2

after AD authentiction the returned JWT token does not have the group names, it just shows "Has groups"="true". When searching on this topic i understood that if there are multiple group it will send only this rather than group list and we need to use AD graph API to get this. Can anyone help me on how to call the graph API from Angular 7?

Want to get the group names of the particular user from Graph API

Tony Ju
  • 14,891
  • 3
  • 17
  • 31
Hari Krishnan
  • 55
  • 2
  • 7
  • Thank you Tony. This was helpful. I am using oidc for authentication. What is the autneitcation bearer i should pass? I tried passing the taken getting from the method gettoken() similar as below http.get("graph.microsoft.com/v1.0/me/memberOf", { headers: new Headers({ "Authorization": "Bearer "+this.oidcSecurityService.getIdToken() }) }) But i am getting below error when calling graph.microsoft.com/v1.0/me/memberOf Failed to load resource: the server responded with a status of 403 (Forbidden) – Hari Krishnan Aug 09 '19 at 03:12

1 Answers1

2

You can just send a http request or use microsoft-graph-client library to call the graph api.

Before that, you need to grant your app the needed permission. What you need is Directory.Read.All permission.

Click Azure Active Directory->App registrations->find your application registered->API permissions->Add a permission->choose Microsoft Graph->Delegated permission->find Directory.Read.All permission->save-> click grant admin consent button.

enter image description here

Use http request: 

GET https://graph.microsoft.com/v1.0/me/memberOf

You can refer to this document.

Use microsoft-graph-client library:

import { Client } from '@microsoft/microsoft-graph-client';

graphClient.api('/me/memberOf').get();

Refer to this document for more details.

Tony Ju
  • 14,891
  • 3
  • 17
  • 31
  • Thank you Tony. This was helpful. I am using oidc for authentication. What is the autneitcation bearer i should pass? I tried passing the taken getting from the method gettoken() similar as below http.get("https://graph.microsoft.com/v1.0/me/memberOf", { headers: new Headers({ "Authorization": "Bearer "+this.oidcSecurityService.getIdToken() }) }) But i am getting below error when calling https://graph.microsoft.com/v1.0/me/memberOf Failed to load resource: the server responded with a status of 403 (Forbidden) – Hari Krishnan Aug 09 '19 at 03:10
  • @HariKrishnan You need to pass access token in the head,`Bearer {accesstoken}`. Get it like this `oidcSecurityService.getToken()`. – Tony Ju Aug 09 '19 at 03:26
  • @Tony, can I get a sample of this. That would be helpful – Melvin Moses Jun 14 '20 at 11:13