Get member groups
- 2 minutes to read
-
Contributors
Return all the groups that the specified user, group, or directory object is a member of. This function is transitive.
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | User.Read.All and Group.Read.All, Directory.Read.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | User.Read.All and Group.Read.All, Directory.Read.All |
HTTP request
POST /me/getMemberGroups
POST /users/{id | userPrincipalName}/getMemberGroups
POST /groups/{id}/getMemberGroups
POST /directoryObjects/{id}/getMemberGroups
Request headers
| Name | Type | Description |
|---|---|---|
| Authorization | string | Bearer {token}. Required. |
| Content-Type | string | application/json |
Request body
In the request body, provide a JSON object with the following parameters.
| Parameter | Type | Description |
|---|---|---|
| securityEnabledOnly | Boolean | true to specify that only security groups that the entity is a member of should be returned; false to specify that all groups and directory roles that the entity is a member of should be returned. Note: The function can only be called on a user if the parameter is true. |
Response
If successful, this method returns 200 OK response code and String collection object in the response body.
Example
Request
POST https://graph.microsoft.com/v1.0/directoryObjects/{object-id}/getMemberGroups
Content-type: application/json
{
"securityEnabledOnly": true
}
Response
Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(Edm.String)",
"value": [
"fee2c45b-915a-4a64-b130-f4eb9e75525e",
"4fe90ae7-065a-478b-9400-e0a0e1cbd540",
"e0c3beaf-eeb4-43d8-abc5-94f037a65697"
]
}
SDK sample code
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var securityEnabledOnly = true;
await graphClient.DirectoryObjects["{object-id}"]
.GetMemberGroups(securityEnabledOnly)
.Request()
.PostAsync();
Read the SDK documentation for details on how to add the SDK to your project and create an authProvider instance.
Feedback
Send feedback about:
Loading feedback...