Reputation: 4960
Get Organization ID or domain from Azure AD Graph
We're developing a multi-tenant SSO integration with Office 365 using the new OpenID implementation.
Once the access token has been retrieved, we call https://graph.windows.net/me?api-version=1.21-preview to get the user's profile information which gives something like the below - great.
{
"odata.metadata": "https:\/\/graph.windows.net\/myorganization\/$metadata#directoryObjects\/Microsoft.WindowsAzure.ActiveDirectory.User\/@Element",
"odata.type": "Microsoft.WindowsAzure.ActiveDirectory.User",
"objectType": "User",
"objectId": "GUID",
"accountEnabled": true,
"assignedLicenses": [
],
"assignedPlans": [
],
"city": null,
"country": null,
"department": null,
"dirSyncEnabled": null,
"displayName": "Tester A",
"facsimileTelephoneNumber": null,
"givenName": "Test",
"immutableId": null,
"jobTitle": null,
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "tester-a",
"mobile": null,
"otherMails": [
],
"passwordPolicies": "None",
"passwordProfile": null,
"physicalDeliveryOfficeName": null,
"postalCode": null,
"preferredLanguage": null,
"provisionedPlans": [
],
"provisioningErrors": [
],
"proxyAddresses": [
],
"state": null,
"streetAddress": null,
"surname": "A",
"telephoneNumber": null,
"usageLocation": null,
"userPrincipalName": "[email protected]",
"userType": "Member"
}
However, it doesn't seem to return any identifier or specific domain for the organization - other than the domain contained in the userPrincipalName field. Is there a better way to identify the organization (considering the organization may update test.onmicrosoft.com to a custom domain of test.microsoft.com)?
Upvotes: 0
Views: 5095
Answers (1)
Reputation: 4004
Indeed. Use the tenantDetails API (https://graph.windows.net/{tenantDomain}/tenantDetails?api-version={version}), to get the display name of the directory and all verified domains associated with it. Documented here: http://msdn.microsoft.com/en-us/library/azure/hh974467.aspx.
Below is the trimmed output for my tenant.
Hope this helps.
{
"odata.metadata": "https://graph.windows.net/dushyantgill.com/$metadata#directoryObjects/Microsoft.WindowsAzure.ActiveDirectory.TenantDetail",
"value": [
{
"odata.type": "Microsoft.WindowsAzure.ActiveDirectory.TenantDetail",
"objectType": "Company",
"objectId": "62e173e9-301e-423e-bcd4-29121ec1aa24",
"assignedPlans": [
{
"assignedTimestamp": "2013-09-17T01:01:58Z",
"capabilityStatus": "Enabled",
"service": "SharePoint",
"servicePlanId": "a1f3d0a8-84c0-4ae0-bae4-685917b8ab48"
} [SNIP]
],
"city": "Redmond",
"companyLastDirSyncTime": "2014-04-20T17:42:58Z",
"country": null,
"countryLetterCode": "US",
"dirSyncEnabled": true,
"displayName": "dushyantgill",
"marketingNotificationEmails": [],
"postalCode": "98052",
"preferredLanguage": "en",
"provisionedPlans": [
{
"capabilityStatus": "Enabled",
"provisioningStatus": "Success",
"service": "exchange"
}[SNIP]
],
"provisioningErrors": [],
"state": "WA",
"street": "[SNIP]",
"technicalNotificationMails": [
"[SNIP]"
],
"telephoneNumber": null,
"tenantType": null,
"verifiedDomains": [
{
"capabilities": "Email, OfficeCommunicationsOnline",
"default": false,
"id": "0005000080186A52",
"initial": false,
"name": "dushyantgill.mail.onmicrosoft.com",
"type": "Managed"
},
{
"capabilities": "Email, OfficeCommunicationsOnline",
"default": false,
"id": "00057FFE803C0EDA",
"initial": false,
"name": "dushyantgill.org",
"type": "Federated"
},
{
"capabilities": "Email, OfficeCommunicationsOnline",
"default": true,
"id": "00053FFF80232F54",
"initial": false,
"name": "dushyantgill.com",
"type": "Managed"
}[SNIP]
]
}
]
}
Upvotes: 1
Related Questions
- Get domain\username from microsoft graph
- How to get Azure tenant name from graph.microsoft.com?
- How to get the organization (tenant) id from user profile using the Microsoft Graph API
- Microsoft Graph - Azure AD Information
- Azure AD: Fetch Tenant ID using Client Details
- Get Azure AD custom domain list using graph api
- How to get Organization name from Azure openid?
- Microsoft Graph API: get user organization
- Unable to get user company information on microsoft graph API
- Azure AD - Retrieve a On-Prem AD Group Common Name