: Property 'mail' is read-only and cannot be set.
So how can I define which domain of a tenant should be used when creating a unified group through Microsoft Graph API?
The mail property is generated automatically. In order to populate it, you need to flip the mailEnabled bit:
PATCH https://graph.microsoft.com/v1.0/groups/{id}
Content-type: application/json
{
"mailEnabled": true
}
The mail property will then be automatically populated by Exchange Online using mailNickname#default.domain.
I don't see the behavior Marc describes. I have two domains in 365:
example.com (default)
example.onmicrosoft.com
When I create a group with mailEnabled set to true and provide a nickname, I get something like the following:
{
"displayName": "Test Group",
"groupTypes": ["Unified"],
"mail": "test-group#example.onmicrosoft.com",
"mailNickname": "test-group",
"proxyAddresses": ["SMTP:test-group#example.onmicrosoft.com"],
"securityEnabled": false,
}
Related
Inside our active directory we have a property named "Employee ID" as follow:-
so inside our PowerApp form i want to get the value of this property,,, but i checked the Office365Users connector # https://learn.microsoft.com/en-us/powerapps/maker/canvas-apps/connections/connection-office365-users seems it does not provide such a data.. so how i can get the Employee ID property inside our PowerApp form? this ID is different than the ID which we can get using this formula Office365Users.MyProfile().Id which will return the internal GUID of the user, and not the number shown above.
Thanks in advance for any help.
Currently (As of 2021-09-27), there is no Out of the box connector for Power Apps that will get you employeeId. The reason is that we need to query the beta version of Microsoft Graph, as it is not query-able in the version 1.0 of the endpoint. There is hope, the new Office 365 Users Connector has a new version of Get my profile (V2) that queries the new version of the Graph interface, and allows us to select employeeId, as well as almost everything else available. The downside is that it returns a GraphUser_V1 object. So, even though the API call returns the employeeId, since Power Apps is Strongly Typed, we cannot reference employeeId as it's not a part of the GraphUser_V1 object.
Power Apps may not be able to pull the value, but Power Automate can. As a POC to get you started:
In Power Apps, create a button with the Action being running a Power Automate Flow.
Create a new flow "Power Apps button" called "GetEmployeeId".
In Power Automate, create a new step: Get my profile (V2).
Under advanced options set Select fields to employeeId
Create a new step: Parse JSON
Set Content to the body of Get my profile (V2):
#{outputs('Get_my_profile_(V2)')?['body']}
Set Schema to:
{
"type": "object",
"properties": {
"##odata.context": {
"type": "string"
},
"##odata.id": {
"type": "string"
},
"employeeId": {
"type": "string"
}
}
}
Create a new step: Respond to a PowerApp or flow
Add an output type Text:
Enter title : EmployeeId
Enter in a value to respond : #body('Parse_JSON')?['employeeId']
Save the Power Automate flow and test it. You will have to approve O365 access permissions. The whole flow should look like this:
Back in Power Apps, Connect your new flow to the app.
Set your Button1.OnSelect to: Set( varEmployeeID, GetEmployeeId.Run())
Create a label with the Label1.Text set to: varEmployeeID.employeeid
Run the app and click the button to test.
I think your scenario requires to use Microsoft Graph to consumes Azure AD User Account objects, that inherits from directoryObject. About this item, recommended to view similar trouble in this topic: Get EmployeeID on Powerapps, that contains an example to parse in parameter an e-mail or an UserPrincipalName and returns the Active Directory employee ID.
When using the directoryObjects/validateProperties API for creating/validating AD Group properties, a 400 error is returned indicating 'Invalid entity provided. Supported entities include: Group'. I have confirmed that the only entityType I am providing in the request is 'Group' or 'group'.
{ code: 'Request_BadRequest',
message:
'Invalid entity type provided. Supported entities include: Group.',
innerError:
{ 'request-id': '4949163f-43c4-42e8-b016-436af61e4eb5',
date: '2020-06-11T10:29:08' } } }
The error occurs in both /v1.0 and /beta versions of the MS Azure AD API, with the body/payload stringified or not.
Not exactly sure what is expected. Can someone please provide assistance on this? Thanks.
I have validated the properties by using the same JSON Data from the document in the Graph explorer and it worked for me.
This is the below data which I have given
{
"entityType": "Group",
"displayName": "Myprefix_test_mysuffix",
"mailNickname": "Myprefix_test_mysuffix",
"onBehalfOfUserId": "1ab4e79f-5f52-44b8-8c72-7d03c05e6ff4"
}
And I am hitting the V1.0 endpoint
https://graph.microsoft.com/v1.0/directoryObjects/validateProperties
Try with my sample copying it change the onBehalfOfUserID to your userID and hit the same Http call in Graph Explorer.
I would like to filter Users from Microsoft Graph API based on onPremisesSamAccountName, which is currently not available with Graph API.
We have the internal employee id to be stored with onPremisesSamAccountName variable which is present in users API of Microsoft Graph. We are trying to filter with onPremisesSamAccountName property to filter based on the internal employee id. Currently, we are not able to do that with Graph API but we really need this to be working or would be happy if we get to know any possible workarounds.
https://graph.microsoft.com/v1.0/users?$filter=onPremisesSamAccountName eq '[some-id]'&$select= userPrincipalName,displayName,department,jobTitle,companyName,onPremisesSamAccountName,....[more list of fields for select]
The expected outcome is to show the required result but the response what we got is as follows:
{
"error": {
"code": "Request_UnsupportedQuery",
"message": "Unsupported or invalid query filter clause specified for property 'onPremisesSamAccountName' of resource 'User'.",
"innerError": {
"request-id": "[request-id from request]",
"date": "[date on which request is made]"
}
}
}
As you can see, the filter is not supported for property 'onPremisesSamAccountName'.
If you do have this requirement, you can post your idea at Microsoft Graph UserVoice.
I was able to do a filter using onPremisesUserPrincipalName - you could check what is returned using this property and see if you can make it work
I want to update the birthday of a user using the patch request.
Updating other properties works as expected but the moment the birthday property is included, the following error returned:
The request is currently not supported on the targeted entity set
I already tried to update the user to be sure the permissions are fine.
Application permissions are used.
This PATCH request to /V1.0/users/{id} works:
{
"givenName": "Fridas"
}
Passing this request body however:
{
"givenName":"Fridas",
"birthday" : "2014-01-01T00:00:00Z
}
throws an error
{
"error":
{
"code":"BadRequest",
"message":"The request is currently not supported on the targeted entity set",
"innerError":
{
"request-id":"5f0d36d1-0bff-437b-9dc8-5579a7ec6e72",
"date":"2019-08-13T15:27:40"
}
}
}
When I update the birthday separately, I get a 500 error. Print screens below. Updating the user id works fine, birthday does not.
Same user id is used in the request.
I'm not sure why this happens, but a workaround, albeit an annoying one, is to update birthday separately from other attributes.
E.g.
PATCH https://graph.microsoft.com/v1.0/users/userid
{
"birthday" : "2014-01-01T00:00:00Z"
}
Here is a screenshot from MS Graph Explorer:
In fact, this is a limitation in the current system.
User is a composite type. Under the covers some properties in user are mastered by different services, and we currently don't support updates across multiple services.
"birthday" is not mastered by Azure AD. So we can't update it with other properties mastered by Azure AD in the same call.
It is strongly recommended that you update this property separately. I can update it from my side. So you need a backend engineer to track this request for you.
This seems to affect more than Birthday.
Skills[] and Responsibilities[] are also returning 500 Internal Server Error when using PATCH request via REST API with:
{"skills": ["TESTING", "ANOTHER SKILL"]}
Same happens via the GraphServiceClient - except the result is:
Failed to call the Web Api: InternalServerError
Content: {
"error": {"code": "-1, Microsoft.Office.Server.Directory.DirectoryObjectUnauthorizedAccessException",
"message": "Attempted to perform an unauthorized operation.",
"innerError": {
"request-id": "1c2ccc54-0a0c-468f-a18c-6bdfbad4077d",
"date": "2019-08-28T13:23:55"
}}}
These requests work on the Graph Explorer page, but not via calls to the API.
Disclaimer: I am very new to all of this, so please be patient. :)
My aim is to create a directory schema extension targeting the User resources of my O365 company directory. The extension is very simple with just 3 string fields. The idea is that every user in the directory should have this extension applied to their User object with specific values for the 3 fields it contains.
For this, I used the Graph Explorer, where I used my Admin tenant account to create a simple (domain verified) directory schema extension (domain_schemaname) with 3 fields, targeting the User resource.
I can confirm that the directory schema extension is created with status Available, using /v1.0/schemaExtensions.
After I updated the directory, I executed a Graph Explorer query to get the Extensions for myself (i.e. /v1.0/me/extensions), as well as of other users in the directory, however, the value of extensions node always returns an empty/null value([]).
I am confused, since I was under the impression that once I create a directory schema extension for a particular resource target (i.e. the user resource), the schema extension would appear immediately in the properties of any existing or new instance of a user resource. Then, I would be able to PATCH the specific user with the values for the directory schema extension.
The issue is that when I try to add an extension to a User instance, through the Graph Explorer, it always creates an openTypeExtension type of extension, whereas I just want to assign the User just the contents of a directory schema extension already created in the schemaExtensions for my organization.
So, it seems that I am not able to use Graph Explorer to apply a directory schema extension to a specific User object.
Am I using the wrong tool for the job ?
Can you advise how do I populate all the users in my O365 directory with the particular directory schema extension and assign a unique value for every user ?
Do I need to use Microsoft Graph Client library and MSAL/ADAL to create a console app to create my directory schema extension and apply it to every user in my directory, and then update its value for every different user ?
Thank you for your help.
I can confirm that the directory schema extension is created with status Available, using /v1.0/schemaExtensions.
After I updated the directory, I executed a Graph Explorer query to get the Extensions for myself (i.e. /v1.0/me/extensions), as well as of other users in the directory, however, the value of extensions node always returns an empty/null value([]).
After creating the schema extension, we need to update the value of extension property before we can get its value.
For example, I register an schema extension like request below:
POST: https://graph.microsoft.com/v1.0/schemaExtensions
Content-type: application/json
authorization: bearer {access_token}
{
"id": "coursesforuser",
"description": "Graph Learn training courses extensions",
"targetTypes": [
"User"
],
"properties": [
{
"name": "courseId",
"type": "Integer"
},
{
"name": "courseName",
"type": "String"
},
{
"name": "courseType",
"type": "String"
}
]
}
Then I update this property on the specific user:
PATHCH:https://graph.microsoft.com/v1.0/me
Content-type: application/json
authorization: bearer {access_token}
{
"exte5t2z4fr_coursesforuser":{
"courseId":"123",
"courseName":"New Managers",
"courseType":"Online"
}
}
After that, we can get this property using the $select parameter:
GET: https://graph.microsoft.com/v1.0/me?$select=exte5t2z4fr_coursesforuser
authorization: bearer {access_token}
More detail about the schema extension, you can follow link below:
Add custom data to groups using schema extensions