Azure Graph - Retrieve user by ImmutableId - Filter issue

0
votes

I am trying to look up Azure user using the Immutable ID but it is not working. Looking up the Azure user manually, I can see that the immutable id is populated, (actual attribute name is 'immutableId'), and matching what I am trying to query.

Actually I have not been able to retrieve any users using any filter, for example: https://graph.windows.net/{tenant}/users?&api-version={version}?$filter=startswith(displayName,'{startofuid}')

Different test uris:

https://graph.windows.net/{tenant}/users?&api-version={version}?$filter=immutableId eq '{id}'

https://graph.windows.net/{tenant}/users?&api-version={version}?$filter=immutableId+eq+'{id}'

https://graph.windows.net/{tenant}/users?&api-version={version}?$filter=startswith(immutableId,'{id}')

https://graph.windows.net/{tenant}/users?&api-version={version}?$filter=startswith(immutableId%2C+'{id}')

Normal resource lookup works:

https://graph.windows.net/{tenant}/users/{azureguid}?&api-version={version}

Any ideas what might be wrong?

3
apigraphazure-active-directory
Try to use: https://graph.microsoft.com/v1.0/users?$filter=onPremisesImmutableId+eq+'{id}'Carl Zhao

3 Answers

1
votes

Starting on June 30, 2020, Microsoft will officially no longer add any new features to the Azure AD Graph API. It is recommended that you upgrade your application to use Microsoft Graph API instead of Azure AD Graph API to access Azure Active Directory resources.

You can use the onPremisesImmutableId property to retrieve the user.Then use the graph-explorer tool to test, don’t forget to grant permissions to your api.

enter image description here

-1
votes

Get-AzureADUser -Filter "immutableid eq 'ABCD'"