List tenants for current user without user_impersonation on Azure manament api

Stephan van Rooij 61 Reputation points MVP
2021-06-18T09:01:49.947+00:00

I'm looking for a way to access a list of tenants the current user, so the home tenant and tenants where he/she is invited as guest.

I know the existence of List Tenants in the Azure management api, but that API only has ONE scope, namely 'user_impersonation'. This is a bad thing for several reasons:

  1. Users probably won't allow our application to control their entire Azure subscriptions
  2. If an admin would allow us access to this scope, it could lead to some really bad stuff happening (account take over, removing all items from their azure subscription, just to name a few)

This is also described here https://stackoverflow.com/questions/60461875/azure-resource-management-api-without-user-impersonation-is-it-possible

https://learn.microsoft.com/en-us/rest/api/resources/tenants/list

It would be great if this would come on the radar of the Graph development team, it would be great if there was a way in the Graph API to just list the tenants a user is a member of with either a Tenants.Read scope (new), or to be able to access this information with the 'User.Read' or 'profile' scope.

Our use case also doesn't need all the details as provided by the Azure Resource Api, the Id, Name and Home/Guest fields would suffice.
Something like: 

[  
  {  
    "id": "896a4689-1e14-4572-9375-028c2449d145",  
    "name": "Tenant A",  
    "userTenant": "Home"  
  },  
  {  
    "id": "f4af3776-fb13-470f-86ae-1c185a4c2e63",  
    "name": "Tenant b",  
    "userTenant": "Guest"  
  },  
  {  
    "id": "ae287e2c-979e-4590-a51a-729f42adbbe2",  
    "name": "Tenant C",  
    "userTenant": "Guest"  
  }  
]

I also asked this question on twitter, where the Azure Support team refered me to this page

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,716 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stephan van Rooij 61 Reputation points MVP
    2021-06-21T09:38:55.617+00:00

    We posted a feature request https://techcommunity.microsoft.com/t5/microsoft-365-developer-platform/graph-api-tenant-list-for-user/idi-p/2465710

    That doesn't mean this question is solved, but I hope its getting the attention it deserves.

    1 person found this answer helpful.
    0 comments
  2. Deva-MSFT 2,256 Reputation points Microsoft Employee
    2021-06-20T06:43:48.867+00:00

    Please file the feature request so that it can be considered to be implemented.

  3. Deep Singh 1 Reputation point
    2021-08-23T06:46:11.27+00:00

    Any updates on this? :)

  4. Andreas Mennel 76 Reputation points
    2023-09-04T19:37:54.6333333+00:00
    0 comments