Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Update Event needs the option to send only to added or deleted attendees

    Update Event should include a Boolean to enable an option to 'send notifications to added or deleted attendees only' that will stop notifications going out to all meeting attendees when the only property that has been modified is attendees. This is causing an issue where people are getting dozens of unnecessary notifications when a meeting owner adds or removes attendees using the API or via a connector (ex. Flow).

    30 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Product  ·  2 comments  ·  Calendar (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add SignIn Logs to Graph API v1.0

    Add SignIn logs to Graph Rest API v1.0 -

    "APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported."

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add getServicePrincipalsByAppIds

    graph.windows.net provides an endpoint to retrieve a service principal using the App Id property: "https://graph.windows.net/myorganization/getServicePrincipalsByAppIds?api-version=2.0"

    Microsoft Graph requires us to use the list endpoint with a displayName filter. It would be beneficial to retrieve a service principal using the appId.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Guidance - Delta Token Lifetime

    The Microsoft Graph documentation offers no guidance on delta token lifetimes (or even suggestion that they expire). This is important documentation for partners building production software against the Microsoft Graph.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow signed in user to read AD group memberships with minimal delegated permissions

    Applications that implement group based authorization require the ability to query the group identifiers of the signed in user via minimal delegated permissions. The group based authorization is a common scenario for (multi-tenant) SaaS applications. Oftentimes it's difficult or impossible to get permissions from a customer that can expose a broad set of information. Even if one was able to get the permissions, the implementation would still be sub-optimal and cause unnecessary security risks.

    The current version of user: getMemberGroups function doesn't satisfy the need because it requires broad and even application level permissions.
    https://docs.microsoft.com/en-us/graph/api/user-getmembergroups?view=graph-rest-1.0&tabs=cs

    Please note that the above…

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    A recent change was made (for some other reasons) that now allows this information to be read with minimal permissions (like User.Read).

    Please see this blog post for information: https://developer.microsoft.com/en-us/graph/blogs/upcoming-api-changes-to-return-limited-information-for-inaccessible-member-resources/

    Also see the information in the permissions section of some API topics, like https://docs.microsoft.com/en-us/graph/api/user-list-memberof?view=graph-rest-1.0&tabs=http

    Hope this helps

  6. Driveitem-createlink Beta Go-Live Date

    As part of our 0 paper strategy, we used SharePoint and Azure services using Api Graph for exchanges with our customers. We would like to share the documents for a few hours limited lifetime and allows Clients to view, print and save documents.
    The driveitem-createlink function available in Beta version https://docs.microsoft.com/en-us/graph/api/driveitem-createlink?view=graph-rest-beta corresponds to our need.
    We would like this evolution to be included in a future validated version of the API.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Files (OneDrive)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Include Recipient Type Detail when retrieving users

    Currently we can use /1.0/users/ to retrieve all the users in an organization through Graph API. However there is no way to distinguish the recipient type of all users.

    Please include the recipient type detail of users just like what we can get through PowerShell cmdlet "Get-User".

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  8. Group Members@delta properties enrichment

    Hi,

    This request is related to https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/36578248-add-group-members-owners-delta-link, unfortunately it has been closed with no resolution.

    The first option you suggested on that request:
    https://graph.microsoft.com/v1.0/groups/delta?$select=id&$expand=members

    includes the members array, exposing for each member ONLY the id, so, we don't know if every single member is an owner, a member, not even his userPrincipalName or displayName.
    This way we are REQUIRED to get members by invoking an api for each single group, this way the delta link power is completely useless.

    The sample response is:
    "id": "1e770bc2-3c5f-487f-871f-16fbdf1c8ed8",
    "members@delta": [
    {

    "@odata.type": "#microsoft.graph.user",
    
    "id": "8b209ac8-08ff-4ef1-896d-3b9fde0bbf04"

    }

    The second option you suggested:
    https://graph.microsoft.com/v1.0/groups/delta?$select=id&$expand=members

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    As we reflected more on the feasibility of this request it appears it bundles 3 different asks:
    - the ability to track membership and ownership changes: this is already possible via https://graph.microsoft.com/v1.0/groups/delta?$select=members,owners (note I’m using select and not expand here)
    - the ability to select properties to be tracked for changes on groups: this is already possible via https://graph.microsoft.com/v1.0/groups/delta?$select=id,mail
    - the ability to get additional properties on the related members/owners: we are not going to implement this as technical limitations prevent us from delivering it in a way that would provide a good experience. You can workaround this limitation by querying the /users endpoint.

    Additionally combining #1 and #2 you can do the following https://graph.microsoft.com/v1.0/groups/delta?$select=id,mail,owners,members

    Lastly we identified a section in the documentation that contained an mistake, this is being addressed in a pull request https://github.com/microsoftgraph/microsoft-graph-docs/pull/6985

  9. Governance capabilities for Groups / Teams Management

    Groups endpoints should include governance capabilities like:
    naming policy
    blocked words
    expiration policy
    soft delete / restore
    Guest access
    ….

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    All of these are GA in Microsoft Graph.
    Naming policy, blocked words and guest access are part of the groupSetting configuration – see https://docs.microsoft.com/en-us/graph/api/resources/groupsetting?view=graph-rest-1.0.

    Delete and restore are also available (but currently for Office 365 groups only) – see https://docs.microsoft.com/en-us/graph/api/resources/directory?view=graph-rest-1.0. This includes an API to allow a regular user to find all the deleted items they own (so that they could also restore).

    Finally group lifecycle and expiration policy is available here: https://docs.microsoft.com/en-us/graph/api/resources/grouplifecyclepolicy?view=graph-rest-1.0

    Please let us know if any of these do not meet your needs.

  10. Add Group members & owners delta link

    Hi,
    The delta link is actually available for Users and Groups, but not for group members and group owners.
    It's not unusual for a tenant to have groups with tons of members each, so, a delta link to get only changes (members added, changed or removed), would be massively useful.
    The "DeltaMembers" property available from groups, by using the delta, it's not useful for this matter because it' s only populating the ID property and, also, you are not able to see if that ID is related to an owner or a member.
    Looking forward to see the feature available…

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →
    In Product  ·  Peter Ciszewski responded

    The ability to track changes to group memberships is already there. If you would like to see specific functionality for group owners, can you please open a new feature request so others can vote/comment on that specifically?

    Here are some sample requests for tracking membership changes only:

    All groups:
    GET https://graph.microsoft.com/v1.0/groups/delta?$select=id&$expand=members

    A specific group:
    GET https://graph.microsoft.com/v1.0/groups/delta?$filter=id eq ‘groupId’&$select=id&$expand=members

  11. Allow creation of Teams/Groups without Group.ReadWrite.All

    Lots of partners, ISVs and end-user orgs create provisioning solutions which create Teams and Groups with additional governance/templating/features, but such solutions currently require the Group.ReadWrite.All permission - which is hugely problematic. This is a manifestation of the need for more granular permission scope types (e.g. see https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/37796059-restrict-permissions-to-app-only-azure-ad-applicat), but is a particularly important use case and isn't quite the same thing as the need to access only specified resources.

    To expand, it does not appear to be dealt with by Resource-Specific Consent - after all, I just want permissions to create a new Team/Group, rather than permissions to an…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add Graph SDK tutorial for Java

    There is no Graph SDK Tutorial for Java yet

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  SDKs and Tooling  ·  Flag idea as inappropriate…  ·  Admin →
  14. Create Microsoft Graph Subscriptions for a shared calendar with delegated user permissions

    The MS Graph documentation for subscriptions (webhooks) implies that it is possible to create a subscription on a shared calendar with delegated user permissions (not app-only). Currently, this works only with app-only permissions.

    I would very much appreciate to create subscriptions to shared calendars also with delegated user permissions.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Calendar (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for the suggestion.
    It seems what you are requesting is already in product (or was added since you asked for it)
    For calendar that belong to other users and have been shared with current user by another user.
    The required permission (delegated) is Calendars.ReadWrite and the resource is `me/calendars//events`
    For group calendars the required permission is Group.ReadWrite.All and the resource is `groups//calendar/events`.
    Feel free to comment this item if I missed something/didn’t understand the request properly.

  15. Mail.ReadBasic.All permission scope

    The ability to access a users mailbox as an application (app-only) without access to the message body or attachments.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Create code samples and guidance for ASP.NET Core MVC and Graph

    There are examples for ASP.NET MVC, but not using Core. Please create samples and more guidance for ASP.NET Core MVC (preferably using VS Code). I find it difficult to get started with Graph because none of the existing samples and guidance fit what I use.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support Azure AD B2C local account

    There is currently no easy way to manage Azure AD B2C local account from a .Net Core app.

    Currently the only way to manage B2C local account is with Azure AD Graph API through Microsoft.Azure.ActiveDirectory.GraphClient nuget. But since those projects are deprecated and only maintained for critical issues, they will not be ported to .Net Core.

    If you have an ASP.Net Core WebApp or WebApi you need to use the Microsoft Graph .NET Client Library which support .Net Standard 1.1. But as Microsoft Graph API does not support local account, it is useless if your tenant is an Azure AD…

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    This is now in Microsoft Graph beta. Please see the identities property of the user resource https://docs.microsoft.com/graph/api/resources/user?view=graph-rest-v1.0 and the objectIdentity resource type: https://docs.microsoft.com/graph/api/resources/objectidentity?view=graph-rest-v1.0. You can see an example of creating a user with the identities property here (second example): https://docs.microsoft.com/graph/api/user-post-users?view=graph-rest-v1.0&tabs=http

  18. Support webhook for Microsoft Teams using Graph API

    Customer want O365 Teams to support webhook so it can push events to 3rd party security vendors to perform real-time inspection on the email conversation in private Teams

    O365 Teams Graph API doesn’t support webhook for email conversation, so users are not confident to communicate via Teams as it lacks the protection of TM-CAS supplementary security.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Teamwork (Teams)  ·  Flag idea as inappropriate…  ·  Admin →
  19. API to get ownerOf groups

    I was trying to get groups where an user is ownerOf. Now I have first get all groups and since group info doesn't include caller role(member/owner), I need to call member API for each of those groups so that I can filter out ownerOf groups.

    I need to do similarly large no. of calls to get group member count, since i don't see group member count in group meta data returned by memberOf.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →

    There’s an API to get the list of objects owned by a user. Please see https://docs.microsoft.com/en-us/graph/api/user-list-ownedobjects?view=graph-rest-1.0&tabs=http
    Also there’s a suggestion tracked for member count – see https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/32706631-support-count-for-group-members-and-owners. This should be available in public preview in Q1 2020.

  20. Dynamic Admin Consent

    Currently the Admin consent flow is bound to the permissions that are statically pre-defined in the Azure App registration. This causes some challenges for App developers, for instance:
    • If we would start to highlight education data for education tenants, then we need to add an Education.Read permission (or something similar) to this registration. This will not be applicable to non-education tenants, but admins of those tenants would still need to grant our App permission to it, which doesn’t make sense.
    • Certain features in our App can be deactivated on a tenant-basis, such as access to OneDrive. An Admin…

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →

    Sorry for both the delayed response, and the lack of information on the fact that this work was in development. This capability is now generally available through a new admin consent endpoint.

    We’ve created a new admin consent endpoint to support dynamic consent, which is helpful for apps that want to use the dynamic consent model on the Microsoft Identity platform.

    For more information about how to use this new endpoint, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-admin-consent.

    Hope this helps,

← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base