By using msal in Python to create a token, I'm attempting to assign a license to the user.
import msal
client_id = xxx
client_secret= xxx
tenant_id = xxx
authority = f"https://login.microsoftonline.com/{tenant_id}"
scopes = ['https://graph.microsoft.com/.default']
app = msal.ConfidentialClientApplication(client_id, client_secret, authority=authority)
result = app.acquire_token_for_client(scopes)
access_token = result['access_token']
print(access_token)
Where can I find license SKU Id? Nowhere in Portal can I find it. Or is there a way to get it from graph call or powershell?
Once I have the SkuId, I want to assign that license to the user. This is the license assignment document that I've managed to obtain so far, but lost at SkuId part:
https://learn.microsoft.com/en-us/graph/api/user-assignlicense?view=graph-rest-1.0&tabs=http
To get the value of SKU IDs of Office 365 licenses, you can make use of below Graph API call:
GET https://graph.microsoft.com/v1.0/subscribedSkus?$select=skuPartNumber,skuId
I registered one Azure AD application and granted API permissions:
I used below python code to get access token and print SKU IDs of existing licenses in organization:
import msal
import requests
client_id = "appID"
client_secret= "secret"
tenant_id = "tenantID"
authority = f"https://login.microsoftonline.com/{tenant_id}"
scopes = ['https://graph.microsoft.com/.default']
app = msal.ConfidentialClientApplication(client_id, client_secret, authority=authority)
result = app.acquire_token_for_client(scopes)
access_token = result['access_token']
print(access_token)
url = "https://graph.microsoft.com/v1.0/subscribedSkus?$select=skuPartNumber,skuId"
headers = {
"Authorization": "Bearer " + access_token
}
response = requests.get(url, headers=headers)
data = response.json()
for sku in data['value']:
print("\nSKU Part Number:", sku['skuPartNumber'])
print("SKU ID:", sku['skuId'])
print()
Response:
You can assign license to user with below python code by adding few lines:
import msal
import requests
client_id = "appID"
client_secret= "secret"
tenant_id = "tenantID"
authority = f"https://login.microsoftonline.com/{tenant_id}"
scopes = ['https://graph.microsoft.com/.default']
app = msal.ConfidentialClientApplication(client_id, client_secret, authority=authority)
result = app.acquire_token_for_client(scopes)
access_token = result['access_token']
print(access_token)
url = "https://graph.microsoft.com/v1.0/users/xxxxxxxxx/assignLicense"
headers = {
"Authorization": "Bearer " + access_token,
"Content-type": "application/json"
}
payload = {
"addLicenses": [
{
"skuId": "c7df2760-2c81-4ef7-b578-5b5392b571df"
}
],
"removeLicenses": []
}
response = requests.post(url, headers=headers, json=payload)
print(response.status_code)
print(response.json())
Response:
To confirm that, I checked the same in Portal where Office 365 E5
license assigned successfully to user:
Reference: List subscribedSkus - Microsoft Graph v1.0