Identity Management
Generic endpoint for making Graph API requests with different parameters
The Graph API endpoint to call
{"value":"users"}Whether to use manual pagination
Fields to select
Whether to include count
Field to order by
Number of records to return
Response format
GET /api/ListGraphRequest?Endpoint=text HTTP/1.1
Host:
Accept: */*
Successful response
{
"Results": [
{}
],
"Metadata": {}
}Creates a temporary access password for a user
User Principal Name
POST /api/ExecCreateTAP HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 13
{
"ID": "text"
}Successful response
No content
Sets per-user MFA for a user
User Principal Name
MFA State
POST /api/ExecPerUserMFA HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 36
{
"userId": "text",
"State": "Enforced"
}Successful response
No content
Converts a mailbox between shared and regular types
User Principal Name
Mailbox Type
POST /api/ExecConvertMailbox HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 37
{
"ID": "text",
"MailboxType": "!Shared"
}Successful response
No content
Sets or disables out of office for a user
User Principal Name
Auto Reply State
Out of Office Message
POST /api/ExecSetOoO HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 59
{
"userId": "text",
"AutoReplyState": "Enabled",
"input": "text"
}Successful response
No content
Edits a group, including adding/removing members and owners
Tenant ID
Group ID to add member to
Members to add
Owners to add
Members to remove
Owners to remove
Single member to add
POST /api/EditGroup HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 143
{
"tenantId": "text",
"groupId": "text",
"AddMember": [
"text"
],
"AddOwner": [
"text"
],
"RemoveMember": [
"text"
],
"RemoveOwner": [
"text"
],
"addMember": "text"
}Successful response
No content
Lists groups in the tenant
Group ID to get details for
Tenant to filter by
Whether to include members
Whether to include owners
GET /api/ListGroups HTTP/1.1
Host:
Accept: */*
Successful response
{
"groupInfo": {},
"members": [
{}
],
"owners": [
{}
]
}Manages email forwarding for a user
User Principal Name
User Principal Name
Forward Option
POST /api/ExecEmailForward HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 58
{
"username": "text",
"userid": "text",
"ForwardOption": "text"
}Successful response
No content
Pre-provisions OneDrive for a user
User Principal Name
POST /api/ExecOneDriveProvision HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 28
{
"UserPrincipalName": "text"
}Successful response
No content
Adds a shortcut to a SharePoint site in a user's OneDrive
User Principal Name
User ID
SharePoint Site URL
POST /api/ExecOneDriveShortCut HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 52
{
"username": "text",
"userid": "text",
"siteUrl": "text"
}Successful response
No content
Blocks or unblocks sign-in for a user
User ID
Whether to enable the user
POST /api/ExecDisableUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 27
{
"ID": "text",
"Enable": true
}Successful response
No content
Resets a user's password
Whether the user must change password at next logon
User Principal Name
User Display Name
POST /api/ExecResetPass HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 52
{
"MustChange": true,
"ID": "text",
"displayName": "text"
}Successful response
No content
Revokes all sessions for a user
User ID
User Principal Name
POST /api/ExecRevokeSessions HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 31
{
"ID": "text",
"Username": "text"
}Successful response
No content
Creates a new user
Tenant ID
First Name
Last Name
Mail Nickname
POST /api/AddUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 174
{
"tenantFilter": "text",
"givenName": "text",
"surname": "text",
"mailNickname": "text",
"primDomain": {
"label": "text",
"value": "text"
},
"usageLocation": {
"label": "text",
"value": "text"
}
}Successful response
No content
Lists users with MFA information
GET /api/ListMFAUsers HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"UPN": "text",
"AccountEnabled": "text",
"isLicensed": "text",
"MFARegistration": "text",
"PerUser": "text",
"CoveredBySD": "text",
"CoveredByCA": "text",
"MFAMethods": [
"text"
],
"CAPolicies": [
"text"
]
}
]Lists sign-in events
Number of days to look back
Custom filter
Whether to show only failed logons
Failure threshold
GET /api/ListSignIns HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"createdDateTime": "text",
"userPrincipalName": "text",
"clientAppUsed": "text",
"authenticationRequirement": "text",
"errorCode": "text",
"additionalDetails": "text",
"ipAddress": "text",
"locationcipp": "text"
}
]Lists inactive user accounts (6 months)
GET /api/ListInactiveAccounts HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"tenantDisplayName": "text",
"userPrincipalName": "text",
"displayName": "text",
"lastSignInDateTime": "text",
"lastNonInteractiveSignInDateTime": "text",
"numberOfAssignedLicenses": 1,
"lastRefreshedDateTime": "text"
}
]Lists Azure AD Connect status
Type of data to return
GET /api/ListAzureADConnectStatus HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"displayName": "text",
"ObjectType": "text",
"createdDateTime": "text",
"onPremisesProvisioningErrors": [
{}
]
}
]Hides or unhides a group from the Global Address List
Group Email
Group Type
Whether to hide from GAL
POST /api/ExecGroupsHideFromGAL HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 51
{
"ID": "text",
"GroupType": "text",
"HidefromGAL": true
}Successful response
No content
Manages delivery settings for a group
Group Email
Group Type
Whether to only allow internal messages
POST /api/ExecGroupsDeliveryManagement HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 57
{
"ID": "text",
"GroupType": "text",
"OnlyAllowInternal": true
}Successful response
No content
Deletes a group
Group ID
Group Type
Group Display Name
POST /api/ExecGroupsDelete HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"ID": "text",
"GroupType": "text",
"DisplayName": "text"
}Successful response
No content
Creates a new group
Tenant ID
Group Name
Group Type
POST /api/AddGroup HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 61
{
"tenantFilter": "text",
"groupName": "text",
"groupType": "text"
}Successful response
No content
Dismisses the risk for a user
User ID
User Display Name
POST /api/ExecDismissRiskyUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 42
{
"userId": "text",
"userDisplayName": "text"
}Successful response
No content
Creates or updates a JIT admin
Tenant ID
User Action
First Name
Last Name
Username
Domain Name
Existing User
Start Date
End Date
Admin Roles
Generate TAP
Expiration Action
POST /api/ExecJITAdmin HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 278
{
"tenantFilter": "text",
"userAction": "create",
"firstName": "text",
"lastName": "text",
"userName": "text",
"domain": "text",
"existingUser": "text",
"startDate": "2025-08-03",
"endDate": "2025-08-03",
"adminRoles": [
"text"
],
"UseTAP": true,
"expireAction": "DeleteUser",
"postExecution": [
"Webhook"
]
}Successful response
No content
Enables, disables, or deletes a device
Device ID
Action to perform
POST /api/ExecDeviceDelete HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 32
{
"ID": "text",
"action": "!Enable"
}Successful response
No content
Lists deleted items
GET /api/ListDeletedItems HTTP/1.1
Host:
Accept: */*
Successful response
[
{
"displayName": "text",
"TargetType": "text",
"userPrincipalName": "text",
"deletedDateTime": "text",
"onPremisesSyncEnabled": true
}
]Offboards a user
Tenant ID
Users to offboard
POST /api/ExecOffboardUser HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 68
{
"tenantFilter": "text",
"user": [
"text"
],
"Scheduled": {
"enabled": true
}
}Successful response
No content
Executes an action on a community repository
Action to perform
Template GUID
Repository Full Name
Commit Message
POST /api/ExecCommunityRepo HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 76
{
"Action": "UploadTemplate",
"GUID": "text",
"FullName": "text",
"Message": "text"
}Successful response
No content
Lists community repositories
Whether to only show repositories with write access
GET /api/ListCommunityRepos HTTP/1.1
Host:
Accept: */*
Successful response
{
"Results": [
{
"FullName": "text"
}
]
}Creates a new group template
Tenant ID
Template Display Name
Template Description
Group Type
POST /api/AddGroupTemplate HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 84
{
"tenantFilter": "text",
"Displayname": "text",
"Description": "text",
"groupType": "text"
}Successful response
No content
Last updated
Was this helpful?