Microsoft Graph Feature Requests
Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.
If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.
This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.
For more information on Microsoft Graph, please checkout https://graph.microsoft.com.
-
Get available actions for managed device
When retrieving a managed device it would be really helpful to get a list of possible actions to execute.
2 votes -
Add Ethernet Mac Address to Get managedDevice API
Hi, we are currently using https://docs.microsoft.com/en-us/graph/api/intune-devices-manageddevice-get?view=graph-rest-1.0 to extract some info about clients.
We find it rather strange that we are able to get the Wifi Mac Address but not the Ethernet Mac Address via the API.
I know that the ethernet mac address was added at a later point and maybe thats the reason for it not being included in the API in the first place. Are there any plans of adding this?
15 votes -
Add enrolled by user data to managed device
In Azure portal on a managed device detail page it shows two types of users, The "Primary" user and the "Enrolled by" user. I'm trying to figure out how I can retrieve the latter using the Microsoft Graph API. What I've tried so far is pretty much every managed device related API. The ones I mainly use are the https://docs.microsoft.com/en-us/graph/api/intune-devices-manageddevice-list?view=graph-rest-1.0 and https://docs.microsoft.com/en-us/graph/api/intune-devices-manageddevice-get?view=graph-rest-1 I've also looked at pretty much all the beta variants of the related API documentation if and when they are available. My problem is that it seems like there is no way to retrieve this information.
I would…2 votes -
Expose MacOS UDID via API
MacOS devices in Intune have an attribute called UDID which corresponds to the IDs for OneDrive clients. It would be useful to be able to query this via API for use in Sentinel incidents.
3 votes -
Add deviceGeoLocation
Currently, I see deviceGeoLocation under deviceManagement. However, it would be very useful for security to search for the last GeoLocation of a device.
4 votes -
Add/Support new Device attributes
Not sure I like the (Intune) attribute after Devices and Apps. Would like to see device fields for status and environment. Sample data below:
STATUS:
Disposed
Deployed
Decommissioned
Pending Deployment
In-Inventory
Pending Decommission
Loaded in Error
Archived
Received
In Service
Out of ScopeENVIRONMENT:
Production
Development
Test
Sandbox
Pre-Build
UAT
Disaster Recovery
Training
Integration Test
Staging
Standby7 votes -
Remove detectedApps no longer installed on a device
When $expand=detectedApps is included on the /deviceManagement/managedDevices/{managedDeviceId} endpoint, all apps that have ever been installed on the device are returned. It would be great if only currently installed applications were returned to get an accurate representation of the applications on the device.
Example from a device in our environment, I only want to know the current version of the IME, not every version that's ever been installed:
Microsoft Intune Management Extension 1.15.109.0
Microsoft Intune Management Extension 1.24.114.0
Microsoft Intune Management Extension 1.15.102.0
Microsoft Intune Management Extension 1.23.103.0
Microsoft Intune Management Extension 1.22.107.08 votes -
delta query for devices
Any ideas when Microsoft GraphAPI will support delta query on devices? I'm looking of way to detect changes about devices in Azure AD.
8 votes -
Extend open extension / schema extension to managedDevice
I am trying to see how to store additional info into managedDevices that are available inside the Graph API (/deviceManagement/managedDevices/ endpoint). But it seems that it does not work (only a specific set of items including device but not managedDevice ?)
It can be a great way to enhance the existing intune solution and store in a central place mandatory data like warranty information or additional device specification.
Thanks for your work on the graph API by the way !
6 votes -
Add Application Permission support for Microsoft Graph API for Intune
Most or all of the APIs related to Devices and Apps (Intune) only support Delegated Permissions. I see a lot of use-cases where I want to use Application Permissions instead of delegated to simplify and secure my integrations.
23 votes -
Implement expand functionality detectedApps -> managedDevices
Hi,
Could you please implement the expand functionality for managedDevices on the detectedApps?
So we could fetch the link between devices and apps in one statement, like so:
https://graph.microsoft.com/v1.0/deviceManagement/detectedApps?$expand=managedDevices
or only the id
https://graph.microsoft.com/v1.0/deviceManagement/detectedApps?$expand=managedDevices($select=id).The other direction is also a possibility ofcourse:
https://graph.microsoft.com/beta/deviceManagement/managedDevices?$expand=detectedAppsKind regards,
Peter
9 votes -
Support setting deviceManagementName in setDeviceName
Currently setDeviceName only sets the device display name. It'd be nice to also set the deviceManagementName value in the same POST request.
2 votes -
Add User and App Credential (username/App ID and password/certificate) Support for Intune AutoPilot Cmdlets
Make changes to the Graph API to allow Connect-AutoPilotIntune cmdlet of the WindowsAutoPilotIntune module accept secrets (password and/or certificates) as a parameter to facilitate scripting. At the moment it only accepts <user> as a parameter. When such a script is added to say, Task Scheduler, the user account used will have to be logged into the machine for the task to successfully run the PS script.
Examples
Connect-AutoPilotIntune -credential
Connect-AutoPilotIntune -TenantID ... -ApplicationID ... -CertifiacateThumbprint
etc.
2 votes -
Add support for Exchange ActiveSync Device Partnerships to Graph API
Currently to retrieve information about all ActiveSync Device Partnerships from Exchange Online, you need to either use ECP or Exchange Online PowerShell. Both of these ways are VERY SLOW. ECP because it's manual, and PowerShell because you either have to grab a) all mailboxes (get-mailbox) or b) all partnerships (get-mobiledevice), and then loop through the list to look at each partnership (get-mobiledevicestatistics).
It'd be so much quicker if this was available via the Graph API.
13 votes -
Intune List managedDevices for security groups
Hi,
We are building a portal where we need to display devices for security groups. Currently we can only display basic device information using GET /beta/groups/{groupId}/members.
We would like to diplay manageDevice information, a request for this would be very usefull, example:
GET /groups/{groupId}/managedDevices3 votes -
Lookup up devices using SN not working against /deviceManagement/managedDevices/
We would like to use GraphAPI to perform lookups of 'managed devices' using the serial number. For this, we simply follow the https://docs.microsoft.com/en-us/graph/api/intune-devices-manageddevice-get?view=graph-rest-1.0 article (where you say 'This method supports the OData Query Parameters to help customize the response.'), and the $filter parameter, like described at https://docs.microsoft.com/en-us/graph/query-parameters.
Let's say we want to run a query for all devices where SN starts with C02. We noticed that :
-
https://graph.microsoft.com/v1.0/deviceManagement/managedDevices seems to work. -
https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$filter=startswith(serialnumber,'C02') does not work (0 results). -
https://graph.microsoft.com/beta/deviceManagement/managedDevices?$filter=((contains(activationlockbypasscode, 'C02'))) seems to work, and also to fulfill our goal.
In the 2nd URL I provided, you explicitly mention that…
4 votes -
-
targetedManagedAppProtections returning unwanted data
This endpoint:
https://docs.microsoft.com/en-us/graph/api/intune-mam-targetedmanagedappprotection-list?view=graph-rest-1.0In regards to Intune App Protection policies, the URL and the documenation say "Protection", however it's returning App Configuration policies and Windows Information Protection policies.
Can this be corrected ?
1 vote -
Include deleted roleScopeTags when listing them
The reoleScopeTags list operation does not return tags that were deleted on a global level (Microsoft Intune->Roles->Scope (Tags)), but devices may still be tagged with one of the deleted tags. Please make it possible (at least as an option) to return all tags.
By the way: the roleScopeTags behave inconsistently in the portal as well. Example: One of my devices was tagged with 6 tags. I deleted 4 of them in the roleScopeTag overview (Microsoft Intune->Roles->Scope (Tags)). In the device overview it now says: "Scope (Tags)
6 scope tag(s) selected", but when opening the selection it only shows the…1 vote -
Provide Windows OS MUI language packs and Rest APIs for automatic MUI Windows VM deployment
In our real world product, we need to automatically deploy a large number of Windows 10 VMs with MUI support required. However, currently there are no existing programmatic APIs for querying and downloading the language packs (installer ISO), which blocks us from automating the provisioning of the MUI enabled Windows 10 VMs on Azure.
Could you please consider to provide the accompanying version of the language packs and the downloadable iso file for the Microsoft published Windows OS images in some Azure rest APIs?
I believe this should benefit a lot of developers to make the provisioning MUI enabled Windows…4 votes -
Allow contains() on the /devices endpoint
We need to be able to search a list of devices by name using a contains() filter.
e.g.:
/devices?$filter=contains('DESKTOP',displayName)5 votes
- Don't see your idea?