dak
dak

Reputation: 118

Get the groups of the device in Graph

I need to get the group membership of the device in AAD.

It is possible to get the groups, select one, get members and find a device there in one call

https://graph.microsoft.com/v1.0/groups/xxx/members/yyy

I can get to the same device as by calling

https://graph.microsoft.com/v1.0/me/registeredDevices/yyy

But I haven’t found anything for a reversed approach for the device. It is simple to find the group membership of a user

https://graph.microsoft.com/v1.0/me/memberOf

but this apparently doesn’t seem to be possible for the device. Neither in v1.0, nor in beta.

Am I missing something? Thanks!

Upvotes: 1

Views: 1280

Answers (1)

Dan Kershaw - MSFT
Dan Kershaw - MSFT

Reputation: 5828

If I understand, you are looking for something that will tell you what groups a device is a member of like:

GET https://graph.microsoft.com/v1.0/devices/memberOf

We don't have anything like that today.

However we do have an alternative, that might work for you, and it provides transitive closure too (which memberOf does not). See: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/directoryobject_getmembergroups

POST https://graph.microsoft.com/v1.0/devices/{deviceId}/getMemberGroups
{
"securityEnabledOnly":false
}

The response will contain a list of group ids for which the device is a member. To get the group details, you will have to make another call. You could use the getByIds action for this - see https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/directoryobject_getbyids. If you want to do this in one call, you could take a look at using batching: https://developer.microsoft.com/en-us/graph/docs/concepts/json_batching.

Hope this helps,

Upvotes: 1

Related Questions