I am using below code to get all user information such as DisplayName ,Office ,Manager name ,Office Phones etc.
But for few users ,its not returning Mobile Phone and Office Phone information.
using Microsoft.Graph;
using Microsoft.Identity.Client;
using System;
namespace MSGraphAPI
{
class Program
{
private static string clientId = "XXXXXXXXXX";
private static string tenantID = "XXXXX";
private static string objectId = "XXXXX";
private static string clientSecret = "XXXX";
static async System.Threading.Tasks.Task Main(string[] args)
{
// IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
//.Create(clientId)
//.WithTenantId(tenantID)
//.WithClientSecret(clientSecret)
//.Build();
// ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClientApplication);
// GraphServiceClient graphClient = new GraphServiceClient(authProvider);
// var users = await graphClient.Users
// .Request()
// .GetAsync();
int Flag = 0;
var tenantId = "XXXXX.onmicrosoft.com";
// The client ID of the app registered in Azure AD
var clientId = "XXXX";
// *Never* include client secrets in source code!
var clientSecret = "XXXXX"; // Or some other secure place.
// The app registration should be configured to require access to permissions
// sufficient for the Microsoft Graph API calls the app will be making, and
// those permissions should be granted by a tenant administrator.
var scopes = new string[] { "https://graph.microsoft.com/.default" };
// Configure the MSAL client as a confidential client
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/XXXX.onmicrosoft.com/v2.0")
.WithClientSecret(clientSecret)
.Build();
// Build the Microsoft Graph client. As the authentication provider, set an async lambda
// which uses the MSAL client to obtain an app-only access token to Microsoft Graph,
// and inserts this access token in the Authorization header of each API request.
GraphServiceClient graphServiceClient =
new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) => {
// Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
// Add the access token in the Authorization header of the API request.
requestMessage.Headers.Authorization =
new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
// Make a Microsoft Graph API query
var users = await graphServiceClient.Users.Request().GetAsync();
// var groups = await graphServiceClient.Groups.Request().GetAsync();
// IGraphServiceUsersCollectionPage userss = await graphServiceClient.Users.Request().GetAsync();
do
{
foreach (User user in users)
{
Console.WriteLine(user.DisplayName);
Console.WriteLine(user.BusinessPhones);
Console.WriteLine(user.MobilePhone);
// Console.WriteLine($"{user.Id}");
Flag++;
}
}
while (users.NextPageRequest != null && (users = await users.NextPageRequest.GetAsync()).Count > 0);
Console.WriteLine("------");
Console.WriteLine(Flag);
}
}
}
I have tried below scope:
var scopes = new string[] { "https://graph.microsoft.com/User.ReadWrite.All"};
But, this throws an exception :
MsalServiceException: AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid. The scope https://graph.microsoft.com/User.ReadWrite.All is not valid. Trace ID: XXXX-c578-42af-8bd2-7ddd54ee9201
I cross checked in Azure Active Directory Portal,all users are configured with Business Phones and Mobile Phones. Please help.