Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have anidea or feature suggestion based on your experience with Microsoft Graph?Please share these with us by submitting your idea below or voting up ideassubmitted by other users. This forum will be directly monitored by theMicrosoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, pleasechoose the corresponding category. Please submit any broad ideas related toMicrosoft Graph or ideas across more than one service to the “General”category.

This site is only for feature suggestions and ideas! If youneed technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on the Microsoft Graph, please checkout https://graph.microsoft.com .


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Include users' last logon time

    Last Logon is missing from the user objects in Azure! I'd like to be able to read the Last Logon information through the Graph API, to tell which users are actually logging in. But very surprisingly I can't find any such attribute!

    Can we please please add this attribute to the user object?

    461 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    38 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to filter on collection type properties (e.g. find all users with skill X)

    In order to, for example, filter users by a certain skill you cannot do only one REST call now.

    From stackexchange:

    "Filter on collection type properties is represented as below:

    https://graph.microsoft.com/v1.0/users?$filter=skills/any(c:c eq 'Javascript')

    However, filter on skills property is currently not supported. You can place a request in uservoice site."

    I would like support for this /any command, specifically for skills but for all queries would be great too.

    81 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add a "My Groups - Read/Write" Permission (that does not require Admin Consent)

    It should not be necessary to require an admin consent to do Group read write operations through the graph API. There should be a permission for My Groups.

    71 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    The work has started, but there is no target date yet due to early investigations. This will work first on Microsoft Teams, then we will target Office 365 Groups. ^JT

  4. Possibility to enable/disable multi-factor authentication for a user via the Graph API

    We would like to be able to set MFA for users from a custom application, by using Graph API or Azure AD SDK.

    70 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
    started  ·  Azure AD Team responded

    We’re in the process of building APIs for both conditional access policies and authentication method registration. Between the two, you’ll be able to programmatically register your users’ auth methods (sms, voice, etc) and also create and edit conditional access policies to require MFA.

    Michael

  5. Fully migrate AD users to Azure AD

    I would like to be able to fully migrate my AD users to the cloud, so that when I use them to log into an AzureAD Joined Machine, the whoami CMD properly returns AzureAD\fristnamelastname. Right now there are hidden attributes accociated with the previously AD synced user, that causes the whoami CMD to return DOMAIN\username. This is preventing cloud migrations.

    Response I received suggesting that I contact this team.

    "This a known gap, that we're reviewing. Even though you have migrated the user from AD to Azure AD, the onprem SamAccountName is still intact on the user object, among other…

    53 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to update the user's email aliases (proxyAddresses attribute).

    https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#user-entity shows that we can GET, POST and PATCH the "otherMails" attribute of a user object. otherMails is described as "A list of additional email addresses for the user", which makes it sound like the user's email aliases. However, if you set this attribute, then look at the user in the Office365 Admin Center or Powershell, you see it's actually the "Alternate Email Address" attribute: i.e. the contact address required for admin accounts. In the Graph API the attribute that lists the email aliases is "proxyAddresses" and this is read-only (i.e. only supports GET). It's been explained to me by…

    47 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  7. expose “lastModifiedDateTime” on user

    I need to retrieve the last modified date of user profiles in Office 365 from the Graph API.

    Could you please provide the endpoint similar to https://graph.microsoft.com/beta/me/?$select=createdDateTime

    But have it be for the last time the user profile was modified by the user or admin, would be awesome for it to be https://graph.microsoft.com/beta/me/?$select=lastModifiedDateTime

    43 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow MS Graph proxyAddress filters to specify endsWith() and contains()

    Currently there is support for startsWith and eq filters on proxyAddresses. However there is no way to search for proxyAddresses that endsWith or contains a string. E.g. finding users with a proxyAddress in a specific domain.

    $filter=proxyAddresses/any(x:endsWith(x,'@acme.com'))

    See this thread for more information: https://stackoverflow.com/questions/46588870/filtering-on-proxyaddresses-with-microsoft-graph-api-that-endswith-or-contains-a

    41 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    This work is on the backlog and currently isn’t scheduled. The feature will be updated here once dev work is started. -EY

  9. Extensions Permission

    This affects all resources that support extensions but let’s take the User resource as an example:

    Extending the User resource currently requires an entire User Profile read/write consent (User.ReadWrite).
    We only want to read and write additional data that we provide to the User resource and not modify the entire resource. Users might be hesitant about consenting to Apps that could potentially corrupt their entire user profile.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow $filter on showInAddressList for /users and /groups

    I'd love to be able to filter the /users and /groups collection on the showInAddressList property.

    This would allow us to get all users and groups that are to be shown in the addressbook, currently this means retrieving them all and filtering afterwards (but that poses issues with pagination).

    For groups, there is a dependency on this UserVoice: https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/32677822-support-hiddenfromaddresslistsenabled-property-on

    26 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  11. Include "businesePhones" in basic profile

    According to https://docs.microsoft.com/en-us/graph/permissions-reference#remarks-23, now with permission:"User.readBasic.All" , only bleow properties would be visible:


    • displayName

    • givenName

    • mail

    • photo

    • surname

    • userPrincipalName

    Which means "businessPhones" is not included.

    So it means normal user (not admin) won't be able to view other users' business phones in Teams, even these "other users" are their colleagues !

    You never want to reach your colleague by calling their business phone !? So what's the point to keep business phone invisible to most users in same organization?

    Just suggest to include businessPhones in basic profile.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow filtering users by officeLocation

    While filtering works for some attributes like department it doesn't work for officeLocation, which sadly I need for my use case.

    GET https://graph.microsoft.com/beta/users?$filter=officeLocation eq 'Gaithersburg, MD'

    Returns:
    {

    "error": {
    
    "code": "Request_UnsupportedQuery",
    "message": "Unsupported or invalid query filter clause specified for property 'officeLocation' of resource 'User'.",
    "innerError": {
    "request-id": "641beedd-4df5-4b97-b6b5-4f574c382d08",
    "date": "2017-07-26T18:32:39"
    }
    }

    }

    19 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  13. Implement $skip for users api or provide previous link

    Pagination issue. There is no way to redirect to previous page If we use $top parameter, it provides next page url using which we can go to next page. We also can not use $skip parameter when we want to get users of an organization. Please provide $skip to use with users api, or provide previous link with $top parameter

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Needs more information  ·  1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  14. Expose user Authentication Phone and Authentication Email

    why graph api don't sending user authentication email and phone number using this api endpoint https://graph.windows.net/myorganization/users/{user_id}?api-version.

    in my application i need the email address user used for signup and mobile number which user used for MFA. but i can't find any of those.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow update mail attribute for Azure AD User object throught REST API

    Currently we are creating users in Azure AD through Azure AD Graph API (from our Identity Manager Application). Also we assign licenses using the same Rest API. Our users, among other thinks, uses Sharepoint Online and Skype for Bussiness Online. All of our users have his mailbox in an Exchange 2010 (on-premise), so they don't have the Exchange Online Plan. For Skype for Bussiness integration with Outlook, it's needed that the mail attribute on the Azure AD object be the same as the mail address in Outlook. The problem is that this attribute is read only throug rest API. Also,…

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add support for wWWHomepage

    Microsoft Graph cant return the wWWHomePage property that people know from regular AD. We need to access this field in a business case and cant do so, because of the current limitations.

    Please add support for wWWHomePage on the User object!

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow updating any users Photo with User.ReadWrite.All scope

    Currently even if you have the User.ReadWrite.All you cant update another users photo via:

    PUT /beta/users/{User ID}/photo/$value

    This would be VERY helpful.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    This work has been started. There is no target In Preview date yet as the investigation is still ongoing on what complete work is required. ^JT

  18. Add an O365 REST API endpoint returning a list of pinned "My Apps" of a current user

    When I'm creating an App on Office 365, users can pin them and select them from the "My Apps" menu in the new Office 365 ribbon.

    I would like to recreate this menu/whole ribbon in my app (desktop or web, whatever), to bring a consistent experience to my end users. By this, my users could easly switch between O365 Apps and my app.

    I'm inspired by TechEd Europe and all the O365 sessions. This is what imho is missing and is very important atm.

    Something like:
    dev.office.com/me/apps/pinned

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Backlog  ·  0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  19. Provide API access to AAD user MFA Properties

    Would be good to not only retrieve the state of the authentication requirements, but the details around MFA as well: MFA Methods, etc (StrongAuthenticationMethod, StrongAuthenticationRequirement, StrongAuthenticationDetails that was available in PS for AAD V1)

    16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  20. Supportability for more attributes with MS Graph API

    Please support syncing more attributes (on user create and update) with MS Graph API.

    Here is the wish-list:
    proxyAddresses,
    postOfficeBox,
    pager,
    msExchExtensionCustomAttribute,
    mail,
    ipPhone,
    info,
    extension<AADAppGUID><attribute_name>,
    description,
    countryCode,
    commonName,
    cloudAnchor,
    alias

    Thanks,
    Anna

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base