![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 44%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHK%3C/text%3E%3C/svg%3E)
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,592 questions
Of course can not, you must have the user’s TID. In your scenario, these users are distributed in different tenants, even if you have the user’s OID, you cannot obtain user information from other tenants without authorization. And getting the user's TID is only the first step to solve the problem, and then you need to create a multi-tenant application in your tenant and grant User.Read.All application permissions to the application.
Then you need to add the multi-tenant application as an enterprise application to the tenant where the user is located, this requires you to run the admin consent url in your browser and log in with the administrator of the tenant where the user is located and consent. https://login.microsoftonline.com/{target tenant-id}/adminconsent?client_id={client-id}.
After you add the multi-tenant application to the tenant where the user is located, you can use the client credential flow to obtain the token, and then use the token to call the /users/{OID} endpoint to obtain the user information.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in [our documentation][4] to enable e-mail notifications if you want to receive the related email notification for this thread.
