Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Include actual URL in Insights

    Currently Graph insights/used includes in "resourceReference" only the webUrl to the file. This is, for office Documents usually a link to a browser based view.

    This is not very useful if you need the actual file url. For other files, eg html files, it points to the display-form in sharepoint, and not the actual file, eg
    https://postat-my.sharepoint.com/personal/u11q12ppostat/Documents/Forms/DispForm.aspx?ID=3256

    Also, for some reason, DocumentSets are included in the "used" results also.

    So i would suggest to also add the actual url to the file to the resourceReference (additionally to a webview, as you do not always use graph from inside…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  2. Provide Graph API to check user has enabled Azure AD MFA or not

    Currently there is no API for identifying whether user is enabled with Azure AD MFA or not, so kindly provide

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    Coming soon! Work on this has been started. Keep an eye on the changelog (docs.microsoft.com/en-us/graph/changelog) -EY

  3. Useful User (Endpoint) Filtering

    The collection size of a request to /users cannot be feasibly limited.

    Our active directory has tens of thousands of entries. The API only enables retrieving 100 entries per request. Getting ALL the entries takes a long time and I don't need them ALL. Unfortunately, the options for filtering the request are quite chintzy.

    I can use the eq (equal) filter, which would be fine if looking for a single user, but I'm trying to limit the resulting collection to a group of users (e.g. to users who's displayName contains a substring, or where surname is not null). I cannot…

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  4. When will User ExternalUserState property be moved from beta to production?

    The User.ExternalUserState property is currently in the beta API. When will this be production ready?

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  5. Provide mapping between Windows and Iana Time Zones

    Currently we can get user's supported time zones using /me/outlook/supportedTimezones endpoint. This endpoint can return Windows Time Zones or Iana Time Zones.
    The bad thing is that it returns alias and displayName only, no time zone offset or any additional information.
    Because of that it's currently impossible to map Windows timezones response with Iana timezones response.
    Why do we need that?
    Example - display a dropdown with Windows time zones, but initialize selected item based on browser time zone (browser's Intl API gives you Iana name)

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  6. Supportability for more attributes with MS Graph API

    Please support syncing more attributes (on user create and update) with MS Graph API.

    Here is the wish-list:
    proxyAddresses,
    postOfficeBox,
    pager,
    msExchExtensionCustomAttribute,
    mail,
    ipPhone,
    info,
    extension<AADAppGUID><attribute_name>,
    description,
    countryCode,
    commonName,
    cloudAnchor,
    alias

    Thanks,
    Anna

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    Most of these are GA (in v1.0) – proxyAddresses, onPremisesExtensionAttributes (msExchExtensionCustomAttribute), mail, imAddresses (ipPhone), ALL extension_{appId}_{name) properties, onPremisesImmutableId (cloudAnchor), mailNickname (alias).

    A few like PO box, pager, info, description, countryCode, and commonName are under review. In the meantime, as a workaround, you could synchronize these properties/values from on-premises into directory extensions or onPremisesExtensionAttributes.

  7. Determine if contact picture exists

    Currently, the api supports the GET request to download the contact picture for personal contacts, but there is no way to determine if the contact picture exists for a given contact.

    For instance, "/me/contacts" returns json for contact should have a field or tag which helps determine if the contact picture exists.

    Current results forces to make a separate call for each contact using contact-id without knowing if the picture exists.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow / Add onPremisesSamAccountName as a filter

    It will be very interesting to allow filter by onPremisesSamAccountName in users endpoint.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    his capability is now available in Microsoft Graph public preview. It’s not currently documented.

    NOTE: you’ll need to use a custom HTTP request header ConsistencyLevel: eventual and request $count=true as well, to enable this query capability.

    GET ../beta/users?$filter=onPremisesSamAccountName eq ‘name’&$count=true
    ConsistencyLevel:eventual

    See also related queries in the changelog entry https://docs.microsoft.com/en-us/graph/changelog#identity-and-access-azure-ad

  9. Allow filtering on businessPhones field in Microsoft Graph

    Filtering currently does not work on businessPhones field. I would like to be able to return users, for example, with a certain area code.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Courtney, filtering on businessPhones is currently in beta, using this query (all business phones starting with +1):

    ../users?$count=true&$select=id,displayName,mobilePhone,businessPhones&$filter=businessPhones/Any(x:startsWith(x,‘%2B1%205’))

    Remember to add ConsistencyLevel:eventual request header, and $count=true querystring parameter.
    Note1: “+” character of “+1” country code needs to be urlencoded.
    Note2: this field is free-text, and depends on the user input. It’s difficult to get reliable results if the data is not in a standard format.

    Click here to try in MS Graph:
    https://developer.microsoft.com/en-US/graph/graph-explorer/preview?request=users?$count=true%26$select=id,displayName,mobilePhone,businessPhones%26$filter=businessPhones/Any(x:startsWith(x,%20'%252B1%25205'))&method=GET&version=beta&GraphUrl=https://graph.microsoft.com&requestBody=&headers=W3sibmFtZSI6IkNvbnNpc3RlbmN5TGV2ZWwiLCJ2YWx1ZSI6ImV2ZW50dWFsIn1d

    @Anonymous: we are thinking to index all the phone numbers without the special characters (e.g. only digits), so if you want to search for 18474969000, you could do a:
    $filter=businessPhones/Any(x:endsWith(x,‘8474969000’))

    Note: I’m using “endsWith”, operator that is currently in deveopment, and I removed the optional country code “1” from the search string to return all results.
    Please open a new feedback item if you would like to track this work.

  10. Allow international characters in password

    Setting a user's password through the Microsoft Graph API only allows letters from the American alphabet. Many countries have more letters in their alphabets, e.g. the letters Æ, Ø and Å in Denmark and Norway, Ö in Germany and more. These are not allowed when setting a user's password through the Microsoft Graph API.

    Passwords with international letters are possible using e.g. DirSync, but not "cloud native", i.e. through the Microsoft Graph API.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add support for additional user properties update with app only context

    Per the documentation at https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_update I should be able to update the birthday and hireDate values however my client app (uses app token instead of user token) receives a 500 Internal Server Error when sending a PATCH request

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  12. change passwordProfile PATCH to expire a password without setting a temporary one

    At the moment, a PATCH request on a user object in this form

    {

    &quot;passwordProfile&quot;: 
    
    {
    &quot;forceChangePasswordNextSignIn&quot;: true,
    &quot;password&quot; : &quot;aNewPa55w0rd&quot;

    }

    }

    ...works. The next time the user logs in, they use the new password and are forced to change it. However, I would like to send

    {

    &quot;passwordProfile&quot;: 
    
    {
    &quot;forceChangePasswordNextSignIn&quot;: true
    }

    }

    which would force a user to change their password, but not have to send them a temporary one. It would be the same as issuing this powershell command:

    Set-MsolUserPassword -UserPrincipalName some.user@somedomain.onmicrosoft.com -ForceChangePassword:$true -ForceChangePasswordOnly:$true

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  13. Expose Birthday and Department property to the Users endpoint.

    This has been unavailable for a long time now. What's the point in having users store their birthdays if you can only check if it's the current user's birthday or department.

    It's astounding that such little effort is put into addressing these issues with the endpoints having various missing props and functions such as contains. All in all it means I can't create the following:


    • Search for department and it's users (Contact search component)

    • Upcoming/Today's birthdays

    It can't be that difficult to just add these properties to the /users endpoint as well as fix the permissions issues plaguing getting basic…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  14. Need API to get chat participants

    I am develop a app with message extension that could help gather some information based on context, e.g. when this message extension is triggered inside a 1-on-1 chat , it needs to know the user information of the other participant in the chat.

    There is already /beta/chats/{chatId}

    But unfortunately, there is no way to know the exact chat Id the message extension is triggered from. There would be an event named as "composeExtension/query" sent to my bot endpoint with payload that contains a "conversation id" but it could not be used to retrieve chat directly.

    And there is no participant…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add support for retrieving any user's SMIME certificate.

    In US DoD environments, user certificates are needed to encrypt data for a set of users. This data is available from EWS and is stored in the userCertificate or userSMIMECertificate property in AD.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  16. Expose more attributes via Graph API

    Please expose these missing attributes via Graph API:
    - homePhone
    - otherHomePhone
    - otherTelephone
    - facsimileTelephoneNumber
    - postOfficeBox

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add user TimeZone as optional claim

    It would be very useful if you could add the user TimeZone as claim when logging into Azure AD.

    https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable/Disable Microsoft Graph per user.

    You currently offer a way to disable graph at the tenant level. I am looking for a way to enable/disable on a individual basis. I also need a way to trigger a full reevaluation of the delve type aspects in graph.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  19. Provide API access to AAD user MFA Properties

    Would be good to not only retrieve the state of the authentication requirements, but the details around MFA as well: MFA Methods, etc (StrongAuthenticationMethod, StrongAuthenticationRequirement, StrongAuthenticationDetails that was available in PS for AAD V1)

    45 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  20. Get directoryRole | modified date

    Hello,
    Please allow/integrate to query modified date for directory roles,
    This will allow easy to monitor if someone added to role.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base