In our Azure active directory, we have 3 different office 365 subscriptions, each with some 20 odd users. And my license is part of one of those subscriptions. I've created an application under "App registrations" and given Microsoft Graph API permissions. When I call any Graph API, it returns only the data for the subscription that I am part of. How the API determines this, since there is no email account related info in the API requests. I would assume an app in the Azure AD can access all the subscriptions in the same tenant. Is there a way to fetch data across all the office 365 subscriptions?
0
votes
Hi, could you please clarify what you mean by you have 3 different office 365 subscriptions in your azure AD? do you mean you have 20 users with O365 E1 licenses, 20 users with O365 E3 licenses, etc?
– alphaz18
Please add more details. Which endpoints are you calling? Please provide the request.
– Allen Wu
@alphaz18. Yes, that's what I mean.
– Iam_MK87
1 Answers
0
votes
as per your response on what you meant by subscription, you should have no issue accessing user data through regular graph calls, for example if you call the https://graph.microsoft.com/v1.0/users endpoint you should see all 60ish users,
make sure your app api permissions are correct. it sounds like under api permissions of your application registration, you may have given it delegated permissions instead of than applications permissions. if you are using delegated permissions, then you have to make sure that your user has the correct role assignment in azure ad. otherwise just switch to application permissions
if you have them set correctly, then as Allen Wu stated, please specify an example graph endpoint you are trying to get information from and maybe a screenshot of your api permissions page of your app registration.
