Reputation: 118
I need to get the group membership of the device in AAD.
It is possible to get the groups, select one, get members and find a device there in one call
https://graph.microsoft.com/v1.0/groups/xxx/members/yyy
I can get to the same device as by calling
https://graph.microsoft.com/v1.0/me/registeredDevices/yyy
But I haven’t found anything for a reversed approach for the device. It is simple to find the group membership of a user
https://graph.microsoft.com/v1.0/me/memberOf
but this apparently doesn’t seem to be possible for the device. Neither in v1.0, nor in beta.
Am I missing something? Thanks!
Upvotes: 1
Views: 1280
Reputation: 5828
If I understand, you are looking for something that will tell you what groups a device is a member of like:
GET https://graph.microsoft.com/v1.0/devices/memberOf
We don't have anything like that today.
However we do have an alternative, that might work for you, and it provides transitive closure too (which memberOf does not). See: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/directoryobject_getmembergroups
POST https://graph.microsoft.com/v1.0/devices/{deviceId}/getMemberGroups
{
"securityEnabledOnly":false
}
The response will contain a list of group ids for which the device is a member. To get the group details, you will have to make another call. You could use the getByIds
action for this - see https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/directoryobject_getbyids. If you want to do this in one call, you could take a look at using batching: https://developer.microsoft.com/en-us/graph/docs/concepts/json_batching.
Hope this helps,
Upvotes: 1