Does Graph API provide any API to get users last login date? I currently work on list all users last login date, but I can't find any user's login information from Microsoft Graph documentation.
AFAIK, there is no such API in Microsoft that provides this feature. If you were using the Azure AD premium, as a workaround, you can use the reporting APIs’ signin Events.
And you can vote the similar feedback from here if you want to Microsoft to support this feature.
This is supported in Graph Beta only currently and it's the filed 'signInActivity' on the user. (See here for reference: https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-beta)
To get it with graph api:
GET https://graph.microsoft.com/v1.0/users/{id | userPrincipalName}?$select=displayName,signInActivity
Related
Microsoft has the tutorial showing how to use Data Factory to extract Office 365 data, but that seems to only extract Outlook email information?
Is there a way to use Data Factory (and a tutorial hopefully) to connect to Azure AD and extract all the Active Directory users? Microsoft Graph API has the commands to do that, but I wasn't clear if that was the only way or if Data Factory can connect to it directly (like the O365 connector it has)?
Microsoft has the tutorial showing how to use Data Factory to extract Office 365 data, but that seems to only extract Outlook email information?
According to the Microsoft documentation,not only email information,there are many other information such as address book contacts, calendar events, user information, mailbox settings, and so on.
So you can get user information which contains aboutMe,companyName,etc. when you choose BasicDataSet_v0.User_v1 in dataset.(All properties you can get,please refer to this documentation)
By the way,your tenant admin need to opt-in to Microsoft Graph data connect if you do this.And there is no AAD connector.
Hope this can help you.
I used Azure Logic Apps and got through Azure AD group (get members) then used Office 365 Connector to Get Manager there is also another option get direct reports. If you are using Logic apps please make sure to turn the pagination on so you get all users.
This is were I started but once I get going I was able to figure it out myself
https://eax360.com/query-azure-active-directory-using-graph-api-logic-apps/
I'm trying to create an application in which I need to know whether user invited to Azure Active Directory accepted an invitation or not. I'm using microsoft graph SDK for C# to get information about users from AAD but I cannot find information about invitation status in the resulting user object. In particular, I want to get this piece of information from Azure:
Is there any way to get this info from C# using Microsoft Graph SDK or with direct graph query?
It seems microsoft graph api(v1.0) for get user doesn't have the field to show if the guest accept the inviatation. I checked the document of user properties and didn't find any property which matches "accept invitation". But I found there is a property externalUserState in microsoft graph api(beta version) which can meet your requirements. If you don't mind the stability, you can use the beta version of microsoft graph api. If you will use this api in production environment, I suggest you to use Azure AD graph api. Please refer to the steps below:
As a workaround, we can use Azure AD graph api instead of microsoft graph api. I found there is a property UserState in the response of Azure AD graph api. If we want to request this Azure AD graph api, we need to add the required permissions first.
Don't forget grant admin consent and then request the access token, please note that when request the access token for Azure AD graph, we need to change the scope from https://graph.microsoft.com/.default to https://graph.windows.net/.default.
Then use the access token to request the Azure AD graph api.
https://graph.windows.net/<tenant id>/users/<object id>?api-version=1.6
Get the response of the api and we can find there is a property userState in it. If the guest has accepted, this property will be "Accepted", if the guest hasn't accepted, this property will be "PendingAcceptance".
Hope it helps~
Is possible to query the Microsoft Graph API using an application to collect audit log information for events such as logon/logoff, User creations/deletions, Group membership changes, etc.? I have been looking through the Graph API reference and it does not seem straight forward to me.
Or should we be continuing to use the Azure AD Graph API? We are trying to get data from Office 365 AAD and Azure Government AAD. We are already pulling data from the Office 365 Management API which has an Active Directory feed but not sure that will include everything we are looking for.
You can use Azure AD Audit Log API provided by Microsoft Graph to access the audit and sign-in logs to track user sign-in activities. However, this API is currently in Beta so take care with where and how you use it.
In order to work with user accounts, you can use the User API's which provide the capability to create, update, and delete users.
For Group management, take a look at Working with groups in Microsoft Graph.
Also, I would suggest looking through the Get access tokens to call Microsoft Graph documentation for acquiring access tokens in order to call Microsoft Graph API's and refer to GitHub repo for various Graph samples.
How could I use AAD Graph API to determine whether guest invitations are allowed for a tenant? Specifically I'm looking for information about how to attain the settings listed here: https://learn.microsoft.com/en-us/azure/active-directory/active-directory-b2b-delegate-invitations#control-who-can-invite.
AFAIK, both Azure AD Graph and Microsoft Graph doesn't support this feature at present. If you want this feature in the future, you can submit the feedback from Feedback for Azure Active Directory or Feedback for Microsoft Graph.
How to programatically control the attributes that are attached to an AAD Premium user, related to MFA? Using the Graph API (C#, using the SDK), what calls can be made to make a user MFA or not, CRUD on phone numbers, etc?
Thanks.
As far as I know, there is no such API we can get the MFA attributes through Graph REST API, since there is no relative attribute in user entity.
However, we can using the Azure Multi-Factor Authentication SDK to build multi-factor authentication into custom Apps. More detail about this, you can refer here.
These attributes are now available in the Microsoft Graph Beta API. See the documentation at Azure AD authentication methods API overview.