Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have anidea or feature suggestion based on your experience with Microsoft Graph?Please share these with us by submitting your idea below or voting up ideassubmitted by other users. This forum will be directly monitored by theMicrosoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, pleasechoose the corresponding category. Please submit any broad ideas related toMicrosoft Graph or ideas across more than one service to the “General”category.

This site is only for feature suggestions and ideas! If youneed technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on the Microsoft Graph, please checkout https://graph.microsoft.com .


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Driveitem-createlink Beta Go-Live Date

    As part of our 0 paper strategy, we used SharePoint and Azure services using Api Graph for exchanges with our customers. We would like to share the documents for a few hours limited lifetime and allows Clients to view, print and save documents.
    The driveitem-createlink function available in Beta version https://docs.microsoft.com/en-us/graph/api/driveitem-createlink?view=graph-rest-beta corresponds to our need.
    We would like this evolution to be included in a future validated version of the API.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Files (OneDrive)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Include Recipient Type Detail when retrieving users

    Currently we can use /1.0/users/ to retrieve all the users in an organization through Graph API. However there is no way to distinguish the recipient type of all users.

    Please include the recipient type detail of users just like what we can get through PowerShell cmdlet "Get-User".

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  3. Governance capabilities for Groups / Teams Management

    Groups endpoints should include governance capabilities like:
    naming policy
    blocked words
    expiration policy
    soft delete / restore
    Guest access
    ….

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    All of these are GA in Microsoft Graph.
    Naming policy, blocked words and guest access are part of the groupSetting configuration – see https://docs.microsoft.com/en-us/graph/api/resources/groupsetting?view=graph-rest-1.0.

    Delete and restore are also available (but currently for Office 365 groups only) – see https://docs.microsoft.com/en-us/graph/api/resources/directory?view=graph-rest-1.0. This includes an API to allow a regular user to find all the deleted items they own (so that they could also restore).

    Finally group lifecycle and expiration policy is available here: https://docs.microsoft.com/en-us/graph/api/resources/grouplifecyclepolicy?view=graph-rest-1.0

    Please let us know if any of these do not meet your needs.

  4. Add Group members & owners delta link

    Hi,
    The delta link is actually available for Users and Groups, but not for group members and group owners.
    It's not unusual for a tenant to have groups with tons of members each, so, a delta link to get only changes (members added, changed or removed), would be massively useful.
    The "DeltaMembers" property available from groups, by using the delta, it's not useful for this matter because it' s only populating the ID property and, also, you are not able to see if that ID is related to an owner or a member.
    Looking forward to see the feature available…

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    The ability to track changes to group memberships is already there. If you would like to see specific functionality for group owners, can you please open a new feature request so others can vote/comment on that specifically?

    Here are some sample requests for tracking membership changes only:

    All groups:
    GET https://graph.microsoft.com/v1.0/groups/delta?$select=id&$expand=members

    A specific group:
    GET https://graph.microsoft.com/v1.0/groups/delta?$filter=id eq ‘groupId’&$select=id&$expand=members

  5. Support webhook for Microsoft Teams using Graph API

    Customer want O365 Teams to support webhook so it can push events to 3rd party security vendors to perform real-time inspection on the email conversation in private Teams

    O365 Teams Graph API doesn’t support webhook for email conversation, so users are not confident to communicate via Teams as it lacks the protection of TM-CAS supplementary security.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Teamwork (Teams)  ·  Flag idea as inappropriate…  ·  Admin →
  6. API to get ownerOf groups

    I was trying to get groups where an user is ownerOf. Now I have first get all groups and since group info doesn't include caller role(member/owner), I need to call member API for each of those groups so that I can filter out ownerOf groups.

    I need to do similarly large no. of calls to get group member count, since i don't see group member count in group meta data returned by memberOf.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    There’s an API to get the list of objects owned by a user. Please see https://docs.microsoft.com/en-us/graph/api/user-list-ownedobjects?view=graph-rest-1.0&tabs=http
    Also there’s a suggestion tracked for member count – see https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/32706631-support-count-for-group-members-and-owners. This should be available in public preview in Q1 2020.

  7. Dynamic Admin Consent

    Currently the Admin consent flow is bound to the permissions that are statically pre-defined in the Azure App registration. This causes some challenges for App developers, for instance:
    • If we would start to highlight education data for education tenants, then we need to add an Education.Read permission (or something similar) to this registration. This will not be applicable to non-education tenants, but admins of those tenants would still need to grant our App permission to it, which doesn’t make sense.
    • Certain features in our App can be deactivated on a tenant-basis, such as access to OneDrive. An Admin…

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    Sorry for both the delayed response, and the lack of information on the fact that this work was in development. This capability is now generally available through a new admin consent endpoint.

    We’ve created a new admin consent endpoint to support dynamic consent, which is helpful for apps that want to use the dynamic consent model on the Microsoft Identity platform.

    For more information about how to use this new endpoint, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-admin-consent.

    Hope this helps,

  8. Add support for Delta Sync from “now”

    With all the delta queries you need to loop through pages and pages of @odata.nextlink until you get to the last page with the @odata.deltaLink. I'm not interested in the all the changes that have happened, I want all the changes that will happen from now on. (To get this token, my script looped through the pages for about an hour...)

    The Azure AD Graph API had support for this, according to the documentation: https://msdn.microsoft.com/en-us/library/azure/ad/graph/howto/azure-ad-graph-api-differential-query#AdditionalDifferentialQueryFeatures
    It used a specific header value to request just the deltaLink. I would like this to be available in the Microsoft Graph as well.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Sorry for the late response here, and that we didn’t notify when this was available earlier.

    This capability IS available in Microsoft Graph Delta Query. Please see https://docs.microsoft.com/en-us/graph/delta-query-overview?toc=.%2Fref%2Ftoc.json&view=graph-rest-1.0

    Append $deltaToken=latest to the delta function and the response will contain a deltaLink and no resource data. This is only supported for directory objects like user and group.

    Hope this helps,

  9. Better Documentation on SDK Replacement

    I've seen several pages, including the following announcement, that show the SDK will be shut off in November 2018, roughly 3 months out. I understand it is to be replaced with the Azure 2FA Server Web Service API. However, neither Microsoft Support (via devchat) or I can find developer documentation on the new API. Where is it? It would have been very helpful to include that information in the deprecation notices. Here is an example.
    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-sdk

    We must be missing something, because I cannot believe MS would deprecate the SDK without providing documentation of a replacement.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Product  ·  1 comment  ·  SDKs and Tooling  ·  Flag idea as inappropriate…  ·  Admin →
  10. Getting the attribute OnPremisesDistinguishedName via MicrosoftGraphAPI

    Itz unfortunate that MicrosoftGraphAPI doesnt expose the attribute OnPremisesDistinguishedName even with their beta end point. When Microsoft reiterates to switch over to GraphAPI from the AADGraphAPI am forced to provide an implementation to use the AADGraphAPI just to get the value of this attribute onPremisesDistinguishedName as this attribute is business critical for me. It is quite interesting that there are a set of other onPremisesXXXX attributes like onPremisesDomainName,onPremisesExtensionAttributes,onPremisesImmutableId onPremisesLastSyncDateTime,onPremisesProvisioningErrors,onPremisesSamAccountName ,onPremisesSecurityIdentifier,onPremisesSyncEnabled,onPremisesUserPrincipalName which is already exposed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  11. Get license assignment paths like GroupsAssigningLicense property in PowerShell

    Allow retrieval of license assignment paths (shown in the Licenses blade of the Microsoft Azure Portal) like the GroupsAssigningLicense property does on license objects in PowerShell. Need to be able to determine if user's license is coming from a group licensing assignment ("inherited") or direct. Then must remove the direct licenses which have a corresponding inherited license. There's a good write-up on how to do this from PowerShell (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-licensing-ps-examples#remove-direct-licenses-for-users-with-group-licenses), but the critical piece (the GroupsAssigningLicense property) is missing from MS Graph.

    With the introduction of group licensing, this feature would allow our self-service licensing app to prevent sending…

    25 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    Sorry we missed marking this when it was in preview. This feature is now GA.

    NOTE: this only allows reading of group based licensing and state. It does not allow assigning of group based licenses. An API for this is in progress.

    This read only information exists across both groups and users. For groups you can query all groups to find the groups with licensing errors (using a filter on “hasMembersWithLicenceErrors” – see second example request https://docs.microsoft.com/en-us/graph/api/group-list?view=graph-rest-1.0&tabs=cs) . For each of those groups you can then find the members (users) that are in error using the “membersWithLicenseErrors” navigation property on a group, and get those user’s associated “licenseAssignmentStates” (see https://docs.microsoft.com/en-us/graph/api/resources/licenseassignmentstate?view=graph-rest-1.0).

    So:
    Step 1 (find all groups with licensing errors): GET ../v1.0/groups?$filter=hasMembersWithLicenseErrors+eq+true&$select=id,displayName
    Step 2 (for each group id with licensing errors, find the member users in error and their state): GET ../v1.0/groups/{id}/membersWithLicenseErrors?$select=id,displayName,licenseAssignmentStates

    Happy coding.

  12. User companyName property should be writable

    Currently, the User object has a read-only companyName property. This is particularly problematic for cloud only AD tenants.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  13. memberOf

    GraphExplorer is nice tool - why not give a way for ordinary non-admin end user ability to see which sharepoint they are member of?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sites and Lists (SharePoint)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Create a mail enabled security group with graph api

    At this moment it's not possible to create a mail enabled security group using the graph API

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →
  15. Expose user last password changed date

    Please add the capability to retrieve the date a user change the last password using the Graph API.

    108 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  16. Access to OtherMails Property

    REALLY need a means to enter an email for a user other than their Exchange account. In the AAD Graph we used OtherMails. In the Portal we can use the Alternate Authentication Email. Both of these are hacks. It would be nice to simply have "ExternalEmail" or at least OtherEmails back.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  17. Provide Exchange Room or Equipment information

    Please provide us with the information regarding room and/or equipment mailboxes that are available in Exchange. Including the resource properties so you can execute queries to retrieve that information.

    42 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Product  ·  7 comments  ·  Calendar (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support for OData "select" operation on "members@delta" property on Graph API Delta queries

    Currently, when there are characters that are not URL friendly in the OData select statement, it doesn't work. Even when encoding that character.

    For example, the following query would return an error
    https://graph.microsoft.com/v1.0/groups/delta?$select=members@delta

    -> "Term 'members@delta' is not valid in a $select or $expand expression."

    "members@delta" is a JSON property of the Graph API Delta endpoint.

    Thank you.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support for optimisation headers in delta query

    Support for following headers (or equivalent) in delta query (https://graph.microsoft.com/v1.0/users/delta)

                  ocp-aad-dq-include-only-delta-token 
    
    ocp-aad-dq-include-only-changed-properties

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support for query deleted users (recycle bin) from Azure AD Graph API

    Support for query deleted users (recycle bin) from Azure AD graph api, today GET user on AzureAD graph only return user who is not in recycle bin.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base