Microsoft Graph Feature Requests

Welcome to the Microsoft Graph UserVoice! Do you have an idea or feature suggestion based on your experience with Microsoft Graph? Please share these with us by submitting your idea below or voting up ideas submitted by other users. This forum will be directly monitored by the Microsoft Graph engineering teams who are working on new features every day.

If you have feedback on a specific API service, please choose the corresponding category. Please submit any broad ideas related to Microsoft Graph or ideas across more than one service to the “General” category.

This site is only for feature suggestions and ideas! If you need technical help, please go to the Microsoft Graph StackOverflow or if you have a Premier support contract raise a support ticket.

For more information on Microsoft Graph, please checkout https://graph.microsoft.com.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Worst documentation I have ever seen

    Used google picker and dropbox picker. Documentation provided was perfect. Each step followed and more importantly it worked. Should add an option to leave a comment/question on each topic provided.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  2. AzureADandPersonalMicrosoftAccount will not save in the Manifest

    I would like to allow multi-tenant access to my application for both organisation and private emails.

    I see that this is not currently recommended as seen in the text below in the Azure portal in the Authentication tab:
    "
    Due to temporary differences in supported functionality, we don't recommend enabling personal Microsoft accounts for an existing registration. If you need to enable personal accounts, you can do so using the manifest editor."

    But would still like to do so.
    However, when I try to updage

    "signInAudience": "AzureADandPersonalMicrosoftAccount"
    

    in the Manifest I get an error stating that the value is invalid.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide a way to identify permission object for group owners vs group members

    Currently listing all permission on a driveitem https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/driveitemlistpermissions returns a collection of Permission https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/resources/permission.

    where three default users are owners, members and visitors. It is very difficult to identify which user is member or owner as these are presented as displayName only and it is translated name in tenants localization setting,

    We need a canonical way to identify permission object's grantee whether grantee is owner or member

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →

    Please provide more info on whether the ideal use case is to identify permissions for the entire Group or if they are specifically focused on the Drive/Folders. What is the use case? ^JT

  4. Exchange Online Admin API Support

    There is an adequate amount of client side Rest APIs for outlook, but nothing truly available on the admin side. Allowing API calls to create Online Rules and Connectors for example would (hopefully) be less error prone than manually invoking Powershell sessions, especially if rules and connectors need to be created en masse.

    165 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add Deleted By to Delta Query Indicating Compliance or Retention Delete

    It would be great to know what process deleted an item in the Delta Query. This way we can tell the difference between a Compliance/Retention delete and a user deletion action. That way third party apps can take action on items deleted by policy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  6. Atlassian Jira/Confluence user creation and authorization

    https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/ms-confluence-jira-plugin-adminguide

    The Jira and Confluence add-on currently only supports SSO authorization. I would like it to also support authorization and user account creation on first sign-in. This way it would be a full SAML implementation.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Calendar (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  8. There is no(latest) REST API to collect Azure AD application details

    For Azure active directory user related details we are able to collect using API through https://graphexplorer.azurewebsites.net, but for application created in azure Active Directory, don't have an API.

    Requesting MS team to either we need incorporate into Azure AD Graph API or release separate API and allow to get all the properties about the APP.

    Azure Active Directory application: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. MSGraph API - Granular Field Level Control for 3rd Parties who Federate

    There is a lot of development in Azure to manage 3rd party applications, (enterprise applications), Cloudapp Security, Conditionals, IP, etc...

    From a SECURITY perspective though, they do not do the Job. All off these components offer an access or no access condition ONLY. They do not offer control of WHAT is being accessed.

    For example, either grant access to the mailbox or dont grant access to the mailbox and exactly what access is being granted is up to the 3rd party.

    For example, as administrators we maybe able to control whether the 3rd party app can access the tenant or…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enable $filter on group visibility

    At the moment it is not possible to get a list of groups that user can access. Getting the full list of groups (including private) is quite useless.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Backlog  ·  0 comments  ·  Groups  ·  Flag idea as inappropriate…  ·  Admin →
  11. getActivitiesByInterval route not working with Client Credentials

    When I try to query the getActivitiesByInterval route (for a SharePoint site) I am receiving an HTTP 500. My token (retrieved with Client Credentials) works fine for other routes but not for this one even if I have the correct rights. If I use a token with delegated permissions it works fine.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sites and Lists (SharePoint)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Fix this and

    When feteching the details of organization using api /organization. It shows Sharepoint is deleted but we have subscribed to sharepoint and able to access it properly .Is there any other way to access the same Please reply.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sites and Lists (SharePoint)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Application permission for Add/Remove directory role member

    We are trying to implement an account synchronization between our application and Azure AD. As this synchronization does not run on behalf of a user on Azure AD, we use the client credentials grant with corresponding application permissions. We are able to create users, read directory roles, activate directory roles, but there's no application permission for adding or removing a directory role member, hence we get 'Insufficient privileges to complete the operation.' when we try to do so.

    Please add support for adding and removing directory role members via an application permission.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Outlook.com - Support to update email signature via API

    I work in Bybrand (email signature management tool), and would like to see the option to update the email signature, for example, from Outlook.com via REST API. How Google does with Gmail and G Suite
    Support to update email signature via API

    16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Including folder Id info in resourceData property for Outlook resources when do messages subscription in Graph API method

    When the user receives an email, Microsoft Graph sends a notification like the following:
    {
    "value": [

    {
    
    "subscriptionId":"<subscription_guid>",
    "subscriptionExpirationDateTime":"2016-03-19T22:11:09.952Z",
    "clientState":"secretClientValue",
    "changeType":"created",
    "resource":"users/{user_guid}@<tenant_guid>/messages/{long_id_string}",
    "resourceData":
    {
    "@odata.type":"#Microsoft.Graph.Message",
    "@odata.id":"Users/{user_guid}@<tenant_guid>/Messages/{long_id_string}",
    "@odata.etag":"W/\"CQAAABYAAADkrWGo7bouTKlsgTZMr9KwAAAUWRHf\"",
    "id":"<long_id_string>"
    }
    }

    ]
    }

    If the returned result contains information about the folder id, it will be helpful to filter out unwanted information in some specific folders.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Backlog  ·  1 comment  ·  Mail (Outlook)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Extensions Permission

    This affects all resources that support extensions but let’s take the User resource as an example:

    Extending the User resource currently requires an entire User Profile read/write consent (User.ReadWrite).
    We only want to read and write additional data that we provide to the User resource and not modify the entire resource. Users might be hesitant about consenting to Apps that could potentially corrupt their entire user profile.

    35 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add support for wWWHomepage

    Microsoft Graph cant return the wWWHomePage property that people know from regular AD. We need to access this field in a business case and cant do so, because of the current limitations.

    Please add support for wWWHomePage on the User object!

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Users  ·  Flag idea as inappropriate…  ·  Admin →
  18. Expand the Graph Open Extension limitations

    I'm attempting to use the Graph Extensions for my user data and keep running into limits put in place that I feel are too small. I either hit the 2KB limit per extension, or when I try to break it apart into logical extensions, I hit the error: "Maximum number of extensions values supported per application is 2"

    I can provide our business case if needed.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. Change Sites.Read.All Permission Display String

    Access to SharePoint data in the Graph currently requires consent to read or write to the entire SharePoint Instance. This is presented to the user as: ‘Read items in all site collections’.
    Our prospects are hesitant to grant this permission as it appears like we can read all their data in SharePoint, regardless of access control settings in SharePoint.

    We suggest to change the display string from ‘Read items in all site collections’ to something like ‘Read all site collection items that user can access’.
    It makes it clearer at a glance that it’s limitied to user read rights and…

    34 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sites and Lists (SharePoint)  ·  Flag idea as inappropriate…  ·  Admin →

    This work is on the backlog but currently isn’t scheduled. We will update the feature here once dev work has started. -EY

  20. SCIM defects - ResourceTypes endpoint is not being requested by Azure

    Problem: Azure User Provisioning does not use the /ResourceTypes endpoint to discover the correct /Users endpoint in my SCIM implementation



    • Please refer to Page 74 of the SCIM specification, RFC7644, Section 4, which states:

      /ResourceTypes
      An HTTP GET to this endpoint is used to discover the types of
      resources available on a SCIM service provider (e.g., Users and
      Groups). Each resource type defines the endpoints, the core
      schema URI that defines the resource, and any supported schema
      extensions. The attributes defining a resource type can be found
      in Section 6 of [RFC7643], and an example representation can be
      found in…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity and Access  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base