Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Leverage Security API to access MCAS alert info

    Currently, we can query the Graph Security API to get MCAS alerts but the info is limited. The Description contains the file name but there's no other file information. We have to use the MCAS powershell module to get file info such as file path, Collaborators, sharing status and the Sensitive info type that triggered. All of this info is available through the MCAS alert console. It would be nice to be able to get that additional information from Graph.

    We're trying to build a report of all alerts with all file and other data available and Powershell ends up…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Security and Compliance Center API

    Being able to access and use the eDiscovery features in the Security & Compliance Center through the Graph API.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add API to find physical data location of O365 tenant

    Information regarding where the physical data is stored for an O365 tenant is available in the Admin UI. It would be great if this was also exposed via the Graph API for application developers that want to store the user's data in the same Azure geopolitical region.

    https://www.ntweekly.com/2018/07/07/check-data-location-office-365/

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Include Sentinel incident data and all entities in the Security Graph so the data is available for Splunk

    Include ALL Sentinel incident data (such as incident URL, all entities, alert grouping... ) into the Graph so the data is available for other SIEMs.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Authentication reader role

    I have a requirement to read all users MFA phone numbers for a tenancy. Once the authentication methods endpoint is out of beta, it would be great to have a non-admin role that can read all accounts (both admin and non-admin) authentication methods without granting the global reader role.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to enable the Audit log as it is off by default by way of the Graph

    It would be good to be able to enable the audit log by way of the Graph. I know this can be facilitated in the UI and PowerShell for enablement and PowerShell only for disabling again but it would be good to get it enabled/disabled by way of the Graph.

    Between you and me an even better solution would be to have the audit log enabled by default.

    Thanks

    Henry

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. create a security api endpoint for investigations

    ATP has been great - it automatically handles a lot of things for us. So I don't need to see all of the alerts that come through every day.

    However, I do care about seeing the investigations as they need to happen - perhaps to automate it through flows or powerapps.

    It would be great to have an API Endpoint for Investigations. I tried to correlate ThreatManagement alerts to items in the Investigations component, but the IDs don't line up. I don't see any other way to query for those id's.

    Thanks!

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Scoping Microsoft Graph application permissions to specific Sharepoint Sites

    As a developer, I'd like to use the Microsoft Graph API to access data on Microsoft Sharepoint Sites. At first glance, I would enable the permissions at the Application Level and access the Sharepoint Site data, however, when an administrator grants access they are granting access to ALL sharepoint sites - therefore in a large enterprise organization, this is viewed as a security risk and is usually disabled (as it should be). Recently, Exchange services enabled scoped permissions so that only specific mailboxes can be accessed at the application level. It would be great if we could apply a similar…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add Get-BlockedSenderAddress to Graph API

    One common security trigger for email accounts is to monitor whether any account under your tenant is blocked as a spammer (as this could denote infection).

    This data is available in the console or with the Get-BlockedSenderAddress cmdlet, but all the other data I need is available through MS Graph API, and I would prefer to be able to pull everything from Graph as a single federated endpoint rather than going back to pulling bits of data from each system individually.

    This would make sense either under Security or under Mail

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. current score

    Calling https://graph.microsoft.com/beta/security/secureScores?$top=1 I can get 'currentScore' and 'maxScore', however when I call https://graph.microsoft.com/beta/$metadata#Security/secureScoreControlProfiles what I am getting back is only 'maxScore' - can you add 'currentScore' here as well? Or I am missing some point here?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Extend Rest API to allow read of security and compliance center alerts

    Security and compliance center alerts data is only available from powershell, it would be great if we could at least read the alerts through the rest api.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base