Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have anidea or feature suggestion based on your experience with Microsoft Graph?Please share these with us by submitting your idea below or voting up ideassubmitted by other users. This forum will be directly monitored by theMicrosoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, pleasechoose the corresponding category. Please submit any broad ideas related toMicrosoft Graph or ideas across more than one service to the “General”category.

This site is only for feature suggestions and ideas! If youneed technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on the Microsoft Graph, please checkout https://graph.microsoft.com .


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support Uploading a x509 Certificate to application manifest for web apps using clientCredential flow

    As it is now there is no way of uploading a x509 certificate programmatically using https://graph.microsoft.com as resource but it's very much possible using https://graph.windows.net which seems very strange to me and only for Delegate Permissions.

    I know that they are two different apis but development on Azure Graph API has halted and I don't want to use that. Consider adding a functionality to upload a x509 certificate to application Manifest for applications created on Microsoft Application Registration Portal!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. allow api windows.graph.net to query the AAD Tenant's trust relationships with Azure Subscriptions

    allow api graph.windows.net or graph.microsoft.net to query the AAD Tenant's trust relationships with Azure Subscriptions. These trust relationships exist in the classic azure portal under Settings showing the Azure Subscription and the default AAD

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Javascript Example w/ Implicit Auth

    I could really use a core javascript example on how to query the graph api to obtain the beta extended user properties. I just want to grab the information associated with the current logged in user in sharepoint online.

    I read some articles about implicit authentication. I set up the app in Azure but I am still having authentication issues.

    https://graph.microsoft.com/beta/me/

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow application permissions for group lifecycle management

    Hi,
    I`d like to ask you to allow Application permission to manage membership of groups in lifecycle policy management.
    In beta bersion of Microsoft Graph you require that only Delegated permissions are allowed. In my use case, I need application with higher permissions executing on behalf of lower privileged user.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  5. 16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    WhenCreated (createdDateTime) is already exposed on some objects, like user, and organization in Microsoft Graph. This may get extended to other objects. NOTE for the user resource you will need to explicitly $select this property to get it in the response.

    We don’t currently expose WhenChanged. I don’t think this is even in the backlog – sorry. We would also need to look at the history aspect, but you could build your own history (including when changed) by using the directory audit logs – https://docs.microsoft.com/en-us/graph/api/resources/azure-ad-auditlog-overview?view=graph-rest-1.0

  6. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. Publish gem omniauth-microsoft_v2_auth on rubygems.org

    For current Ruby integration, the gem omniauth-microsoftv2auth needs to be pulled from github, rather than from the standard gems source of rubygems.org.

    omniauthsrc = 'git://github.com/cbales/omniauth-microsoftgraph'
    gem 'omniauth-microsoftv2auth', git: omniauth_src

    Can you please publish the gem with all the other gems on rubygems.org, to avoid pulleding directly from github?

    gem 'omniauth-microsoftv2auth'

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  8. include an API to close Risk Events by external systems

    Documentation does not show an API to use in order to close a risk event (and set it as Resolved/FalsePositive/Ignored as explained here https://docs.microsoft.com/en-us/azure/active-directory/active-directory-identityprotection )

    This is a blocker to automation efforts.. Please add this API.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow v2.0 endpoint authenticated apps to use Office management api scopes and claims

    The current azure v2.0 endpoint authenticated access tokens don't work with service management apis listed in this document (https://msdn.microsoft.com/en-us/office-365/office-365-service-communications-api-reference)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  10. External users grant administrative roles similar to azure external admins

    Add the ability to grant external users administrative roles for office365. This functionality exists for Azure, but not office365/exchange online.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow Azure AD High Level setting changes through REST API

    Extend the REST API to allow changing of high level Azure AD attributes including company branding logo, sign in properties and global user settings.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. app-only client_credentials permission for consented users

    I am creating a daemon API app which will not have any UI to allow someone to provide credentials and consent.. the purpose of this daemon app is to send mail(via graph API) on behalf of a service account in my organization(AD tenant).

    Right now with admin consent looks like i can only request permission from my admin to send email on behalf of any user in organization, but with no limit on the users who can send emails.

    My intention is to have a daemon app that user clientid and clientsecret and form a graph api endpoint…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  13. Return the nextlifecycledate from subscribedSkus

    Return the nextlifecycledate for
    GET https://graph.microsoft.com/beta/subscribedSkus

    get-msolsubscription returns this property. As you encourage people to use graph APIs, instead of MSOL commandlets, please try to provided equivalent functionality in the graph api world.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add more permission scopes to "policies" endpoint in MS Graph

    Currently /policies requires Directory.AccessAsUser.All which is a delegated permission. Can we include the application-level permission Directory.Read.All?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  15. allow applications with app-only token to impersonate user accounts

    If an application with an app-only accesstoken could impersonate any other user (not signing them them in with username and password, but impersonating them either by id or userPrinicpalName) then the apps could act more easily on behalf of specified users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  16. Office 365 Unified API Credentials/Call Proxy

    It should be possible through the Office.js to call the Unified API, without having to log on separately in the add-in using adal. This would drasticall simplify the application flow. It could possibly be implemented similarly to mailbox.makeEwsRequestAsync.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow to set the background color of your app in the O365 app launcher

    Currently the color is grey by default and will most likely not go well with all types of icons SaaS apps will come in. Being able to define the own color would allow a SaaS app vendor to also use that color for identification purposes etc.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
1 2 4 Next →
  • Don't see your idea?

Feedback and Knowledge Base