Reputation: 173
MSGraph Delete Group Push Notifications: Wrong changeType on Delete Events
When I perform a deletion of a group in the Azure AD portal and I have set my push notification changeType = 'updated,deleted', the push notification is received within 10-15 seconds as expected with the correct resource ID of the group that I deleted, but the changeType = 'updated'. See the actual event received below:
{
"value":[
{
"changeType":"updated",
"clientState":"<<redacted>>",
"resource":"Groups/f0a5993b-5c2d-49cc-bb2f-8cb0060fef8e",
"resourceData":{
"@odata.type":"#Microsoft.Graph.Group",
"@odata.id":"Groups/f0a5993b-5c2d-49cc-bb2f-8cb0060fef8e",
"id":"f0a5993b-5c2d-49cc-bb2f-8cb0060fef8e",
"organizationId":"<<redacted>>",
"eventTime":"2018-11-22T01:47:00.2455823Z",
"sequenceNumber":636784480202455800
},
"subscriptionExpirationDateTime":"2018-11-24T18:13:08.914+00:00",
"subscriptionId":"d850b120-19bb-4291-b9c4-845ea04dd38d",
"tenantId":"<<readacted>>"
}
]
}
Upon processing this request, there is no way to determine that the current group resource has been DELETED. Can someone on the Graph API team please look into/resolve?
Upvotes: 0
Views: 455
Answers (1)
Reputation: 14356
It is likely that the group you deleted was an Office 365 group. When Office 365 groups are deleted, they are soft-deleted, which is represented as an updated event, rather than a deleted change type. You'll notice the same behavior when users are deleted, if you subscribe to updated,deleted for users, which also support soft-deletion.
(A soft-deleted Office 365 group can be restored within 30 days. In contrast, other group types get permanently deleted immediately and cannot be restored.)
If you're using delta query in concert with change notifications (a typical pattern is to use the updated change event as a trigger to poll for more changes with delta query), the soft-deletion of a group would look like this:
GET https://graph.microsoft.com/v1.0/groups/delta?$deltatoken=1yN...
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groups",
"@odata.deltaLink": "https://graph.microsoft.com/v1.0/groups/delta?$deltatoken=1yN...",
"value": [
{
"id": "0ed62d01-7c00-4866-9220-74fdd034eea7",
"@removed": {
"reason": "changed"
}
}
]
}
When a soft-deleted Office 365 group gets permanently deleted (either naturally, after the 30 days pass, or manually, because someone permanently deleted it), you will get the expected deleted change type in the subscription:
{
"value": [
{
"changeType": "deleted",
"resource": "Groups/0ed62d01-7c00-4866-9220-74fdd034eea7",
"resourceData": ...
...
}
]
}
In the delta query for groups, the group's permanent deletion will be represented as follows:
GET https://graph.microsoft.com/v1.0/groups/delta?$deltatoken=1yN...
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groups",
"@odata.deltaLink": "https://graph.microsoft.com/v1.0/groups/delta?$deltatoken=1yN...",
"value": [
{
"id": "0ed62d01-7c00-4866-9220-74fdd034eea7",
"@removed": {
"reason": "deleted"
}
}
]
}
Other info
Office 365 groups can be identified in Microsoft Graph by their groupTypes attribute, which will contain the string Unified if it's an Office 365 group.
GET https://graph.microsoft.com/v1.0/groups/{id}?$select=id,displayName,groupTypes
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groups(id,groupTypes)/$entity",
"id": "0ed62d01-7c00-4866-9220-74fdd034eea7",
"displayName": "My Office 365 group",
"groupTypes": [
"Unified"
]
}
Soft-deleted groups can be listed with Microsoft Graph:
GET https://graph.microsoft.com/v1.0/directory/deletedItems/microsoft.graph.group
To permanently delete a soft-deleted object using Microsoft Graph:
DELETE https://graph.microsoft.com/v1.0/directory/deletedItems/{id}
Upvotes: 3
Related Questions
- Not receiving Microsoft Graph change notification
- Not receiving a request on our MS Graph Webhook for deleting a User in AAD
- Delete policy using Microsoft Graph Powershell
- MS Graph Api - Group Membership Change Notification - Not receiving notification after User who is a Member is hard deleted
- "Updated" notification type for Microsoft Graph deleted user
- Microsoft Graph sending a lot of unnecessary notifications for create/delete
- Receiving "Invalid 'changeType'" when subscribing to user created event
- Delete groups in Microsoft Graph API in C#
- Remove a member from a group using Microsoft Graph .NET Client Library
- Azure Graph api client remove member from group