Working with users in Microsoft Graph


APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported.

You can use Microsoft Graph to build compelling app experiences based on users, their relationships with other users and groups, and their mail, calendar, and files.

You can access users through Microsoft Graph in two ways:

  • By their ID, /users/{id}
  • By using the /me alias for the signed-in user, which is the same as /users/{signed-in user's id}


One of the following permissions is required to access user operations. The first three permissions can be granted to an app by a user. The rest can only be granted to an app by the administrator.

  • User.ReadBasic.All
  • User.Read
  • User.ReadWrite
  • User.Read.All
  • User.ReadWrite.All
  • User.ManageIdentities.All
  • Directory.Read.All
  • Directory.ReadWrite.All
  • Directory.AccessAsUser.All

Common properties

Property Description
displayName The name displayed in the address book for the user.
givenName The first name of the user.
surname The last name of the user.
mail The user's email address.
photo The user's profile photo.

For details and a list of all the properties, see the user object.

Common operations

Note: Some of these operations require additional permissions.

Path Description
/users Lists users in the organization.
/users/{id} Gets a specific user by id.
/users/{id}/photo/$value Gets the user's profile photo.
/users/{id}/manager Gets the user's manager.
/users/{id}/messages Lists the user's email messages in their primary inbox.
/users/{id}/events Lists the user's upcoming events in their calendar.
/users/{id}/drive Gets the user's OneDrive file store.
/users/{id}/memberOf Lists the groups that the user is a member of.
/users/{id}/joinedTeams Lists the Microsoft Teams that the user is a member of.