Reputation: 9612
Microsoft Graph AD Users or people API to search all users?
I'm trying to build functionality into my app for 'admins' to assign users from their AD group to certain groups that are further assigned to app-specific roles. Basically a simple management component.
Adding the user with the oid to a group is easy, the problem I'm facing is finding the actual user.
Currently, the only option I'm seeing is making multiple api requests to v1.0/users (999 items max) and grouping them all in memory and then provide a simple search function to narrow it down.
I have also used the v1.0/me/people endpoint to search for users but this does not reveal all users from the AD group, just relevant users they deal with, so not too useful.
Is there any other api endpoint I could tap into to do a search ONLY on members of the same active directory?
Upvotes: 6
Views: 10082
Answers (5)
Reputation: 1909
Microsoft's own people finder (mgt-people-picker component) has this built in to it. Under the hood, it's only using the displayName and mail properties.
Upvotes: 1
Reputation: 540
@Marcin already mentioned above that, use $search instead of $filter. As per Microsoft Graph API Documentation: Use $search to get users with {searchField} that contain {yourSearchTerm} including a count of returned objects
Also, you can search users by more than one field. Recently, I was building a People Picker for my organization and the following query perfectly worked for me.
https://graph.microsoft.com/v1.0/users?$search="displayName:{yourSearchTerm}" OR "mail:{yourSearchTerm}" OR "userPrincipalName:{yourSearchTerm}"&$top=10&$count=true
Above Query search user based on displayName, mail, and userPrincipalName and return top 10 users that match the {yourSearchTerm}.
Upvotes: 0
Reputation: 391
Instead of going with startswith You may get better experience using search keyword: https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#example-6-use-search-to-get-users-with-display-names-that-contain-the-letters-wa-including-a-count-of-returned-objects
Upvotes: 4
Reputation: 1104
Using the startsWith filter on multiple properties is probably the closest we can get to user search in MS Graph at the moment:
https://graph.microsoft.com/v1.0/users?$filter=startswith(displayName,'sarah') or startswith(givenName,'sarah') or startswith(surname,'sarah') or startswith(mail,'sarah') or startswith(userPrincipalName,'sarah')
Upvotes: 9
Reputation: 9612
Ended up switching to the old AD Graph API and implementing a query on the endpoint as follows:
https://graph.windows.net/{ tenant ID }/users?api-version=1.6&$select=mail,displayName,objectId,givenName,surname&$filter=startswith(givenName,'SEARCH TERM') or startswith(surname,'SEARCH TERM')
If a function receives 1 single param, it will search for that parameter in both givenName and surname but you could configure this to search accross any other supported fields.
You could also completely ditch the $select= completely to get the whole data. I didn't want the clutter though and those keys are enough for me.
Upvotes: 4
Related Questions
- Retrieve all Users from all Groups?
- AAD B2C: Search Users by PrincipalName
- How to get a list of users from azure graph API
- Azure AD graph API to Search multiple users based on UserPrincipalName and Mail
- Get users with respect to a specific Azure directory Graph Explorer
- Search Users within Graph API
- Azure active directory graph api query user
- To get users in azure active directory
- Azure Graph API - Query user information
- Search for user in Azure Active directory group using graph api