Get all user properties from Microsoft graph

Question

We have an application which has used a local AD to fetch user info. Some customers want to move to the cloud and are using Azure AD. We extended the app to sign users in via owin and now we're fetching users via Microsoft Graph.

However from Microsoft Graph we do not get full user profiles. We want to fetch all properties on users, not just the basic ones.

var client = new RestClient(string.Format("https://graph.microsoft.com/v1.0/users/{0}", userEmail));
request = new RestRequest();
request.Method = Method.GET;
request.AddHeader("Authorization", _token.Token);
var reponse = client.Execute(request);

This only gives me some information though, for example I don't get 'Department' from this. Is it possible to configure in azure what should be returned here, if so then where? Or do I need something other than /users/?

Different customers might have different special properties that need to be fetched. So the best solution would be to have an endpoint to call and get everything, including special properties not standard in azure ad. After that I can parse it on my side. Is this possible?

The app has permission to read both basic and full profiles. Do I need something more?

Nicolas R · Accepted Answer · 2020-09-18T22:19:56.827

27

That's the normal behaviour of Graph API, see documentation here and this extract:

By default, only a limited set of properties are returned ( businessPhones, displayName, givenName, id, jobTitle, mail, mobilePhone, officeLocation, preferredLanguage, surname, userPrincipalName).

To return an alternative property set, you must specify the desired set of user properties using the OData $select query parameter. For example, to return displayName, givenName, and postalCode, you would use the add the following to your query $select=displayName,givenName,postalCode

You have to specify all fields in the select, as $select=* will only output the key fields in Graph API implementation.

So you will not be able to get what you ask (variable custom fields).

More info on the fields of User can be found here

edited Sep 18 '20 at 22:19

answered Jan 12 '18 at 16:16

Nicolas R

13,812
2
28
57

Ah ok i see. But getting custom fields are not possible at all via microsoft graph? Can i get them some other way? – user2235494 Jan 12 '18 at 17:33
I did not say that you can't get custom fields – Nicolas R Jan 12 '18 at 17:34
I misunderstood the 'So you will not be able to get..'-part. So I can still get them by putting them in the $select but i cant do a request that returns everything is what you meant? – user2235494 Jan 13 '18 at 13:10
1

If you know the fields name, you can get them. You just can ask for "all fields" without providing their names – Nicolas R Jan 13 '18 at 13:27
1

Just to summarize (per Nicolas) - on the user entity type just the base/default set of properties are returned for a standard GET operation. If you want more than the standard set you need to explicitly ask for the set of properties you want using $select. $select=* is not supported. If you are looking for this functionality please request it on UserVoice here: https://officespdev.uservoice.com/forums/224641-feature-requests-and-feedback/category/101632-microsoft-graph-o365-rest-apis – Dan Kershaw - MSFT Jan 13 '18 at 23:20
Can you get the base fields PLUS specific fields? I noticed when using $select I JUST get the field I ask for – Mike Aug 28 '19 at 17:21
@Mike, your question is unclear. As already said in comment, if you imagine getting all fields (base, specific) without knowing the fields names, no that's not possible. If you know all your base and specific fields, just provide them – Nicolas R Aug 28 '19 at 17:41
@NicolasR - sorry if I was unclear. I meant, can you get the specified $select field in addition to the base list it originally provides (is, businessPhones, etc.) – Mike Aug 28 '19 at 18:25
Add the base list items in your select – Nicolas R Aug 28 '19 at 20:19
If I want to get the company name or thumbnailphoto how would I get that? can anyone please help me? – Aashay Amballi Mar 29 '21 at 12:26
Does anyone know how this is achieved in the [PowerShell Microsoft Graph SDK](https://learn.microsoft.com/en-us/powershell/microsoftgraph/get-started)? The same logic is not working for me when trying to return a custom attribute (added via `Azure AD B2C` > `User Attributes`) for all users or a single user, eg: `Get-MgUser -Property "id,extension__CompanyName"` or `Get-MgUser -UserId "" -Property "id,extension__CompanyName"`. I have a question [about it here](https://stackoverflow.com/q/75273307). – user1063287 Jan 30 '23 at 08:40

score 6 · Answer 2 · edited Jun 15 '20 at 19:03

6

User user = await graphServiceClient
    .Users[emailId]
    .Request()
    .Select(aadUser => new
    {
        aadUser.Id,
        aadUser.UserPrincipalName,
        aadUser.DisplayName,
        aadUser.GivenName,
        aadUser.Surname,
        aadUser.City,
        aadUser.MailNickname,
        aadUser.UserType
    })
    .GetAsync()
    .ConfigureAwait(false);

edited Jun 15 '20 at 19:03

David Buck

3,752
35
31
35

answered Jun 15 '20 at 18:06

Milind

61
1
1

2

While this code may solve the question, [including an explanation](https://meta.stackexchange.com/q/114762) of how and why this solves the problem would really help to improve the quality of your post, and probably result in more up-votes. Remember that you are answering the question for readers in the future, not just the person asking now. Please [edit] your answer to add explanations and give an indication of what limitations and assumptions apply. – David Buck Jun 15 '20 at 19:04

score 2 · Answer 3 · answered Jan 25 '18 at 12:09

2

As already stated by NicolasR, you must list all the fields you want to retrieve by using the "$select" parameter; if you want, instead, to retrieve the custom fields, you can either add them to the previous parameter (if you know their names) or you can use "$expand=extensions"

answered Jan 25 '18 at 12:09

Nicolò Alabastro

31
4

"$expand=extensions" i didnt get anything different by adding this parameter so could you please expand :D – Chop Labalagun Mar 15 '22 at 17:22
@ChopLabalagun you can refer to this other question, it should solve your doubts ;) https://stackoverflow.com/questions/45925030/get-extended-properties-on-user-using-microsoft-graph – Nicolò Alabastro Mar 17 '22 at 08:37

score 2 · Answer 4 · edited Jun 20 '22 at 22:54

function getGraphDataAdvanced($authToken, $urlGraph){
    $url = $urlGraph + '&$count=true'

    $data = (Invoke-RestMethod -Headers @{
        Authorization = "Bearer $($authToken)"
        ConsistencyLevel = "eventual"
    } -Uri $url -Method Get)

    $dataList = @()
    $dataList += $data.value

    $url = $data.'@Odata.NextLink'

    while ($null -ne $url){
        Write-Warning 'Retreiving Next Page'

        $data = (Invoke-RestMethod -Headers @{
            Authorization = "Bearer $($authToken)"
            ConsistencyLevel = "eventual"
        } -Uri $url -Method Get)

        $dataList += $data.value
        $url = $data.'@Odata.NextLink'
    }
    return $dataList
}

getGraphDataAdvanced $authToken 'https://graph.microsoft.com/beta/users? $expand=extensions'

score 2 · Answer 5 · answered Aug 04 '22 at 08:50

Using the Microsoft Graph Explorer, I've been able to find all available properties for a user:

Go to "Groups"
Select "list all groups in my organization"
Change the query to filter by a group you know and expand members: https://graph.microsoft.com/v1.0/groups?$filter=mail eq 'aGroup@company.com'&$expand=members

Now you'll see all the available properties for the users.

Dale Mahalko · Answer 6 · 2022-08-11T03:06:47.673

I've been trying to find a way to get all Azure AD properties of objects via Powershell MSGraph cmdlets without it truncating at the right edge of the console.

I've discovered that Format-Custom triggers vomiting of (apparently) all properties of an object in a huge, alphabetical, indented, and bracketed list.

Get-MgUser -filter "startswith(userprincipalname, 'username')" | format-custom

The formatted properties of a newly created and unused user account in Azure AD is 13217 lines long.

score -1 · Answer 7 · edited Mar 08 '23 at 06:54

-1

The 'AzureAD' module would allow for Get-AzureADUser -ObjectId unique.identifier@domain.com | fl and spit out everything for that user. It's an incredibly fast and easy way to see what has and has not been set.

edited Mar 08 '23 at 06:54

Yunnosch

26,130
9
42
54

answered Mar 08 '23 at 03:12

Leon

1

Hi, while this does work, this isn't a good answer because unfortunately, the AzureAD PowerShell module has been marked as deprecated and will be removed in future. It's replacement is the Microsoft Graph Powershell SDK. – Harrison Smith Aug 28 '23 at 10:54

Get all user properties from Microsoft graph

7 Answers7

Linked