Get user/roles from azure ad

Question

Hi I have a question I have a Azure AD app and inside enterprise app I have some users assigned to some roles.
Can someone tell me a way to get a list of thi users with roles using graph API or java SDK?

Answer 1

The easy way to download all role assignment in a directory is already available

Sign in to the Azure portal or Azure AD admin center. Select Azure Active Directory > Roles and administrators, select All roles, Select Download assignments.
A CSV file that lists assignments at all scopes for all roles is downloaded.

----------

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 2

Hi @Anurup Majumder ,

You can use this Graph API to get roles assigned to a particular user GET https://graph.microsoft.com/v1.0/roleManagement/directory/roleAssignments?$filter=principalId+eq+'<object-id-of-principal>' (refer below example screenshot from Graph Explorer):

Here roleDefinitionId is the ID of the role assigned which you can check using this Graph API GET https://graph.microsoft.com/v1.0/roleManagement/directory/roleDefinitions

Also, if you want to check list of users assigned same role you can use this API GET /roleManagement/directory/roleAssignments?$filter=roleDefinitionId eq '{roleDefinition id}'

Reference Documents:
https://learn.microsoft.com/en-us/azure/active-directory/roles/custom-assign-graph
https://learn.microsoft.com/en-us/graph/api/rbacapplication-list-roledefinitions?view=graph-rest-1.0&tabs=http
https://learn.microsoft.com/en-us/graph/api/rbacapplication-list-roleassignments?view=graph-rest-1.0&tabs=http

Hope this helps.
If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.