Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add manager to list Users graph api

    Currently we allow customer to connect to the Azure AD for listing all people in their AD for an up-to-date personell system.
    If they need to have the hierarchy in our software as well (who is the manager of who) this is near impossible as you have to retrieve the manager object per user.

    Please allow an extra attribute to request the manager information when listing users instead of 'per user' basis.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    Update: The bug fix (so that select and expand play nice together) is committed, and should be rolled out this quarter (Q2 2020). That should enable things like

    GET ../users?$select=id,userPrincipalName&$expand=manager

  2. Add the raw user agent to Azure AD audit log scheme

    As of today, only parsed user agent information is available as part of the Azure AD audit log (in sign-in in particular). In many cases, the parsing does not work well and most of the parsed fields are 'null'.
    It will be great if we can get the raw user agent string and use our own parsing.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Deliver fileData for Get agreement request

    Performing a GET request for https://docs.microsoft.com/en-us/graph/api/agreement-get?view=graph-rest-beta&tabs=http
    on "agreement" does not deliver the fileData for the ToU files configured in the policy.
    Please deliver the bytes not only the metadata.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. enable all User attributes (which can be queried in the MS Graph API) as custom access token claims

    There are a select few of "optional attributes" to attach to an Azure AD Access Token. Ideally, any "user" attribute can be incorporated into an access token. In our case, we need mailNickname, but I see other attributes being requested such as employeeId. We should be able to name "User" as the source and select any property available as an AD attribute attached to the user.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  5. Expose New API to work with Company Branding via Graph API

    Expose new API to work with company branding like Sign-in page background image, Sign in page text, Sign-in page background color etc.
    or extend /organization endpoint.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  6. Graph API - Azure AD B2B - Organizational Relationships Whitelist

    Azure Active Directory > Organizational Relationships > Settings > Collaboration restrictions ... when "Allow invitations only to the specified domains (most restrictive)" option is set, it would be very nice if I could programmaticly add domains to this list and query them back. I am looking to automate the end-to-end Auzre AD B2B invitation process from an internal portal, and this will be a requirement.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. Graph Explorer not working as intended

    Graph Explorer is not working as intended making things more complex and complicated for developers. I am trying assign permission which requires admin consent, though logged in as admin and gave consent it never got saved. Please fix the issue immediately.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  8. Graph - Add "isAdmin: true/false" to /me to identify users I can prompt for Admin consent

    My application can be used in a basic mode without Admin permissions. I would like to prompt Administrators for advanced permissions. Currently I cannot detect who is an Admin without already being granted Directory.Read.All permission by an Admin.

    If the "me" route could identify whether the user is an Admin or not it would allow much more control from our application side, without exposing much information

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  10. Raise limit of 100 schema extension property values allowed per resource instance

    Removing the limit of 100 schema extensions property values allowed per resource instance would allow me to build a comprehensive directory with many, many fields for my organization. My on-premise AD has hundreds of fields that I would like to extend to AAD.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  11. Get department manager

    I would like to query managers based on department, where I send department name for instance and get the details of the manager of the department in Graph\User return type

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. Implement the possibility of adding AppRoleAssignment through the SDK

    The documentation is already there:

    https://docs.microsoft.com/en-us/graph/api/serviceprincipal-post-
    approleassignments?view=graph-rest-beta&tabs=csharp

    However the AddAsync method is not part of the latest beta-build

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  13. Return conditional access policies with GET /policies

    Is it possible to retrieve conditional access policies using the 'List Policies' method from the /beta API?

    https://docs.microsoft.com/en-us/graph/api/policy-list?view=graph-rest-beta

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  14. Skype/Teams provisioning via Graph

    Currently, we still have a high dependency on the Skype Online PowerShell module to facilitate identity management processes around user provisioning and subsequent configuration management. This is in the context of being run as a post provisioning process to the main Azure AD provisioning process within Microsoft Identity Manager.

    The underpinning issue is that while Azure AD's integration into Graph is quite good, it's non-existent for Teams/Skype (and numerous other products).

    A specific example of what we can't do right now in Graph is specify the various user policies (messaging, meeting, app setup, etc.) Instead, we have to call the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  15. Microsoft Graph API to support Enterprise Application User Querying

    Support for the ability to query AD users that are provisioned to an enterprise application.

    Based off of the Microsoft Graphi API there is no way to actively see the users and their associated permissions to an enterprise application.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    This API does exist and you can find it here:
    https://docs.microsoft.com/en-us/graph/api/serviceprincipal-list-approleassignments?view=graph-rest-beta&tabs=http

    Granted – this documentation can be massively improved. In the response you need to look at the principalType as it can be user, group or servicePrincipal. For your scenario, you can ignore servicePrincipal, but if a group is provisioned to an enterprise application, you’ll need to get the group’s direct group members (using GET ../groups/{id)/members) to find the users assigned (indirectly) to this enterprise application.

  16. More speed when handling huge amount of notes in one sheet

    I have al my P&Ls for al 52 weeks inserted in to a table with 52 slots that means 52 columns and more than 15 rows. and it is so very slow to see. It is daunting. I don't want to switch softwares because for me Onenote is the more versatile but it crashes, si doesn't sync with my shared notebooks, it is incredible.

    I have a MacBook Pro with dual core and it still suffers. Please build something to solve this!!!
    Thanks
    Carlos
    New York

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  17. Don't auto login accounts so accounts can be swapped (BUG)

    Whenever the Outlook sign in page pops up after a token request, i.e.:

    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?clientid=&responsetype=code&redirecturi=&responsemode=query&scope=&state=

    It gives you the option to login with an account, but immediately forwards back to the redirect url, logging you in with the last selected account.

    A very frustrating bug for many people here.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  18. Api

    Please provide API for manage the users based on application.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support Azure Conditional Access for Microsoft Graph

    A lot of Microsoft products does not work as expected due to the fact the Microsoft Graph does not support Azure Conditional Access. Among the applications I can mention is Microsoft Teams, ToDo, etc. that all rely on the Microsoft Graph and breaks to to limited support or no support for Azure Conditional Access.

    Teams:
    https://microsoftteams.uservoice.com/forums/555103-public/suggestions/32657161-conditional-access-team-authentication

    ToDo:
    https://todo.uservoice.com/forums/597175-feature-suggestions/suggestions/32007451-add-support-for-conditional-access

    /Peter Selch Dahl - Azure MVP

    39 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  20. workday-AAD photo sync

    "Can I provision user's photo from Workday to Active Directory?
    The solution currently does not support setting binary attributes such as thumbnailPhoto and jpegPhoto in Active Directory."
    Photo management is a pain, we would love for users to upload their own photos to WD (taking care of the cropping and resizing for us) then it syncs to AD,AAD, sharepoint,delve,exchange, etc. Currently we add to AD then force sync to O365 because of sync issues.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base