Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Include users' last logon time

    Last Logon is missing from the user objects in Azure! I'd like to be able to read the Last Logon information through the Graph API, to tell which users are actually logging in. But very surprisingly I can't find any such attribute!

    Can we please please add this attribute to the user object?

    476 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    45 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    This capability is now in /beta. It was actually documented earlier, but the service wasn’t quite functional. It is now.
    Here’s an example of getting users and their last signin activity: https://docs.microsoft.com/graph/api/user-list?view=graph-rest-beta&tabs=http#example-5-list-the-last-sign-in-time-of-users-in-a-specific-time-range

    Although not documented you can also filter on a date range to get the set of users that have not signed in since a certain date, or the users that signed in in the last 3 weeks etc.

    Try GET https://graph.microsoft.com/beta/users?$filter=signInActivity/lastSignInDateTime ge 2020-03-20T00:00:00Z&$select=signInActivity,id,userPrincipalName

  2. Restrict permissions to app-only Azure AD applications consuming Office 365 services on resource level

    Large organization start leveraging the Graph API to provide integrations between their third party applications and Office 365. In such companies it is common to delegate the development of integrations from the central IT organization to other business units.
    The current app-only permission priviledges are not appropriate for such types of setups since there is currently no way to limit the permissions for that app to a specific resource in Office 365. This makes such use cases impossible to implement.

    As an example we could consider SharePoint Online. Whever a business unit has to develop a daemon tool that exchanges…

    382 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    50 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    Work has started. We plan to build an experience where end users and administrators can pick a specific resource to grant consent to, such as a specific group or site. This will be programmable through Microsoft Graph API.

  3. Support the discoverability of Shared Mailboxes

    It seems that Outlook REST APIs is providing new scopes and the possibility to request the shared mailboxes. See this question on StackOverflow http://stackoverflow.com/questions/38616499/what-is-the-purpose-of-the-new-read-user-and-shared-mail-delegated-scope-in-az/38626322?noredirect=1#comment64649553_38626322

    The problem now lies in the fact that we cannot "discover" the shared mailbox for the end user. It means that you cannot create an application that show all the shared mailboxes for an end-user because we do not know the name/id for them.

    176 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for this feedback. We are aware of this. We are not actively invested in this right now. More votes would help prioritize this. ^JT

  4. Application permission for Presence

    From https://docs.microsoft.com/en-us/graph/api/presence-get?view=graph-rest-beta, only Delegated (work or school account) is supported. Supporting application permission for presence calls is really helpful for enterprise usage.

    170 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Backlog  ·  11 comments  ·  Cloud Communications  ·  Flag idea as inappropriate…  ·  Admin →
  5. Exchange Online Admin API Support

    There is an adequate amount of client side Rest APIs for outlook, but nothing truly available on the admin side. Allowing API calls to create Online Rules and Connectors for example would (hopefully) be less error prone than manually invoking Powershell sessions, especially if rules and connectors need to be created en masse.

    165 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Application permissions to Task API

    While reviewing the O365 Preview API I was wondering what about Task-Management. Currently there are two systems for task management (Exchange and SharePoint). Would be great to see a roadmap for TaskManagement in the O365 Story and of course get an API to easily connect Apps to consume tasks. (No CSOM required just give us REST :D)

    138 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Tasks and Plans (Planner)  ·  Flag idea as inappropriate…  ·  Admin →
  7. MIME upload email content with microsoft graph

    Graph API allows me to get the MIME content of email calling following graph api request: GET https://graph.microsoft.com/beta/me/messages//$value .

    As we work on O365 app which changes content of email, it would be great to have possibility to edit the MIME content thru PUT operation.

    In addition, apps should be able to create new messages using MIME content.

    136 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  8. allow access to user presence via API

    Please allow access to read and update user presence via API.

    113 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    20 comments  ·  Cloud Communications  ·  Flag idea as inappropriate…  ·  Admin →
  9. Fully migrate AD users to Azure AD

    I would like to be able to fully migrate my AD users to the cloud, so that when I use them to log into an AzureAD Joined Machine, the whoami CMD properly returns AzureAD\fristnamelastname. Right now there are hidden attributes accociated with the previously AD synced user, that causes the whoami CMD to return DOMAIN\username. This is preventing cloud migrations.

    Response I received suggesting that I contact this team.

    "This a known gap, that we're reviewing. Even though you have migrated the user from AD to Azure AD, the onprem SamAccountName is still intact on the user object, among other…

    108 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add Pagination to the findRooms API, to get past the limit of 100 rooms

    The /findRooms API states: "You can get up to the first 100 rooms in the tenant". Could you please add standard Pagination, to get past this limit?

    I tried /findRooms?$top=1000&$count=true but I am not able to make these query parameters work. In addition, I now understand that the API doesn't currently support things like $top or $skip.

    100 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Calendar (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ability to filter on collection type properties (e.g. find all users with skill X)

    In order to, for example, filter users by a certain skill you cannot do only one REST call now.

    From stackexchange:

    "Filter on collection type properties is represented as below:

    https://graph.microsoft.com/v1.0/users?$filter=skills/any(c:c eq 'Javascript')

    However, filter on skills property is currently not supported. You can place a request in uservoice site."

    I would like support for this /any command, specifically for skills but for all queries would be great too.

    87 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  12. Possibility to enable/disable multi-factor authentication for a user via the Graph API

    We would like to be able to set MFA for users from a custom application, by using Graph API or Azure AD SDK.

    81 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
    started  ·  Azure AD Team responded

    We’re in the process of building APIs for both conditional access policies and authentication method registration. Between the two, you’ll be able to programmatically register your users’ auth methods (sms, voice, etc) and also create and edit conditional access policies to require MFA.

    Michael

  13. Add a "My Groups - Read/Write" Permission (that does not require Admin Consent)

    It should not be necessary to require an admin consent to do Group read write operations through the graph API. There should be a permission for My Groups.

    81 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    The work has started, but there is no target date yet due to early investigations. This will work first on Microsoft Teams, then we will target Office 365 Groups. ^JT

  14. Office 365 REST API - Include Email Signature

    I'm sending email on behalf of logged-in user in my app.
    I would like to ability to include email signature defined in the user's mail settings.

    81 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →

    This is something we are aware of. There is currently work being done in all the Outlook clients so that a mail signature roams between clients. Then work can be done to make it available on the Microsoft Graph. ^JT

  15. Allow Access to Planner using Client Credentials Flow

    Planner tasks, buckets and plans are apparently not accessible using client credentials flow (app only).

    I can access them using code flow authentication, but that's not my requirement (internal web service).

    Everything else seems to work - it's just the planner stuff that doesn't (401 unauthorized).

    Is there a workaround that doesn't require a user to log in?

    80 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    17 comments  ·  Tasks and Plans (Planner)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Teams- Subscription to user presence updates

    As it stands, the API to get Teams presence requires constant polling in order to track a user's presence in near-real time. It would be more useful if we could subscribe to all presence updates using a webhook.

    71 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Cloud Communications  ·  Flag idea as inappropriate…  ·  Admin →
  17. Expand navigation property of children with a single query

    Impossible to get members of Azure AD group with expanded 'manager' property in one request.
    for example:
    https://graph.windows.net/<tenantid>/directoryObjects/<groupid>/members/?api-version=1.6&$expand=manager

    we gets the following response:
    {"code":"Request_UnsupportedQuery","message":{"lang":"en","value":"An unsupported query was observed. Please ensure you query does not navigate across multiple reference-properties."}

    I suppose reason of such response is clear. and current workaround is the following:
    1) Get group members
    2) for each five members(using OData batch) get manager
    But this way make us do a lot of requests to Azure AD and we expect performance degradation here.

    We develop multi tenant application which access Azure AD of all our customers…

    71 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Azure AD Team responded

    We are still looking into it! It is due to current platform limitation, and there is some work going on to address this. Again, thank you for the suggestions! Keep the votes coming.

  18. SharedMailbox members (mailbox permissions) via Graph API

    We are trying to get the members (mailbox permissions) of a SharedMailbox via Graph API. We do not see any Graph endpoint at the moment that can help us get this information. We are in the process of building a custom application where we need to be able to perform read and write operations of SharedMailbox membership/permissions. This functionality is certainly available via the exchange online powershell and I can imagine this being a critical functionality which is not yet available in Graph API. .

    68 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow MS Graph proxyAddress filters to specify endsWith() and contains()

    Currently there is support for startsWith and eq filters on proxyAddresses. However there is no way to search for proxyAddresses that endsWith or contains a string. E.g. finding users with a proxyAddress in a specific domain.

    $filter=proxyAddresses/any(x:endsWith(x,'@acme.com'))

    See this thread for more information: https://stackoverflow.com/questions/46588870/filtering-on-proxyaddresses-with-microsoft-graph-api-that-endswith-or-contains-a

    66 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    This work is on the backlog and currently isn’t scheduled. The feature will be updated here once dev work is started. -EY

  20. GraphQL API for the Microsoft Graph

    Facebook's GraphQL is the perfect API solution for the Microsoft Graph. I highly encourage you to implement this, since it would improve development for React apps.

    65 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for your feedback! We are doing some investigation into GraphQL. We’ll keep you posted.

    Thanks!
    Office Extensibility Team

← Previous 1 3 4 5 55 56
  • Don't see your idea?

Feedback and Knowledge Base