Microsoft Graph Feature Requests
Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.
If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.
This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.
For more information on Microsoft Graph, please checkout https://graph.microsoft.com.
-
Include actual URL in Insights
Currently Graph insights/used includes in "resourceReference" only the webUrl to the file. This is, for office Documents usually a link to a browser based view.
This is not very useful if you need the actual file url. For other files, eg html files, it points to the display-form in sharepoint, and not the actual file, eg
https://postat-my.sharepoint.com/personal/u11q12ppostat/Documents/Forms/DispForm.aspx?ID=3256Also, for some reason, DocumentSets are included in the "used" results also.
So i would suggest to also add the actual url to the file to the resourceReference (additionally to a webview, as you do not always use graph from inside…
1 vote -
Provide Graph API to check user has enabled Azure AD MFA or not
Currently there is no API for identifying whether user is enabled with Azure AD MFA or not, so kindly provide
18 votesComing soon! Work on this has been started. Keep an eye on the changelog (docs.microsoft.com/en-us/graph/changelog) -EY
-
Useful User (Endpoint) Filtering
The collection size of a request to
/userscannot be feasibly limited.Our active directory has tens of thousands of entries. The API only enables retrieving 100 entries per request. Getting ALL the entries takes a long time and I don't need them ALL. Unfortunately, the options for filtering the request are quite chintzy.
I can use the eq (equal) filter, which would be fine if looking for a single user, but I'm trying to limit the resulting collection to a group of users (e.g. to users who's displayName contains a substring, or where surname is not null). I cannot…
20 votesfilter endsWith support for mail and userPrincipalName is currently under development.
-
When will User ExternalUserState property be moved from beta to production?
The User.ExternalUserState property is currently in the beta API. When will this be production ready?
7 votes -
Provide mapping between Windows and Iana Time Zones
Currently we can get user's supported time zones using /me/outlook/supportedTimezones endpoint. This endpoint can return Windows Time Zones or Iana Time Zones.
The bad thing is that it returns alias and displayName only, no time zone offset or any additional information.
Because of that it's currently impossible to map Windows timezones response with Iana timezones response.
Why do we need that?
Example - display a dropdown with Windows time zones, but initialize selected item based on browser time zone (browser's Intl API gives you Iana name)5 votes -
Supportability for more attributes with MS Graph API
Please support syncing more attributes (on user create and update) with MS Graph API.
Here is the wish-list:
proxyAddresses,
postOfficeBox,
pager,
msExchExtensionCustomAttribute,
mail,
ipPhone,
info,
extension<AADAppGUID><attribute_name>,
description,
countryCode,
commonName,
cloudAnchor,
aliasThanks,
Anna17 votesMost of these are GA (in v1.0) – proxyAddresses, onPremisesExtensionAttributes (msExchExtensionCustomAttribute), mail, imAddresses (ipPhone), ALL extension_{appId}_{name) properties, onPremisesImmutableId (cloudAnchor), mailNickname (alias).
A few like PO box, pager, info, description, countryCode, and commonName are under review. In the meantime, as a workaround, you could synchronize these properties/values from on-premises into directory extensions or onPremisesExtensionAttributes.
-
Determine if contact picture exists
Currently, the api supports the GET request to download the contact picture for personal contacts, but there is no way to determine if the contact picture exists for a given contact.
For instance, "/me/contacts" returns json for contact should have a field or tag which helps determine if the contact picture exists.
Current results forces to make a separate call for each contact using contact-id without knowing if the picture exists.
3 votes -
Allow / Add onPremisesSamAccountName as a filter
It will be very interesting to allow filter by onPremisesSamAccountName in users endpoint.
20 voteshis capability is now available in Microsoft Graph public preview. It’s not currently documented.
NOTE: you’ll need to use a custom HTTP request header ConsistencyLevel: eventual and request $count=true as well, to enable this query capability.
GET ../beta/users?$filter=onPremisesSamAccountName eq ‘name’&$count=true
ConsistencyLevel:eventualSee also related queries in the changelog entry https://docs.microsoft.com/en-us/graph/changelog#identity-and-access-azure-ad
-
Allow filtering on businessPhones field in Microsoft Graph
Filtering currently does not work on businessPhones field. I would like to be able to return users, for example, with a certain area code.
10 votesHi Courtney, filtering on businessPhones is currently in beta, using this query (all business phones starting with +1):
../users?$count=true&$select=id,displayName,mobilePhone,businessPhones&$filter=businessPhones/Any(x:startsWith(x,‘%2B1%205’))
Remember to add ConsistencyLevel:eventual request header, and $count=true querystring parameter.
Note1: “+” character of “+1” country code needs to be urlencoded.
Note2: this field is free-text, and depends on the user input. It’s difficult to get reliable results if the data is not in a standard format.@Anonymous: we are thinking to index all the phone numbers without the special characters (e.g. only digits), so if you want to search for 18474969000, you could do a:
$filter=businessPhones/Any(x:endsWith(x,‘8474969000’))Note: I’m using “endsWith”, operator that is currently in deveopment, and I removed the optional country code “1” from the search string to return all results.
Please open a new feedback item if you would like to track this work. -
Allow international characters in password
Setting a user's password through the Microsoft Graph API only allows letters from the American alphabet. Many countries have more letters in their alphabets, e.g. the letters Æ, Ø and Å in Denmark and Norway, Ö in Germany and more. These are not allowed when setting a user's password through the Microsoft Graph API.
Passwords with international letters are possible using e.g. DirSync, but not "cloud native", i.e. through the Microsoft Graph API.
1 vote -
Add support for additional user properties update with app only context
Per the documentation at https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_update I should be able to update the birthday and hireDate values however my client app (uses app token instead of user token) receives a 500 Internal Server Error when sending a PATCH request
15 votes -
change passwordProfile PATCH to expire a password without setting a temporary one
At the moment, a PATCH request on a user object in this form
{
"passwordProfile":
{
"forceChangePasswordNextSignIn": true,
"password" : "aNewPa55w0rd"}
}
...works. The next time the user logs in, they use the new password and are forced to change it. However, I would like to send
{
"passwordProfile":
{
"forceChangePasswordNextSignIn": true
}}
which would force a user to change their password, but not have to send them a temporary one. It would be the same as issuing this powershell command:
Set-MsolUserPassword -UserPrincipalName some.user@somedomain.onmicrosoft.com -ForceChangePassword:$true -ForceChangePasswordOnly:$true
3 votes -
Expose Birthday and Department property to the Users endpoint.
This has been unavailable for a long time now. What's the point in having users store their birthdays if you can only check if it's the current user's birthday or department.
It's astounding that such little effort is put into addressing these issues with the endpoints having various missing props and functions such as contains. All in all it means I can't create the following:
- Search for department and it's users (Contact search component)
- Upcoming/Today's birthdays
It can't be that difficult to just add these properties to the /users endpoint as well as fix the permissions issues plaguing getting basic…
7 votes -
Need API to get chat participants
I am develop a app with message extension that could help gather some information based on context, e.g. when this message extension is triggered inside a 1-on-1 chat , it needs to know the user information of the other participant in the chat.
There is already /beta/chats/{chatId}
But unfortunately, there is no way to know the exact chat Id the message extension is triggered from. There would be an event named as "composeExtension/query" sent to my bot endpoint with payload that contains a "conversation id" but it could not be used to retrieve chat directly.
And there is no participant…
1 vote -
Add support for retrieving any user's SMIME certificate.
In US DoD environments, user certificates are needed to encrypt data for a set of users. This data is available from EWS and is stored in the userCertificate or userSMIMECertificate property in AD.
1 vote -
Expose more attributes via Graph API
Please expose these missing attributes via Graph API:
- homePhone
- otherHomePhone
- otherTelephone
- facsimileTelephoneNumber
- postOfficeBox4 votes -
Add user TimeZone as optional claim
It would be very useful if you could add the user TimeZone as claim when logging into Azure AD.
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims
2 votes -
Enable/Disable Microsoft Graph per user.
You currently offer a way to disable graph at the tenant level. I am looking for a way to enable/disable on a individual basis. I also need a way to trigger a full reevaluation of the delve type aspects in graph.
1 vote -
Provide API access to AAD user MFA Properties
Would be good to not only retrieve the state of the authentication requirements, but the details around MFA as well: MFA Methods, etc (StrongAuthenticationMethod, StrongAuthenticationRequirement, StrongAuthenticationDetails that was available in PS for AAD V1)
45 votesComing soon! Keep an eye on the changelog (docs.microsoft.com/en-us/graph/changelog) -EY
-
Get directoryRole | modified date
Hello,
Please allow/integrate to query modified date for directory roles,
This will allow easy to monitor if someone added to role.1 vote
- Don't see your idea?