Update profilephoto

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported.

Update the photo for any user in the tenant including the signed-in user, or the specified group or contact. Since there is currently a limit of 8MB on the total size of each REST request, this limits the size of the photo you can add to under 8MB.

Use only PUT for this operation in the beta version.

Note: When updating the user photo, this operation first attempts to update the photo in Microsoft 365. If that fails (due to the user not having a mailbox), this API will attempt to update the photo in Azure Active Directory.

Permissions

One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Permission type Permissions (from least to most privileged)
Delegated (work or school account) Profile photo of the signed-in user:
User.ReadWrite, User.ReadWrite.All

For group resource:
Group.ReadWrite.All

For contact resource:
Contacts.ReadWrite
Delegated (personal Microsoft account) Not supported.
Application For user resource:
User.ReadWrite.All

For group resource:
Group.ReadWrite.All

For contact resource:
Contacts.ReadWrite

Note To update the photo of any user in the organization, your app must have the User.ReadWrite.All application permission and call this API under its own identity, not on behalf of a user. To learn more, see get access without a signed-in user. Updating the photo of the signed-in user only requires User.ReadWrite permission.

Note: There is currently a known issue with accessing group photos using application permissions.

HTTP request

PUT /me/photo/$value
PUT /users/{id | userPrincipalName}/photo/$value
PUT /groups/{id}/photo/$value
PUT /me/contacts/{id}/photo/$value
PUT /users/{id | userPrincipalName}/contacts/{id}/photo/$value
PUT /me/contactfolders/{contactFolderId}/contacts/{id}/photo/$value
PUT /users/{id | userPrincipalName}/contactfolders/{contactFolderId}/contacts/{id}/photo/$value

Request headers

Header Value
Authorization Bearer {token}. Required.
Content-Type image/jpeg. Required.

Request body

In the request body, include the binary data of the photo in the request body.

Response

If successful, this method returns a 200 OK response code.

Example

Request

Here is an example of the request.

PUT https://graph.microsoft.com/beta/me/photo/$value
Content-type: image/jpeg

Binary data for the image

Response

Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 200 OK