Add User to Azure Active Directory using https://graph.microsoft.com with ActiveDirectoryClient

1
votes

I'm trying to add a user to my Azure tenant's Active Directory.

I'm using Microsoft Graph API. The same one exposed through Graph Explorer here.

The problem is that no matter what serviceRoot URI I pass, I'm getting an exception.

I successfully get a token in GetTokenForApplication method:

ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
                      async () => await GetTokenForApplication());

However, when I call:

await activeDirectoryClient.Users.AddUserAsync(aadUser);

It throws this exception:

 "{\r\n
    \"error\": {\r\n
                   \"code\": \"BadRequest\",\r\n
                   \"message\": \"Query parameter api-version not allowed\",\r\n    
                   \"innerError\": {\r\n
                                    \"request-id\": \"57327a85-8320-4363-b5f9-aeacdf782861\",\r\n
                                    \"date\": \"2019-05-30T21:59:55\"\r\n
                                   }\r\n
               }\r\n
}"

This is the serviceRoot URI I'm using: "https://graph.microsoft.com/v1.0"

What URI should I pass in serviceRoot?

Is ActiveDirectoryClient compatible with Microsoft Graph? I ask because the sample where I saw ActiveDirectoryClient being used was using Azure AD Graph API.

This blog post shows the difference between the old Azure AD Graph API and the new Microsoft Graph API. By the way: Microsoft advises us to use Microsoft Graph API because all new development is going to be concentrated on it.

1
azureazure-active-directorymicrosoft-graph-apiazure-ad-graph-api

1 Answers

1
votes

I think you are trying to use the newer Microsoft Graph API (https://graph.microsoft.com) but using the client library for older Azure AD Graph API (https://graph.windows.net)

You can read about the comparison in detail here - Microsoft Graph or the Azure AD Graph

Here are nuget package and class details:

Microsoft Graph API

  • Microsoft.Graph nuget package - to work with Microsoft Graph API and use GraphServiceClient class.

Azure AD Graph API

  • Microsoft.Azure.ActiveDirectory.GraphClient nuget package - to work with Azure AD Graph API and use ActiveDirectoryClient class.

Code for Microsoft Graph API Client

Microsoft Docs - Create User - SDK Sample Code

GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var user = new User
{
    AccountEnabled = true,
    DisplayName = "displayName-value",
    MailNickname = "mailNickname-value",
    UserPrincipalName = "upn-value@tenant-value.onmicrosoft.com",
    PasswordProfile = new PasswordProfile
    {
        ForceChangePasswordNextSignIn = true,
        Password = "password-value"
    }
};

await graphClient.Users
    .Request()
    .AddAsync(user);