Microsoft Graph Feature Requests
Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.
If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.
This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.
For more information on Microsoft Graph, please checkout https://graph.microsoft.com.
-
Restrict permissions to app-only Azure AD applications consuming Office 365 services on resource level
Large organization start leveraging the Graph API to provide integrations between their third party applications and Office 365. In such companies it is common to delegate the development of integrations from the central IT organization to other business units.
The current app-only permission priviledges are not appropriate for such types of setups since there is currently no way to limit the permissions for that app to a specific resource in Office 365. This makes such use cases impossible to implement.As an example we could consider SharePoint Online. Whever a business unit has to develop a daemon tool that exchanges…
500 votesWork has started. This feature is currently in preview for certain Teams resources with the name “resource-specific consent” (RSC).
Admin documentation: https://docs.microsoft.com/en-us/MicrosoftTeams/resource-specific-consent
Developer documentation: https://docs.microsoft.com/en-us/microsoftteams/platform/graph-api/rsc/resource-specific-consent
We intend to continue adding support for additional resource types in the future (e.g. SharePoint content), but we have no ETA to share at this time.
-
add ediscovery on Microsoft Graph API
Suggest to add ediscovery to microsoft Graph API to execute query automaticaly (search contents, advanced ediscovery)
55 votesOur team has started the work for this feature and it is planned to be delivered in Q4CY20!
-
List members outside the organization
When doing a request to "groups/{id}/members", I would like to get a complete list of members. That is, this list should include contacts that are not part of the organization, but are members of that particular group though.
11 votesThis should be released this quarter to public preview. you should have the ability to get members and cast on those members to only get contacts, as well as count the contacts that are members of that group.
-
Graph Data Connect available in UK South
Please could you make this available to tenants in UK South
4 votesWe’re working on support for all O365 regions, including UK. I’ll update when we have a firm ETA.
-
expose “lastModifiedDateTime” on user
I need to retrieve the last modified date of user profiles in Office 365 from the Graph API.
Could you please provide the endpoint similar to https://graph.microsoft.com/beta/me/?$select=createdDateTime
But have it be for the last time the user profile was modified by the user or admin, would be awesome for it to be https://graph.microsoft.com/beta/me/?$select=lastModifiedDateTime
54 votesComing soon! Keep an eye on the changelog (https://docs.microsoft.com/en-us/graph/changelog) -EY
-
Expose New API to work with Company Branding via Graph API
Expose new API to work with company branding like Sign-in page background image, Sign in page text, Sign-in page background color etc.
or extend /organization endpoint.16 votesUpdate: Sorry for the delays here. We had a bit of a reset in the design. However this is now on track to release this quarter (Q2 2020) to public preview (beta) endpoint.
-
Useful User (Endpoint) Filtering
The collection size of a request to
/users
cannot be feasibly limited.Our active directory has tens of thousands of entries. The API only enables retrieving 100 entries per request. Getting ALL the entries takes a long time and I don't need them ALL. Unfortunately, the options for filtering the request are quite chintzy.
I can use the eq (equal) filter, which would be fine if looking for a single user, but I'm trying to limit the resulting collection to a group of users (e.g. to users who's displayName contains a substring, or where surname is not null). I cannot…
26 votesfilter endsWith support for mail and userPrincipalName is currently under development.
-
Provide Graph API to check user has enabled Azure AD MFA or not
Currently there is no API for identifying whether user is enabled with Azure AD MFA or not, so kindly provide
18 votesComing soon! Work on this has been started. Keep an eye on the changelog (docs.microsoft.com/en-us/graph/changelog) -EY
-
Make Graph data connect readily available to all Office 365 subscriptions
Currently Graph data connect is only available through the Workplace Analytics SKU or through ISVs that are including Data Connect SKUs with their product.
Ideally Graph data connect should be available to all Office 365 subscriptions just as the Graph API is ubiquitously available. This would surely give adoption a boost.
Understandably, the data extraction process takes resource consumption. It would be more transparent to just charge this consumption in stead of the rather high Workplace Analytics SKU fee per user per month.
3 votes -
Provide webhooks for Tasks (MS To-Do)
We are integrating Microsoft To-Do with another service. To avoid polling, we would like to be able to subscribe to Microsoft To-Do list related events. We found similar subscriptions for files and email, but nothing related to Microsoft To-Do tasks.
See documentation for /subscription endpoints, Change notifications: "Use the Microsoft Graph API to get change notifications"
18 votesWith the announcement of the new Todo APIs during build 2020 we are working on providing support for change notifications (webhooks).
https://developer.microsoft.com/en-us/office/blogs/introducing-the-new-microsoft-graph-to-do-api/ -
Add Pagination to the findRooms API, to get past the limit of 100 rooms
The /findRooms API states: "You can get up to the first 100 rooms in the tenant". Could you please add standard Pagination, to get past this limit?
I tried /findRooms?$top=1000&$count=true but I am not able to make these query parameters work. In addition, I now understand that the API doesn't currently support things like $top or $skip.
100 votesWe are moving from the findRooms API to our new Places API. The Places API is available in BETA. We will be adding pagination to this API. Our target date to deliver this is end of January.
Document can be found here: https://docs.microsoft.com/en-us/graph/api/resources/place?view=graph-rest-beta -
Provide API access to AAD user MFA Properties
Would be good to not only retrieve the state of the authentication requirements, but the details around MFA as well: MFA Methods, etc (StrongAuthenticationMethod, StrongAuthenticationRequirement, StrongAuthenticationDetails that was available in PS for AAD V1)
47 votesComing soon! Keep an eye on the changelog (docs.microsoft.com/en-us/graph/changelog) -EY
-
Support isof OData function for MS Graph
I want to get all the users that are members of a group, but currently we only have navigation property to get both groups and users that are members.
This would be fine if the OData IsOf function was supported. Then I could easily filter out the groups. But it is not supported, at least not for this kind of query.Please support IsOf for ALL of MS Graph. It's super important in a lot of cases, since you will often be working with directoryObjects of different types.
3 votesPublic preview date is not yet known. Will update when this becomes clear.
-
Allow programmatic access of BitLocker recovery keys
Currently it is possible (if you have permission) to view BitLocker recovery keys on the "Device" page of the Azure Active Directory portal.
It is also possible to view Device information through the API or through Microsoft Graph, but this does not include the BitLocker recovery information.
A programmatic way to view this data would be incredibly useful for creating a secure backup of the recovery keys.
Another use case, which is what I was hoping to achieve, is to have users in the field encrypt data with their BitLocker key and then send a CD containing the encrypted data…
10 votesWork has started and this should be available in public preview in Q3 2019.
-
consistent retry-after information accross different workloads
Currently OneDrive, Outlook, and AAD Workloads under the Graph send a retry-after header on 429 and/or 503.
However the documentation doesn't say which workloads support it https://developer.microsoft.com/en-us/graph/docs/concepts/throttling and the other workloads don't support it.
It'd make it easier if that was supported across the board to have a single way to handle those kind of issues.
Same remark for the rate-limit headers
related issues: https://stackoverflow.com/questions/47146598/not-receiving-retry-after-headers-from-ms-graph-api
https://github.com/microsoftgraph/msgraph-sdk-javascript/issues/4222 votesWe’ve started documenting and improving throttling mechanisms and patterns.
Currently all the resources listed under “the following resources currently provide a retry after header” as well as any resource listed under the service specific limits return a retry after header. More work is ongoing to improve throttling patterns, document those and improve overall documentation readability.
https://docs.microsoft.com/en-us/graph/throttlingWe’re not planning to bring rate-limit headers back. https://developer.microsoft.com/en-us/office/blogs/throttling-coming-to-outlook-api-and-microsoft-graph/
-
Add support for negation operators in Microsoft Graph for Azure AD resources
It would be useful to be able to support negation operators such as "not" and "ne" when querying the Microsoft Graph.
Sometimes you want all items, except some data. Fetching all data first and using post filtering is not very efficient.
To filter on displayName and id is priority, and userPrincipalName a secondary want.
8 votesHi Mikael, we started working on the ne/NOT operator for $filter.
In the meanwhile, check out other features we recently implemented for identity objects: https://aka.ms/CountFilterMSGraphAAD
-
Need API to get Azure AD tenant type: B2C or not
We manage multiple Azure AD tenants and we need a property to distinguish b2c and non-b2c tenants. Right now we use a workarround - run MS Graph Delta API and analyse if error occurred. b2c doesn't support Delta - so we can understand that it is b2c.
8 votesA new property is being added to the organization resource, called tenantType. This should show up in /beta in Q1 2020.
-
Possibility to enable/disable multi-factor authentication for a user via the Graph API
We would like to be able to set MFA for users from a custom application, by using Graph API or Azure AD SDK.
92 votesWe’re in the process of building APIs for both conditional access policies and authentication method registration. Between the two, you’ll be able to programmatically register your users’ auth methods (sms, voice, etc) and also create and edit conditional access policies to require MFA.
Michael
-
Ability to update the user's email aliases (proxyAddresses attribute).
https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#user-entity shows that we can GET, POST and PATCH the "otherMails" attribute of a user object. otherMails is described as "A list of additional email addresses for the user", which makes it sound like the user's email aliases. However, if you set this attribute, then look at the user in the Office365 Admin Center or Powershell, you see it's actually the "Alternate Email Address" attribute: i.e. the contact address required for admin accounts. In the Graph API the attribute that lists the email aliases is "proxyAddresses" and this is read-only (i.e. only supports GET). It's been explained to me by…
75 votesWork has started on this, but it’s much more complex than it first appears. It’s unlikely to be available before Q2 2020.
-
Allow data such as SAML, 2FA, conditional access in Azure AD through Graph API
I guess the graph API is relatively new with some good features but still lacks certain resources.
Access to data like SAML, 2FA, conditional access corresponding to every App in Azure AD through Graph API would be great.
5 votesConditional access APIs are in preview here: https://docs.microsoft.com/en-us/graph/api/resources/conditionalaccesspolicy?view=graph-rest-beta
MFA APIs are on their way (hopefully in preview in Q1 2020)
Controls for SAML config are also in progress, but I don’t have an ETA yet.
- Don't see your idea?