Operations on domains | Graph API reference
Applies to: Graph API | Azure Active Directory
This topic discusses how to perform operations on domains using the Azure Active Directory (AD) Graph API.
The Graph API is an OData 3.0 compliant REST API that provides programmatic access to directory objects in Azure Active Directory, such as users, groups, organizational contacts, and applications.
This article applies to Azure AD Graph API. For similar info related to Microsoft Graph API, see domain resource type.
Important
Azure Active Directory (Azure AD) Graph is deprecated. Going forward, we will make no further investment in Azure AD Graph, and Azure AD Graph APIs have no SLA or maintenance commitment beyond security-related fixes. Investments in new features and functionalities will only be made in Microsoft Graph.
June 30, 2023 will mark the end of the three-year deprecation period for Azure AD Graph. Before June 30, 2023, existing applications using Azure AD Graph will not be impacted. After June 30, 2023, Azure AD Graph will enter its retirement phase where we will retire it in incremental steps to allow you sufficient time to migrate your applications to Microsoft Graph APIs. The first step in this plan, and at a later date that we will announce, we will block the creation of any new applications using Azure AD Graph.
For more details on the latest announcement, see Important: Azure AD Graph Retirement and Powershell Module Deprecation.
Performing REST operations on domains
To perform operations on domains with the Graph API, you send HTTP requests with a supported method (GET, POST, PATCH, PUT, or DELETE) to an endpoint that targets the domains resource collection, a specific domain, a navigation property of a domain, or a function or action that can be called on a domain.
Graph API requests use the following basic URL:
https://graph.windows.net/{tenant_id}/{resource_path}?{api_version}[odata_query_parameters]
Important
Requests sent to the Graph API must be well-formed, target a valid endpoint and version of the Graph API, and carry a valid access token obtained from Azure AD in their Authorization header. For more detailed information about creating requests and receiving responses with the Graph API, see Operations Overview.
You specify the {resource_path} differently depending on whether you are targeting the collection of all domains in your tenant, an individual domain, or a navigation property of a specific domain.
/domainstargets the domains resource collection. You can use this resource path to read all domains or a filtered list of domains in your tenant or to create one or more new domains in your tenant./domains({domain_name})targets an individual domain in your tenant. You specify thedomain-nameas the fully qualified domain name of the target domain enclosed in single quotes. You can use this resource path to get the declared properties of a domain, to modify the declared properties of a domain, or to delete a domain./domains({domain_name})/{nav_property}targets the specified navigation property of a domain. You can use it to return the object or objects referenced by the target navigation property of the specified domain. Note: This form of addressing is only available for reads./domains({domain_name})/$links/{nav_property}targets the specified navigation property of a domain. You can use this form of addressing to both read and modify a navigation property. On reads, the objects referenced by the property are returned as one or more links in the response body. On writes, the objects are specified as one or more links in the request body.
For example, the following request returns a link to the specified domain's service configuration records:
GET https://graph.windows.net/myorganization/domains('contoso.com')/serviceConfigurationRecords?api-version=1.6
Basic operations on domains
You can perform basic create, read, update, and delete (CRUD) operations on domains and their declared properties by targeting either the domain resource collection or a specific domain. The following topics show you how.
The Graph API supports operations on groups as follows:
- Create (POST): Unverified and verified domains.
- Read (GET): all domains.
- Update (PATCH): Verified domains only. Not all properties are supported.
- Delete (DELETE): all domains.
Get domains
Gets a collection of domains. You can add OData query parameters to the request to filter, sort, and page the response. For more information, see Supported Queries, Filters, and Paging Options in Azure AD Graph API.
On success, returns a collection of Domain objects; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
GET https://graph.windows.net/myorganization/domains?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Only '1.6' is supported. Required. |
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/contoso.onmicrosoft.com/$metadata#domains",
"value": [
{
"authenticationType": "Managed",
"availabilityStatus": null,
"adminManaged": true,
"isDefault": true,
"isInitial": true,
"isRoot": true,
"isVerified": true,
"name": "contoso.onmicrosoft.com",
"supportedServices": [
"Email",
"OfficeCommunicationsOnline"
]
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The domain is returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/domains?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/domains?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/domains");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/domains?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/domains";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/domains');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/domains')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get a domain
Gets a specified domain. Specify the domain with its fully qualified domain name.
On success, returns the Domain object for the specified domain; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
GET https://graph.windows.net/myorganization/domains({domain_name})?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| domain_name | string | 'contoso.onmicrosoft.com' | The fully qualified domain name of the target domain. Must be enclosed in single quotes. |
| Query | |||
| api-version | string | 1.6 | Specifies the version of the Graph API to target. Only '1.6' is supported. Required. |
GET https://graph.windows.net/myorganization/domains('contoso.onmicrosoft.com')?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#domains/@Element",
"authenticationType": "Managed",
"availabilityStatus": null,
"AdminManaged": true,
"isDefault": true,
"isInitial": true,
"isRoot": true,
"isVerified": true,
"name": "contoso.onmicrosoft.com",
"supportedServices": [
"Email",
"OfficeCommunicationsOnline"
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The domain is returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/domains({domain_name})?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/domains({domain_name})?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/domains({domain_name})");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/domains({domain_name})?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/domains({domain_name})";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/domains({domain_name})');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains({domain_name})?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains({domain_name})?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/domains({domain_name})')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Create a domain
Adds a domain to the tenant. The request body contains the name property for the new domain. This is the only property that can be specified and it is required.
The following table shows the properties that are required when you create a domain.
| Required parameter | Type | Description |
|---|---|---|
| name | string | The fully qualified domain name of the new domain; for example, "contoso.com". |
Important: If the domain being created is a sub-domain of an existing verified domain in the tenant, it will be created as a verified domain (isVerified property is true); otherwise, it will be created as an unverified domain (isVerified property is false).
On success, returns the newly created Domain; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
POST https://graph.windows.net/myorganization/domains?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Only '1.6' is supported. Required. |
| Body | |||
|
Content-Type: application/json | |||
Response
Status Code:201
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/contoso.onmicrosoft.com/$metadata#domains/@Element",
"authenticationType": "Managed",
"availabilityStatus": null,
"isAdminManaged": false,
"isDefault": false,
"isInitial": false,
"isRoot": false,
"isVerified": false,
"name": "contoso.com",
"supportedServices": []
}
Response List
| Status Code | Description |
|---|---|
| 201 | Created. Indicates success. The new domain is returned in the response body. |
Update a domain
Update a domain's properties. Specify any writable Domain property in the request body. Only the properties that you specify are changed.
Important: Only verified domains can be updated.
On success, no response body is returned; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
PATCH https://graph.windows.net/myorganization/domains({domain_name})?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| domain_name | string | 'contoso.com' | The fully qualified domain name of the target domain. Must be enclosed in single quotes. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Only '1.6' is supported. Required. |
| Body | |||
|
Content-Type: application/json | |||
PATCH https://graph.windows.net/myorganization/domains('contoso.com')?api-version=1.6
Response
Status Code:204
Content-Type: application/json
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |
Delete a domain
Deletes a domain. Deleted domains are not recoverable.
On success, no response body is returned; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
DELETE https://graph.windows.net/myorganization/domains({domain_name})[?api-version]
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| domain_name | string | 'contoso.com' | The fully qualified domain name of the target domain. Must be enclosed in single quotes. |
| Query | |||
| api-version | string | 1.6 | Specifies the version of the Graph API to target. Only '1.6' is supported. Required. |
DELETE https://graph.windows.net/myorganization/domains('contoso.com')?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. |
Operations on domain navigation properties
Relationships between a domain and other objects in the directory such as its verification records and service configuration records are exposed through navigation properties. You can read these relationships by targeting these navigation properties in your requests.
Get a domain's verification records
Gets the domain's verification records from the verificationDnsRecords navigation property.
You can’t use the domain with your Azure AD tenant until you have successfully verified that you own the domain. To verify the ownership of the domain, you need to first retrieve a set of domain verification records which you need to add to the zone file of the domain.
On success, returns a collection of DomainDnsRecord objects; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
Note: You can add the "$links" segment to the URL to return links to the DomainDnsRecords.
GET https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| domain_name | string | 'contoso.com' | The fully qualified domain name of the target domain. Must be enclosed in single quotes. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Only '1.6' is supported. Required. |
GET https://graph.windows.net/myorganization/domains('contoso.com')/verificationDnsRecords?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#domainDnsRecords",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.DomainDnsTxtRecord",
"dnsRecordId": "aceff52c-06a5-447f-ac5f-256ad243cc5c",
"isOptional": false,
"label": "contoso.com",
"recordType": "Txt",
"supportedService": null,
"ttl": 3600,
"text": "MS=ms86120656"
},
{
"odata.type": "Microsoft.DirectoryServices.DomainDnsMxRecord",
"dnsRecordId": "5fbde38c-0865-497f-82b1-126f596bcee9",
"isOptional": false,
"label": "contoso.com",
"recordType": "Mx",
"supportedService": null,
"ttl": 3600,
"mailExchange": "ms86120656.msv1.invalid",
"preference": 32767
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains({domain_name})/verificationDnsRecords?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains({domain_name})/verificationDnsRecords?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/domains({domain_name})/verificationDnsRecords')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get a domain's service configuration records
Gets the domain's service configuration records from the serviceConfigurationRecords navigation property.
After you have successfully verified the ownership of a domain and you have indicated what services you plan to use with the domain, you can request Azure AD to return you a set of DNS records which you need to add to the zone file of the domain so that the services can work properly with your domain.
On success, returns a collection of DomainDnsRecord objects; otherwise, the response body contains error details. For more information about errors, see Error Codes and Error Handling.
Note: You can add the "$links" segment to the URL to return links to the DomainDnsRecords.
GET https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| domain_name | string | 'contoso.com' | The fully qualified domain name of the target domain. Must be enclosed in single quotes. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Only '1.6' is supported. Required. |
GET https://graph.windows.net/myorganization/domains('contoso.com')/serviceConfigurationRecords?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#domainDnsRecords",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.DomainDnsMxRecord",
"dnsRecordId": "2b672ab0-0bee-476f-b334-be436f2449bd",
"isOptional": false,
"label": "contoso.com",
"recordType": "Mx",
"supportedService": "Email",
"ttl": 3600,
"mailExchange": "contoso-com.mail.protection.outlook.com",
"preference": 0
},
{
"odata.type": "Microsoft.DirectoryServices.DomainDnsTxtRecord",
"dnsRecordId": "62bea837-a0d7-4466-b6d9-ff6bd1db8671",
"isOptional": false,
"label": "contoso.com",
"recordType": "Txt",
"supportedServices": "Email",
"ttl": 3600,
"text": "v=spf1 include: spf.protection.outlook.com ~all"
},
{
"odata.type": "Microsoft.DirectoryServices.DomainDnsCnameRecord",
"dnsRecordId": "eea5ce9e-8deb-4ab7-a114-13ed6215774f",
"isOptional": false,
"label": "autodiscover.contoso.com",
"recordType": "CName",
"supportedServices": "Email",
"ttl": 3600,
"canonicalName": "autodiscover.outlook.com"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains({domain_name})/serviceConfigurationRecords?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/domains({domain_name})/serviceConfigurationRecords?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/domains({domain_name})/serviceConfigurationRecords')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Functions and actions on domains
You can call the following actions on a domain.
verify action
You can call the verify action on an unverified domain (isVerified property is false) to verify the ownership of the domain.
Additional Resources
- Learn more about Graph API supported features, capabilities, and preview features in Graph API concepts