Azure Active Directory Labs Series – Graph APISolution ·
Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds. I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.
In that training there were 8 labs and I thought it would be great to share them to the more general public. The labs follow each other and build on each other.
You can find the exhaustive list in Cloud Identity & Azure Active Directory page. This is the seventh lab.
In the current lab we will explore the Microsoft Graph API, which is a superset of the Azure AD Graph API, including Office 365 entities.
- Open an in private browser session
- Go to https://graph.microsoft.io/en-us/graph-explorer
- Sign in with SyncAdmin full name, e.g. SyncAdmin@vpllab.onmicrosoft.com
That account is Global admin on the tenant and can therefore see more things than a simple user
- Next to the “GET” verb type https://graph.microsoft.com/v1.0/me
- Type Enter
- You should get a JSON / OData payload describing the user
- Type https://graph.microsoft.com/v1.0/users
- You should get all the user in the tenant
- Scroll to Alan Scott user
- With your mouse, click its ID
- This should open the link https://graph.microsoft.com/v1.0/users/<UID of the user>
- Append /memberof to that link
- You should see the groups Alan Scott is in
Open https://graph.microsoft.io/en-us/docs and try different queries.