Cannot get complete signed in user AAD details through the azure graph api

1
votes

i used https://github.com/Wintellect/node-azure-oauth sample code to authenticate with OAuth2 Against Azure Active Directory and it is working fine O365 user(any domain).

then add https://github.com/fhellwig/azure-graphapi code to call azure graph api to get user group data using the access token. but it only show my active directory data(application registered directory) not the signed in users data.

i changed multi tenant & application permission configuration options. but didnt success and i use my tenant(ex : abcedf@onmicrosoft.com) to call graph api. how do i pull signed in users details

2
node.jsazureoauth-2.0office365adal

2 Answers

0
votes

If you have an identifier for your user, then you can make the following REST call:

GET graph.windows.net/myorganization/users/#User_Identifier_Here#/memberOf?api-version=1.5

User identifiers can be the user's objectId or the user's user principal name. For an example, if you had the user principal name of the user, the query would be:

GET graph.windows.net/myorganization/users/user@contoso.com/memberOf?api-version=1.5

This is included in the list of queries here:

https://msdn.microsoft.com/en-us/library/azure/jj126255.aspx

0
votes

Tenant id should belong to end users tenant not the publishers tenant with bearer authorization header

https://graph.windows.net/<tenant id>/table?api-version=1.5