Identity Management
Generic endpoint for making Graph API requests with different parameters
The Graph API endpoint to call
{"value":"users"}Whether to use manual pagination
Fields to select
Whether to include count
Field to order by
Number of records to return
Response format
Successful response
GET /api/ListGraphRequest?Endpoint=text HTTP/1.1
Host:
Accept: */*
Successful response
{
"Results": [
{}
],
"Metadata": {}
}Creates a temporary access password for a user
User Principal Name
Successful response
POST /api/ExecCreateTAP HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 13
{
"ID": "text"
}Successful response
No content
Sets per-user MFA for a user
User Principal Name
MFA State
Successful response
POST /api/ExecPerUserMFA HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 36
{
"userId": "text",
"State": "Enforced"
}Successful response
No content
Converts a mailbox between shared and regular types
User Principal Name
Mailbox Type
Successful response
POST /api/ExecConvertMailbox HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 37
{
"ID": "text",
"MailboxType": "!Shared"
}Successful response
No content
Sets or disables out of office for a user
User Principal Name
Auto Reply State
Out of Office Message
Successful response
POST /api/ExecSetOoO HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 59
{
"userId": "text",
"AutoReplyState": "Enabled",
"input": "text"
}Successful response
No content
Edits a group, including adding/removing members and owners
Tenant ID
Group ID to add member to
Members to add
Owners to add
Members to remove
Owners to remove
Single member to add
Successful response
POST /api/EditGroup HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 143
{
"tenantId": "text",
"groupId": "text",
"AddMember": [
"text"
],
"AddOwner": [
"text"
],
"RemoveMember": [
"text"
],
"RemoveOwner": [
"text"
],
"addMember": "text"
}Successful response
No content
Lists groups in the tenant
Group ID to get details for
Tenant to filter by
Whether to include members
Whether to include owners
Successful response
GET /api/ListGroups HTTP/1.1
Host:
Accept: */*
Successful response
{
"groupInfo": {},
"members": [
{}
],
"owners": [
{}
]
}Manages email forwarding for a user
User Principal Name
User Principal Name
Forward Option
Successful response
POST /api/ExecEmailForward HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 58
{
"username": "text",
"userid": "text",
"ForwardOption": "text"
}Successful response
No content
Pre-provisions OneDrive for a user
User Principal Name
Successful response
POST /api/ExecOneDriveProvision HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 28
{
"UserPrincipalName": "text"
}Successful response
No content
Adds a shortcut to a SharePoint site in a user's OneDrive
User Principal Name
User ID
SharePoint Site URL
Successful response
POST /api/ExecOneDriveShortCut HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 52
{
"username": "text",
"userid": "text",
"siteUrl": "text"
}Successful response
No content
Blocks or unblocks sign-in for a user
User ID
Whether to enable the user
Successful response
POST /api/ExecDisableUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 27
{
"ID": "text",
"Enable": true
}Successful response
No content
Resets a user's password
Whether the user must change password at next logon
User Principal Name
User Display Name
Successful response
POST /api/ExecResetPass HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 52
{
"MustChange": true,
"ID": "text",
"displayName": "text"
}Successful response
No content
Revokes all sessions for a user
User ID
User Principal Name
Successful response
POST /api/ExecRevokeSessions HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 31
{
"ID": "text",
"Username": "text"
}Successful response
No content
Creates a new user
Tenant ID
First Name
Last Name
Mail Nickname
Successful response
POST /api/AddUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 174
{
"tenantFilter": "text",
"givenName": "text",
"surname": "text",
"mailNickname": "text",
"primDomain": {
"label": "text",
"value": "text"
},
"usageLocation": {
"label": "text",
"value": "text"
}
}Successful response
No content
Lists users with MFA information
Successful response
GET /api/ListMFAUsers HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"UPN": "text",
"AccountEnabled": "text",
"isLicensed": "text",
"MFARegistration": "text",
"PerUser": "text",
"CoveredBySD": "text",
"CoveredByCA": "text",
"MFAMethods": [
"text"
],
"CAPolicies": [
"text"
]
}
]Lists sign-in events
Number of days to look back
Custom filter
Whether to show only failed logons
Failure threshold
Successful response
GET /api/ListSignIns HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"createdDateTime": "text",
"userPrincipalName": "text",
"clientAppUsed": "text",
"authenticationRequirement": "text",
"errorCode": "text",
"additionalDetails": "text",
"ipAddress": "text",
"locationcipp": "text"
}
]Lists inactive user accounts (6 months)
Successful response
GET /api/ListInactiveAccounts HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"tenantDisplayName": "text",
"userPrincipalName": "text",
"displayName": "text",
"lastSignInDateTime": "text",
"lastNonInteractiveSignInDateTime": "text",
"numberOfAssignedLicenses": 1,
"lastRefreshedDateTime": "text"
}
]Lists Azure AD Connect status
Type of data to return
Successful response
GET /api/ListAzureADConnectStatus HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"displayName": "text",
"ObjectType": "text",
"createdDateTime": "text",
"onPremisesProvisioningErrors": [
{}
]
}
]Hides or unhides a group from the Global Address List
Group Email
Group Type
Whether to hide from GAL
Successful response
POST /api/ExecGroupsHideFromGAL HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 51
{
"ID": "text",
"GroupType": "text",
"HidefromGAL": true
}Successful response
No content
Manages delivery settings for a group
Group Email
Group Type
Whether to only allow internal messages
Successful response
POST /api/ExecGroupsDeliveryManagement HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 57
{
"ID": "text",
"GroupType": "text",
"OnlyAllowInternal": true
}Successful response
No content
Deletes a group
Group ID
Group Type
Group Display Name
Successful response
POST /api/ExecGroupsDelete HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"ID": "text",
"GroupType": "text",
"DisplayName": "text"
}Successful response
No content
Creates a new group
Tenant ID
Group Name
Group Type
Successful response
POST /api/AddGroup HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 61
{
"tenantFilter": "text",
"groupName": "text",
"groupType": "text"
}Successful response
No content
Dismisses the risk for a user
User ID
User Display Name
Successful response
POST /api/ExecDismissRiskyUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 42
{
"userId": "text",
"userDisplayName": "text"
}Successful response
No content
Creates or updates a JIT admin
Tenant ID
User Action
First Name
Last Name
Username
Domain Name
Existing User
Start Date
End Date
Admin Roles
Generate TAP
Expiration Action
Successful response
POST /api/ExecJITAdmin HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 278
{
"tenantFilter": "text",
"userAction": "create",
"firstName": "text",
"lastName": "text",
"userName": "text",
"domain": "text",
"existingUser": "text",
"startDate": "2025-08-26",
"endDate": "2025-08-26",
"adminRoles": [
"text"
],
"UseTAP": true,
"expireAction": "DeleteUser",
"postExecution": [
"Webhook"
]
}Successful response
No content
Enables, disables, or deletes a device
Device ID
Action to perform
Successful response
POST /api/ExecDeviceDelete HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 32
{
"ID": "text",
"action": "!Enable"
}Successful response
No content
Lists deleted items
Successful response
GET /api/ListDeletedItems HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"displayName": "text",
"TargetType": "text",
"userPrincipalName": "text",
"deletedDateTime": "text",
"onPremisesSyncEnabled": true
}
]Offboards a user
Tenant ID
Users to offboard
Successful response
POST /api/ExecOffboardUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 68
{
"tenantFilter": "text",
"user": [
"text"
],
"Scheduled": {
"enabled": true
}
}Successful response
No content
Executes an action on a community repository
Action to perform
Template GUID
Repository Full Name
Commit Message
Successful response
POST /api/ExecCommunityRepo HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 76
{
"Action": "UploadTemplate",
"GUID": "text",
"FullName": "text",
"Message": "text"
}Successful response
No content
Lists community repositories
Whether to only show repositories with write access
Successful response
GET /api/ListCommunityRepos HTTP/1.1
Host:
Accept: */*
Successful response
{
"Results": [
{
"FullName": "text"
}
]
}Creates a new group template
Tenant ID
Template Display Name
Template Description
Group Type
Successful response
POST /api/AddGroupTemplate HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 84
{
"tenantFilter": "text",
"Displayname": "text",
"Description": "text",
"groupType": "text"
}Successful response
No content
Last updated
Was this helpful?