Search code examples
c#azureazure-active-directorymicrosoft-graph-api

Accessing owners field from applications graph api call

I'm trying to iterate through the owners in the graph api response but nothing comes. In a cs file I have this call bellow:

var owners = await graphServiceClient.Applications["MyId"].Owners.GetAsync(requestConfiguration =>
{
    requestConfiguration.QueryParameters.Select =
        ["id", "displayName", "givenName"];
});

var owner = (Microsoft.Graph.Models.User)owners.Value[0];

//I can get the Id of said owner
_logger.LogInformation($"Result for users {owners.Value[0].Id}");

//But non of the of the following seem to display anything. It displays the log and the values either empty or null
_logger.LogInformation($"Result for users {owners.Value[0].DisplayName}");
_logger.LogInformation($"Result for owner name {owner.DisplayName}");

What am I doing wrong in trying to access the display name field? In the Developer Graph website, GUI, or whatever it is called I can see there's at least one owner for said application. Just not understanding on why I can't iterate or access said field. TIA.

Solution

  • I have one app registration named SriApp with below users as Owners:

    enter image description here

    Make sure to assign Application.Read.All and User.Read.All permissions of Application type while using service principal authentication.

    enter image description here

    In my case, I used below sample code to list application owners with their display names and got response successfully like this:

    using System;
using System.Threading.Tasks;
using Azure.Identity;
using Microsoft.Graph;
using Microsoft.Graph.Models;
using Microsoft.Graph.Models.ODataErrors;

class Program
{
    static async Task Main(string[] args)
    {
        var scopes = new[] { "https://graph.microsoft.com/.default" };

        var clientId = "appId";
        var tenantId = "tenantId";
        var clientSecret = "secret";

        var options = new ClientSecretCredentialOptions
        {
            AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
        };

        var clientSecretCredential = new ClientSecretCredential(
            tenantId, clientId, clientSecret, options);

        var graphServiceClient = new GraphServiceClient(clientSecretCredential, scopes);

        try
        {
            var owners = await graphServiceClient.Applications["appObjId"].Owners.GetAsync(requestConfiguration =>
            {
                requestConfiguration.QueryParameters.Select = new string[] { "id", "displayName", "givenName" };
            });

            foreach (var owner in owners.Value)
            {
                var user = (User)owner;
                Console.WriteLine($"Id: {user.Id}, Display Name: {user.DisplayName}, Given Name: {user.GivenName}");
            }

        }
        catch (ODataError odataError)
        {
            Console.WriteLine(odataError.Error.Code);
            Console.WriteLine(odataError.Error.Message);
        }
    }
}

    Response:

    enter image description here

    If you are using delegated flows, you need to assign Application.Read.All and User.Read.All permissions of Delegated type.

    Reference: List owners - Microsoft Graph