Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make it possible to manipulate CustomAttributes for organizational Contacts

    Organizational Contacts make it possible to share contacts via Tenant to Tenant. The only decent way to key off source tenant is via adding ExternalDirectoryObjectId to a custom attribute. Please consider adding this to the Graph API. Graph is phenomenal, however, the details really matter when collaborating T2T.

    orgcontact #orgcontacts

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. Graph - Add "isAdmin: true/false" to /me to identify users I can prompt for Admin consent

    My application can be used in a basic mode without Admin permissions. I would like to prompt Administrators for advanced permissions. Currently I cannot detect who is an Admin without already being granted Directory.Read.All permission by an Admin.

    If the "me" route could identify whether the user is an Admin or not it would allow much more control from our application side, without exposing much information

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide admin interface to grant the Managed Service Identity's service principal access to common API operations

    I'd like to be able to leverage the same experience that's offered to 'App Registrations' in the portal when granting my MSI's service principal (for example) access to individual operations within the MS Graph api.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add user.readBasic.all permission as an app permission in Graph

    Azure AD graph has delegated permissions for user.readBasic.all which restricts the information that a 3rd party accessing this api can capture from our tenancy directory. We have a 3rd party app that accesses the Azure directory to retrieve basic data to set up accounts in its user directory and we need to restrict this to the basic data due to the security risk. We cannot rely on the 3rd party just doing the right thing all the time.

    I need a way to set the app to allow app permissions (not delegated as the read occurs every 4 hours without…

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  5. REST API Support for Creating Directories

    REST API should support the ability to create/suspend/delete whole directories towards Azure AD. This is something that has to me done manually today, not that good for creating automated services with Azure Stack with a lot of directories.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  6. Calculate & expose device's primary user based on usage (user to device affinity)

    In many reporting scenarios it is necessary to map between users/devices. E.g.,
    * VIP Victor is complaining about something, we need a list of the devices he uses
    * I need to report on crashes (or some other device data) by the user's department/building/etc.

    Today we have registeredUsers and registeredOwners, but these can't be used for this purpose because:
    A) They seem to reflect primarily administrative enrollment activity, not end-user-affinity
    B) They are many:many and don't automatically calculate a "primary user" based on logon activity

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. Expand navigation property of children with a single query

    Impossible to get members of Azure AD group with expanded 'manager' property in one request.
    for example:
    https://graph.windows.net/<tenantid>/directoryObjects/<groupid>/members/?api-version=1.6&$expand=manager

    we gets the following response:
    {"code":"Request_UnsupportedQuery","message":{"lang":"en","value":"An unsupported query was observed. Please ensure you query does not navigate across multiple reference-properties."}

    I suppose reason of such response is clear. and current workaround is the following:
    1) Get group members
    2) for each five members(using OData batch) get manager
    But this way make us do a lot of requests to Azure AD and we expect performance degradation here.

    We develop multi tenant application which access Azure AD of all our customers…

    71 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Azure AD Team responded

    We are still looking into it! It is due to current platform limitation, and there is some work going on to address this. Again, thank you for the suggestions! Keep the votes coming.

  • Don't see your idea?

Feedback and Knowledge Base