Graph API: Read Extension Attributes

1 minute read

Description:

So I had a goal to query Azure Graph API to answer something like: “Get me all users like (user.extensionAttribute3 -eq "Employee") -and (user.accountEnabled -eq True) -and -not (user.jobtitle -eq "Retired")”. This is how I did it:

To Resolve:

  1. Create an application in Azure with Application permissions to Graph API and User.Read.All.
    • Copy its application ID and client secret to notepad.
  2. Open Postman, create a collection, add the following request:

    • GET https://graph.microsoft.com/v1.0/users/user@domain.com
    • Pre-request script
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    
    const echoPostRequest = {
       url: 'https://login.microsoftonline.com/5cdc5b43-d7be-4caa-8173-729e3b0a62d9/oauth2/v2.0/token',
       method: 'POST',
       header: {
          'Accept': 'application/json',
          'Content-Type': 'application/x-www-form-urlencoded'
       },
       body: {
          mode: 'urlencoded',
          urlencoded: [
             { key: "grant_type", value: "client_credentials" },
             { key: "scope", value: "https://graph.microsoft.com/.default" },
             { key: "client_id", value: "id" },
             { key: "client_secret", value: "my-secret" }
          ]
       }
    };
    
    pm.sendRequest(echoPostRequest, function (err, response) {
       console.log(response.json());
       var responseJson = response.json();
       pm.environment.set('currentAccessToken', responseJson.access_token)
       pm.environment.set('currentRefreshToken', responseJson.refresh_token)
    });
    
    • In the Pre-Request script above, replace id with your application ID and my-secret with your client secret.
  3. After running it, you will see that it doesn’t get your user’s onPremisesExtensionAttributes, for that, just change to the beta API GET https://graph.microsoft.com/beta/users/user@domain.com

Comments