Microsoft Graph returning Resource Not Found

0
votes

I've registered an app in Azure AD and given it API permissions(both Application and delegated) to read all AD groups (Group.Read.All, also Directory.Read.All etc). Using this app I am using Graph Service Client to make a call to get user's AD groups.

 public async Task<IEnumerable<GroupInfo>> GetAllGroupsOfUser(string mail)
    {
        IList<GroupInfo> result = new List<GroupInfo>();

        IUserMemberOfCollectionWithReferencesPage memberOfGroups = await _graphServiceClient.Users[mail].MemberOf.Request().GetAsync();

       .......... More code ........
     }

It works fine for most of the users email but for few emails, which are present in the active directory, I'm getting the following exception

Code: Request_ResourceNotFound Message: Resource '[email protected]' does not exist or one of its queried reference-property objects are not present.

1
microsoft-graph-apiazure-ad-graph-api
The error states that the user is not present in AAD.The users may not have synced to the AzureAD from AD. Check if that user is present in Azure AD or not and then give a try with the same user. - Shiva Keshav Varma
That was the 1st thing I checked these users are present in AD - rumi
Were they present in Azure Active Directory? Because Microsoft Graph API checks the users in Azure Active Directory but not on-premise AD. - Shiva Keshav Varma
Yes, we can. You just need to have Directory.Read.All permission. - Shiva Keshav Varma
Graph Explorer is also an app in your tenant which uses a user context flow and get the user token and it also needs permissions separately. So, as you already have a token for your own app you can use it in POSTMAN and make the call. - Shiva Keshav Varma

1 Answers

0
votes

Your error is not that you lack certain permissions, and it has nothing to do with which api testing tool you are using. Your error is very simple. As your error message says, it is that you entered the wrong user email.

Your error message has clearly stated that there is no'[email protected]' email, because this is not a correct email, it should be .com instead of .co.

So you must make sure that you enter the correct email without special characters or spaces.

This is my test result:

1. enter image description here

2. enter image description here