question

sergecalderaraSolatys-4285 avatar image
0 Votes"
sergecalderaraSolatys-4285 asked ·

How to detete an external AD user using MS Graph API

Dear all,

We are trying to remove a guest user from AD using graph api.
For that we use the following as describe from the documentation :

https://graph.microsoft.com/v1.0/users/{userPrincipalName}

If the user is a user with an AD domaine that works correctly but for external user with a GMAIL account for instance, the userPrincipalName is formated as below sample :

ex : serge.cal_gmail.com#EXT#@xxxx.onmicrosoft.com

When I try to get the ID of that user by fetching first its id using :

https://graph.microsoft.com/v1.0/users/serge.cal_gmail.com#EXT#@xxxx.onmicrosoft.com

It returns an error as below :

{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource 'serge.cal_gmail.com' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"request-id": "da8bdcda-6304-4c3c-93b2-6454433dcba2",
"date": "2020-05-15T14:51:46"
}
}
}

What is the way to fetch correctly that type of user using graph api ?

regards



azure-active-directory
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

sergecalderaraSolatys-4285 avatar image
0 Votes"
sergecalderaraSolatys-4285 answered ·

Thanks for your reply, I will give a try..

by the way it is possible from the filter url to return from the user only the Id atrribute because this is the onlything I need to be able to delete the user afterwards

Does something like this is possible :
https://graph.microsoft.com/v1.0/users?$filter=mail*$select=id*

Thanks for your reply

regards

· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@sergecalderaraSolatys-4285, You can select the response that helped you answer your query. In this way it would help others visiting the community too.

0 Votes 0 · ·
soumi-MSFT avatar image
1 Vote"
soumi-MSFT answered ·

@sergecalderaraSolatys-4285. if you know the value for user's either displayname or mail you can use the following graph api call to fetch the same:

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.





· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

sergecalderaraSolatys-4285 avatar image
0 Votes"
sergecalderaraSolatys-4285 answered ·

Thanks for your reply,

Based on your second sugestion of using the filter to get the user email ..

Question :
Can I use this filter approach to fecth user ID for Ad user or it is only for account like Gmail without AD behind ?

I means does making this filter query will make the same thing as using the userPrincipalName as I was doing initialy with AD user

Thanks for your clarification

regards

· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@sergecalderaraSolatys-4285, The userPrincipalName is something that I too tried to use as a filter, but it didnt work for me. Hence I chose to use attributes like mail, userDisplayName etc. You can also use the object ID of the user. But somehow for guestusers, you would not be able to use the userPrincipalName to filter the output.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.


0 Votes 0 · ·
soumi-MSFT avatar image
0 Votes"
soumi-MSFT answered ·

@sergecalderaraSolatys-4285, Yes, that is absolutely possible:


Sample Query: https://graph.microsoft.com/v1.0/users?$filter=mail eq 'user_email_address'&$select=displayName,id


I used this sample, this sample would only return the displayName and id attribute's values in the output. If you just want id attribute's value, then remove displayName from the $select query parameter.


Hope this helps.


Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.


· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

sergecalderaraSolatys-4285 avatar image
0 Votes"
sergecalderaraSolatys-4285 answered ·

Thnaks for your reply,

I have a wierd issue, when I try the filter in POSTMAN, it return the correct record based on the provided email

but when I use it in groovy script, it return my all users instead of the filter record,

here is my method below :

 public String getUserIdByEmailQuery(String AuthToken,String userEmail){
    
         String _userId
                         
             def http = new HTTPBuilder(graph_base_user_url +"?")
             http.request(GET) {
    
                 requestContentType = ContentType.JSON
                 query:[ $filter:"mail eq '$userEmail'" ]
    
                 headers.'Authorization' = "Bearer " + AuthToken    
    
                 response.success = { resp, json ->
                     //_userId=json["id"].toString()
                     _userId=json
                 }
    
                 // user ID not found : error 404
                 response.'404' = { resp ->       
                     _userId = 'Not Found'
                 }
    
             }
             _userId
         } 

The graph_base_user_url parameter is equal to "https://graph.microsoft.com/v1.0/users";

Any reason why it returns all users ?

regards

· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@sergecalderaraSolatys-4285, I am afraid I dont hold expertise on groovy script. But I must say, if this works with POSTMAN, it is supposed to work with any language. I believe you must debug the script to check if its even taking the $filter query string.

0 Votes 0 · ·