Last Logon is missing from the user objects in Azure! I'd like to be able to read the Last Logon information through the Graph API, to tell which users are actually logging in. But very surprisingly I can't find any such attribute!

Can we please please add this attribute to the user object?

In order to, for example, filter users by a certain skill you cannot do only one REST call now.

From stackexchange:

"Filter on collection type properties is represented as below:

https://graph.microsoft.com/v1.0/users?$filter=skills/any(c:c eq 'Javascript')

However, filter on skills property is currently not supported. You can place a request in uservoice site."

I would like support for this /any command, specifically for skills but for all queries would be great too.

It should not be necessary to require an admin consent to do Group read write operations through the graph API. There should be a permission for My Groups.

We would like to be able to set MFA for users from a custom application, by using Graph API or Azure AD SDK.

I need to retrieve the last modified date of user profiles in Office 365 from the Graph API.

Could you please provide the endpoint similar to https://graph.microsoft.com/beta/me/?$select=createdDateTime

But have it be for the last time the user profile was modified by the user or admin, would be awesome for it to be https://graph.microsoft.com/beta/me/?$select=lastModifiedDateTime

Currently there is support for startsWith and eq filters on proxyAddresses. However there is no way to search for proxyAddresses that endsWith or contains a string. E.g. finding users with a proxyAddress in a specific domain.

$filter=proxyAddresses/any(x:endsWith(x,'@acme.com'))

See this thread for more information: https://stackoverflow.com/questions/46588870/filtering-on-proxyaddresses-with-microsoft-graph-api-that-endswith-or-contains-a

This affects all resources that support extensions but let’s take the User resource as an example:

Extending the User resource currently requires an entire User Profile read/write consent (User.ReadWrite).
We only want to read and write additional data that we provide to the User resource and not modify the entire resource. Users might be hesitant about consenting to Apps that could potentially corrupt their entire user profile.

I'd love to be able to filter the /users and /groups collection on the showInAddressList property.

This would allow us to get all users and groups that are to be shown in the addressbook, currently this means retrieving them all and filtering afterwards (but that poses issues with pagination).

For groups, there is a dependency on this UserVoice: https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/32677822-support-hiddenfromaddresslistsenabled-property-on

According to https://docs.microsoft.com/en-us/graph/permissions-reference#remarks-23, now with permission:"User.readBasic.All" , only bleow properties would be visible:

• displayName


• givenName


• mail


• photo


• surname


• userPrincipalName

Which means "businessPhones" is not included.

So it means normal user (not admin) won't be able to view other users' business phones in Teams, even these "other users" are their colleagues !

You never want to reach your colleague by calling their business phone !? So what's the point to keep business phone invisible to most users in same organization?

Just suggest to include businessPhones in basic profile.

While filtering works for some attributes like department it doesn't work for officeLocation, which sadly I need for my use case.

GET https://graph.microsoft.com/beta/users?$filter=officeLocation eq 'Gaithersburg, MD'

Returns:
{

"error": {

    "code": "Request_UnsupportedQuery",

    "message": "Unsupported or invalid query filter clause specified for property 'officeLocation' of resource 'User'.",

    "innerError": {

        "request-id": "641beedd-4df5-4b97-b6b5-4f574c382d08",

        "date": "2017-07-26T18:32:39"

    }

}

}

Pagination issue. There is no way to redirect to previous page If we use $top parameter, it provides next page url using which we can go to next page. We also can not use $skip parameter when we want to get users of an organization. Please provide $skip to use with users api, or provide previous link with $top parameter

why graph api don't sending user authentication email and phone number using this api endpoint https://graph.windows.net/myorganization/users/{user_id}?api-version.

in my application i need the email address user used for signup and mobile number which user used for MFA. but i can't find any of those.

Microsoft Graph cant return the wWWHomePage property that people know from regular AD. We need to access this field in a business case and cant do so, because of the current limitations.

Please add support for wWWHomePage on the User object!

Currently even if you have the User.ReadWrite.All you cant update another users photo via:

PUT /beta/users/{User ID}/photo/$value

This would be VERY helpful.

When I'm creating an App on Office 365, users can pin them and select them from the "My Apps" menu in the new Office 365 ribbon.

I would like to recreate this menu/whole ribbon in my app (desktop or web, whatever), to bring a consistent experience to my end users. By this, my users could easly switch between O365 Apps and my app.

I'm inspired by TechEd Europe and all the O365 sessions. This is what imho is missing and is very important atm.

Something like:
dev.office.com/me/apps/pinned

Would be good to not only retrieve the state of the authentication requirements, but the details around MFA as well: MFA Methods, etc (StrongAuthenticationMethod, StrongAuthenticationRequirement, StrongAuthenticationDetails that was available in PS for AAD V1)

Please support syncing more attributes (on user create and update) with MS Graph API.

Here is the wish-list:
proxyAddresses,
postOfficeBox,
pager,
msExchExtensionCustomAttribute,
mail,
ipPhone,
info,
extension<AADAppGUID><attribute_name>,
description,
countryCode,
commonName,
cloudAnchor,
alias

Thanks,
Anna