Microsoft Graph API - Get users with specified app roles
I have a question about the Graph API. I need to download all users who have been assigned the app role "Role" in "ApplicationA". I need it to download all users with the required app role to send an email. I have tried various ways, through the list of users using the following API:
https://graph.microsoft.com/v1.0/users?$expand=appRoleAssignments&$count=true&$filter=appRoleAssignments/any(w:w/appRoleId eq {guid})
However this returns the following error, I have of course tried similar options.
{
"error": {
"code": "Request_UnsupportedQuery",
"message": "Property 'appRoleId' does not exist as a declared property or extension property.",
"innerError": {
"date": "2024-02-28T20:49:49",
"request-id": "bf8991a4-82e9-4136-9664-1cebc1718ae0",
"client-request-id": "bf8991a4-82e9-4136-9664-1cebc1718ae0"
}
}
}
I also tried using servicePrincipals. But this returns all users/applications assigned to the service principal and not just the role I need, and the filtering I tried with OData didn't work. Many items is downloaded:
https://graph.microsoft.com/v1.0/servicePrincipals(appId='{guid}')/appRoleAssignedTo
Do you know of a better solution? Thanks
It seems that getting users with specified app roles is not supported yet. And the API document doesn't have a description which support the filter.
Therefore, we can only do the filter by ourselves. Code snippet below worked in my side.
using Microsoft.Graph;
using Azure.Identity;
var scopes = new[] { "https://graph.microsoft.com/.default" };
var tenantId = "tenantId ";
var clientId = "clientId ";
var clientSecret = "clientSecret ";
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var res = await graphClient.Users.GetAsync((requestConfiguration) =>
{
requestConfiguration.QueryParameters.Expand = new string[] { "appRoleAssignments($select=appRoleId,resourceDisplayName)" };
});
List<User> users = new List<User>();
foreach (var tempUser in res.Value) {
var roles = tempUser.AppRoleAssignments;
foreach(var role in roles) {
if (role.AppRoleId.ToString() == "role_id_here")
{
users.Add(tempUser);
break;
}
}
}
- Simple frame by frame video decoder library
- GCC no longer implements <varargs.h>
- Contents of IO buffer unknown == unsafe?
- Avoiding strcpy overflow destination warning
- Sort program not working, not sure why
- Fast & accurate atan/arctan approximation algorithm
- What's the difference between strtok_r and strtok_s in C?
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How to Implement Universal Setter/Getter Functions for Interrupt-Driven Variables in Embedded C?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended