AAD user extension properties using Microsoft graph client sdk

1
votes

I'm trying to fetch the extension properties of the user added in Azure active directory using the Microsoft GraphClient sdk.

ie, I need the result of the command below using Graph client.

Using Microsoft.Graph, Version=3.4.0.0.

PS C:\WINDOWS\system32> Get-AzureADUser -ObjectId [email protected] |select -ExpandProperty 
ExtensionProperty

Key                                                             Value
---                                                             -----
odata.metadata                                                  https://graph.windows.net/d29b7a9b- 
6edb-4720-99a8-3c5c6c3eeeb0/$metadata#directoryObjects/@Element
odata.type                                                      Microsoft.DirectoryServices.User
createdDateTime
employeeId                                                      50413382
onPremisesDistinguishedName
[email protected]                              directoryObjects/8cc715a1-0698-4d1a- 
8f49-441a84b6dbc4/Microsoft.DirectoryServices.User/thumbnailPhoto
[email protected]                           image/Jpeg
userIdentities                                                  []
extension_10a03227b5f146ad8a0087cf0bafd627_division             
|30103611|50435526|50230396|10192257|86009851
extension_10a03227b5f146ad8a0087cf0bafd627_company              wingtiptoys Inc.
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute10 GF
extension_10a03227b5f146ad8a0087cf0bafd627_employeeID           50413382
extension_10a03227b5f146ad8a0087cf0bafd627_cn                   50413382
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute8  wingtiptoys Inc. Inc.
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute7  Chuck
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute6  US11
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute5  US1-Rochester, NY- Site
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute4  USC
extension_10a03227b5f146ad8a0087cf0bafd627_extensionAttribute2  Regular
extension_10a03227b5f146ad8a0087cf0bafd627_employeeType         ARR

Any help is appreciated.

1
c#azure-active-directorymicrosoft-graph-apimicrosoft-graph-sdks
Hi Sumith, please refer to the solution I provided below. If it helps your problem, please accept it as answer(click on the check mark beside my answer to toggle it from greyed out to filled in). Thanks in advance~Hury Shen
Perfect. It worked!!!. Thanks for the clear explanation @Hury Shen.Sumith Jose

1 Answers

1
votes

For this problem, we need to know one thing before do it.

The powershell command request the "Azure AD graph api" in the backend but not "Microsoft graph api" because we can see the host is https://graph.windows.net..... If use "Microsoft graph api", it should be https://graph.microsoft.com....

The extension you request can just access by "Azure AD graph api" but can not access by "Microsoft graph api" although there is a property like extension in the response of "Microsoft graph api(get user)". So we need to use Azure AD graph SDK but not use Microsoft.Graph.

According to search on internet, very little information can be found about how to use Azure AD graph SDK. And the latest version of the sdk updated on 10/17/2016 because Microsoft hasn't updated "Azure AD graph" for a long time. I'm not clear how to use Azure AD graph SDK, so I suggest you to request the Azure AD graph api directly in your code. You can refer to my solution below:

1. You need to register a app in your AD and add the permission to it(add Azure AD graph permission but not Microsoft graph permission).

enter image description here

enter image description here

2. After that, we can request the Azure AD graph api by the code below:

using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Threading.Tasks;

namespace ConsoleApp25
{
    class Program
    {
        static async Task Main(string[] args)
        {
            Console.WriteLine("Hello World!");

            //request for the access token
            HttpClient client = new HttpClient();
            var values = new Dictionary<string, string>
            {
                { "client_id", "<client_id>" },
                { "scope", "https://graph.windows.net/.default" },
                { "client_secret", "<client_secret>" },
                { "grant_type", "client_credentials" },
            };
            var content = new FormUrlEncodedContent(values);
            var response = await client.PostAsync("https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token", content);
            var responseString = await response.Content.ReadAsStringAsync();

            //parse the responseString and get the access_token in it
            dynamic json = JsonConvert.DeserializeObject(responseString);
            var token = json.access_token;

            //use the access token to request the azure ad graph api
            HttpClient client1 = new HttpClient();
            client1.DefaultRequestHeaders.Add("Authorization", "Bearer " + token);
            var response1 = await client1.GetAsync("https://graph.windows.net/<tenant_id>/users/[email protected]?api-version=1.6");
            var responseString1 = await response1.Content.ReadAsStringAsync();

            Console.WriteLine(responseString1);
        }
    }
}

The responseString1 contains all of the fields of the user, you need to parse the json and get the extension you want.