Is it possible to see all of the Groups and all of the Users inside those Groups using Microsoft Graph? I don't see anything like that in the documentation.
When calling:
https://graph.microsoft.com/v1.0/groups/
I get the information about my Groups but I don't see any information about the Users in those Groups.
I have also tried calling:
https://graph.microsoft.com/v1.0/{{userID}}/memberOf
and I get the following error:
{
"error": {
"code": "BadRequest",
"message": "Resource not found for the segment 'memberOf'.",
"innerError": {
"request-id": "13488c8e-124f-4161-ad2b-1dc03a302dc9",
"date": "2019-03-18T16:13:23"
}
}
}
Not sure why or if it's even related.
I granted the Service Principal all of the Microsoft Graph permissions.
I see 2 possible approaches that you could work with -
Make use of $expand
operator in the call for groups.
GET https://graph.microsoft.com/v1.0/groups?$expand=members
This way you could get information about groups and it's members in a single call. Here's a link to Microsoft documentation on $expand parameter
Disclaimer: Microsoft Docs for expand parameter have a note which says something like
With Azure AD resources that derive from directoryObject, like user and group, $expand is only supported for beta and typically returns a maximum of 20 items for the expanded relationship.
Although, above mentioned query, which uses v1.0 did work fine for me at least from Graph explorer with a low number of group members. So you may need to test further.
Find members for each group individually
In this approach you can use List Members API
GET https://graph.microsoft.com/v1.0/groups/{id}/members
Permissions required for each API are pretty well described in their respective documentation on Microsoft Docs links.