Forum Widgets
Latest Discussions
What is the Office Graph?
Office Graph - the intelligent fabric to Office 365 data The Office Graph represents a collection of content and activity, and the relationships between them that happen across the entire Office suite. From email, social conversations, and meetings, to documents in SharePoint and OneDrive, the Office Graph maps the relationships among people and information, and acts as the foundation for Office experiences that are more relevant and personalized to each individual. The Office Graph uses sophisticated machine learning techniques to connect people to the relevant content, conversations and people around them. Office Graph has mapped over billions actions and interactions within Office 365, making it clear that organizations have been sitting on an untapped gold mine of business value. As it continues to analyze relationships and deliver insights from across the tools people use at work every day, it will enable experiences that go above and beyond search and discovery. Going forward, the Office Graph will continue to evolve and deliver increasingly rich insights in Office 365, and incorporate support for extensibility to reach beyond Office 365.
Error on subsciption get/post/patch/delete, [Status Code: Unauthorized; Reason: p#S256 doesn't match
I first encountered this issue in a project using the .NET SDK, but has since replicated it with the graph explorer at https://developer.microsoft.com/en-us/graph/graph-explorer to verify that the issue is with the api. After creating a subscription, I can see it appear on a get request to https://graph.microsoft.com/v1.0/subscriptions, no problem. When I try any query with the subscription ID in the URL though, I always get the same error: { "error": { "code": "ExtensionError", "message": "Operation: Read; Exception: [Status Code: Unauthorized; Reason: p#S256 doesn't match.]", "innerError": { "date": "2023-12-14T04:10:00", "request-id": "ff9d5295-2dd5-40ca-91c7-4ec0cf871c8c", "client-request-id": "2fb3723b-1858-5d41-e4bc-47589df481a0" } } } I've attempted Get, Patch, Post and Delete requests to both https://graph.microsoft.com/v1.0/subscriptions/<subscriptionId> and https://graph.microsoft.com/beta/subscriptions/<subscriptionId> , all requests giving the same error.Get MFAStatus with API
Hi, I'm trying to get a report for the MFA status for all my tenant users. # Replace the values in the following variables with your own $clientId = "your_client_id_here" $clientSecret = "your_client_secret_here" $tenantId = "your_tenant_id_here" # Authenticate using Microsoft Graph API $tokenBody = @{ Grant_Type = "client_credentials" Scope = "https://graph.microsoft.com/.default" Client_Id = $clientId Client_Secret = $clientSecret } $tokenResponse = Invoke-RestMethod -Method POST -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -Body $tokenBody $accessToken = $tokenResponse.access_token # Retrieve all users in the tenant $users = Invoke-RestMethod -Method GET -Uri "https://graph.microsoft.com/v1.0/users" -Headers @{Authorization = "Bearer $accessToken"} # Loop through each user and retrieve their MFA status foreach ($user in $users.value) { $userId = $user.id $mfaStatus = Invoke-RestMethod -Method GET -Uri "https://graph.microsoft.com/v1.0/users/$userId/authentication/strongAuthenticationMethods" -Headers @{Authorization = "Bearer $accessToken"} $mfaEnabled = $mfaStatus.value | Where-Object {$_.state -eq "enabled"} Write-Output "$($user.displayName) - MFA Enabled: $($mfaEnabled -ne $null)" } I got this script but I'm always getting an error when I'm trying to execute it ... error is : Line | 17 | $users = Invoke-RestMethod -Method GET -Uri "https://graph.microsoft. … | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | {"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the | operation.","innerError":{"date":"2023-03-28T00:21:46","request-id":"d929a2d8-ca16-44b4-af0b-4d514c15ea78","client-request-id":"d929a2d8-ca16-44b4-af0b-4d514c15ea78"}}} In my API permission, I've double check to be sur all permission are ok : UserAuthenticationMethod.Read.All or UserAuthenticationMethod.ReadWrite.All (for Microsoft Graph API v1.0) OR AuthenticationMethod.Read.All or AuthenticationMethod.ReadWrite.All (for Microsoft Graph API beta) User.Read.All or User.ReadWrite.All (for Microsoft Graph API v1.0) OR Directory.Read.All or Directory.ReadWrite.All (for Microsoft Graph API beta) I've check again my clientID-clientSecret-TenanID and seems to be good : How to be sure this is OK? Any log in AzureAD to check if at least my script is able to authenticate? Thanks in advance!
Issue with Downloading Teams Sticker via Graph API - HTTP 400 Bad Request
Hi all, I am encountering an issue when attempting to download a sticker from Microsoft Teams using the Graph API. Below are the details of my request and the problem I am facing: Issue Description: I am using the following API format to download a sticker: GET https://graph.microsoft.com/v1.0/teams/xxx/messages/yyy/hostedContents/zzz/$value The request returns an HTTP 400 Bad Request response. The error details are as follows: { "error": { "code": "BadRequest", "message": "Provided hosted content identifier is invalid." }} Upon decoding zzz part of the API request URL, I obtained the following information: id=,type=1,url=https://us-prod.asyncgw.teams.microsoft.com/v1/url/content?url=https%3a%2f%2fstatic.wixstatic.com%2fmedia%2f4b00a4_e293905cf80f4ba4853c80a0a98dd748~mv2.png From the decoded data, it appears that the id field is empty. I suspect that this might be the reason why I am receiving the HTTP 400 Bad Request response. Questions: Has anyone encountered a similar issue when attempting to download a hosted sticker from Teams via the Graph API? Is there a specific reason why the id field is empty in the decoded content information? How can I resolve this issue and successfully retrieve the sticker content? Any insights or guidance on resolving this issue would be greatly appreciated. Thank you for your support. Best regards, KeinHow to set "send-as" permissions on a created email box
Hi, i'd like to know if the graph api provides any endpoint to set the permissions for a newly created azure ad user to allow "send-as" permissions. the user has an email box and when i go into portal.microsoft.com/#users, click on the user, then e-mail, then "send-as" permissions (in german this is "Senden als"-Berechtigungen, i translated it by myself to english so maybe its a bit different), then i can add a permission. I would like to automate that process and add one of those permissions, but i cant find an endpoint for it. anyone an idea?Microsoft Graph API : Some attributes are null when filtering by signInActivity/lastSignInDateTime
Hi. I have trouble retrieving the user's givenName and surname using Microsoft Graph API together with filtering using signInActivity/lastsignInDateTime. Here is the url I'm using: const graphUsersUrl = "https://graph.microsoft.com/V1.0/users?$top=999&$filter=signInActivity/lastSignInDateTime ge 2025-06-24T14:45:15Z and signInActivity/lastSignInDateTime le 2025-06-25T14:45:15Z&$select=id,givenName,surname,identities,signInActivity"; function mapUserEmails(userData: Array<any>) { return userData.map((userInstance) => { console.log(userInstance.givenName); return { userId: userInstance.id, givenName: userInstance.givenName, lastName: userInstance.surname, issuerAssignedId: userInstance.issuerAssignedId, userEmail: ( userInstance.identities as Array<{ signInType: string; issuerAssignedId: string; }> ).find((userIdentity) => userIdentity.signInType === "emailAddress") ?.issuerAssignedId, lastSignInDateTime: userInstance.signInActivity?.lastSignInDateTime, }; }); } In the returned result, the userId and lastSignInDateTime have values, but givenName and lastName are null. How can I get the values for givenName and surname? Any help is appreciated.
