Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. To provide user's base location/country.

    Currently, User's Country is shown as Null through Graph API. It would be helpful, if the Country field is populated with location where user is currently based. If the user moves from one country to another, the country field must be updated.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. enable all User attributes (which can be queried in the MS Graph API) as custom access token claims

    There are a select few of "optional attributes" to attach to an Azure AD Access Token. Ideally, any "user" attribute can be incorporated into an access token. In our case, we need mailNickname, but I see other attributes being requested such as employeeId. We should be able to name "User" as the source and select any property available as an AD attribute attached to the user.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Get department manager

    I would like to query managers based on department, where I send department name for instance and get the details of the manager of the department in Graph\User return type

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Implement the possibility of adding AppRoleAssignment through the SDK

    The documentation is already there:

    https://docs.microsoft.com/en-us/graph/api/serviceprincipal-post-
    approleassignments?view=graph-rest-beta&tabs=csharp

    However the AddAsync method is not part of the latest beta-build

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add an endpoint to list the users in each role

    I need to be able to get a list of the "Supervisor" role assigned to a specific application for Azure AD. Please add this to Microsoft Graph

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  6. workday-AAD photo sync

    "Can I provision user's photo from Workday to Active Directory?
    The solution currently does not support setting binary attributes such as thumbnailPhoto and jpegPhoto in Active Directory."
    Photo management is a pain, we would love for users to upload their own photos to WD (taking care of the cropping and resizing for us) then it syncs to AD,AAD, sharepoint,delve,exchange, etc. Currently we add to AD then force sync to O365 because of sync issues.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. graph api does not send invitation email for guest user

    I've submitted to this api https://graph.microsoft.com/v1.0/invitations and it creates an invitation, but to send the email I have to log into the portal and click resend invitation. Please have the API actually send the email.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  8. Atlassian Jira/Confluence user creation and authorization

    https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/ms-confluence-jira-plugin-adminguide

    The Jira and Confluence add-on currently only supports SSO authorization. I would like it to also support authorization and user account creation on first sign-in. This way it would be a full SAML implementation.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. SCIM defects - ResourceTypes endpoint is not being requested by Azure

    Problem: Azure User Provisioning does not use the /ResourceTypes endpoint to discover the correct /Users endpoint in my SCIM implementation



    • Please refer to Page 74 of the SCIM specification, RFC7644, Section 4, which states:

      /ResourceTypes
      An HTTP GET to this endpoint is used to discover the types of
      resources available on a SCIM service provider (e.g., Users and
      Groups). Each resource type defines the endpoints, the core
      schema URI that defines the resource, and any supported schema
      extensions. The attributes defining a resource type can be found
      in Section 6 of [RFC7643], and an example representation can be
      found in…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide endpoint to return subscribedSkus cost per user per month/annum

    Since there is an API the returns the subscribedSku's already, it would be nice to have a new endpoint or extend the existing api to return the subscribedSkus cost per user per month/annum

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  11. Provide admin interface to grant the Managed Service Identity's service principal access to common API operations

    I'd like to be able to leverage the same experience that's offered to 'App Registrations' in the portal when granting my MSI's service principal (for example) access to individual operations within the MS Graph api.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. It would be beneficial to automate User provisioning option(to remove the license for terminated users) via ISIM

    we are trying to automate license removal for terminated users in our company, right now we manually remove the license, but trying to implement O365 Adapter to automate but it looks like fail. Please advise!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  13. API support to create application registration portal

    Is there any API available to create new Application in Application registration portal (https://apps.dev.microsoft.com) and get the password.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  14. Javascript Example w/ Implicit Auth

    I could really use a core javascript example on how to query the graph api to obtain the beta extended user properties. I just want to grab the information associated with the current logged in user in sharepoint online.

    I read some articles about implicit authentication. I set up the app in Azure but I am still having authentication issues.

    https://graph.microsoft.com/beta/me/

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow Azure AD High Level setting changes through REST API

    Extend the REST API to allow changing of high level Azure AD attributes including company branding logo, sign in properties and global user settings.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  16. app-only client_credentials permission for consented users

    I am creating a daemon API app which will not have any UI to allow someone to provide credentials and consent.. the purpose of this daemon app is to send mail(via graph API) on behalf of a service account in my organization(AD tenant).

    Right now with admin consent looks like i can only request permission from my admin to send email on behalf of any user in organization, but with no limit on the users who can send emails.

    My intention is to have a daemon app that user clientid and clientsecret and form a graph api endpoint…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  17. Office 365 Unified API Credentials/Call Proxy

    It should be possible through the Office.js to call the Unified API, without having to log on separately in the add-in using adal. This would drasticall simplify the application flow. It could possibly be implemented similarly to mailbox.makeEwsRequestAsync.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add a way to refresh the accessPackageResource object's properties.

    Currently, resources in the Entitlement Management resource catalog get their properties from the resource when it is added to the catalog. If the resource's name changes, it becomes out of sync with the catalog causing confusion. Ideally, it would be best if the properties were synced. However, a workaround could be to add another method to the graph API accessPackageCatalog resource type to refresh the properties on all the accessPackageResource objects contained in the catalog.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  19. orgContacts should support "msExchHideFromAddressLists"

    Full story: Our goal was to query an API that is "like" the tradional GAL. In theory the GAL is just a combination of users and contacts, so we thought that this would be ok-ish just get all users first and then query orgContacts.

    Unfortunately we discovered that the orgContacts API (https://docs.microsoft.com/en-us/graph/api/orgcontact-list?view=graph-rest-1.0&tabs=http) will return all contacts from the tenant.
    In our tenant some contacts are flagged with msExchHideFromAddressLists and this would be a NoGo four our application to surface such "hidden" contacts. We didn't found a way to filter them.

    It would be nice to have this "old…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  20. create retention event

    Hi,

    There is the ability available to create an event using REST api - https://docs.microsoft.com/en-us/microsoft-365/compliance/automate-event-driven-retention?view=o365-worldwide
    However this only seems to work with basic authentication which some Orgs dont allow.
    Can you extend Graph api to provide permissions for this also?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base