azuregraphmicrosoft-entra-id

Getting the user's AcccountEnabled property true/false instead of NULL


Does someone have a complete cookbook on how to get the AccountEnabled property using the Microsoft.Graph library (not REST), including the relevant permissions needed on the EntraID app to make it available?

Want true/false instead of NULLs.

I have tried with all permissions I can think of (User.Read, User.Read.All, User.ReadBasic.All, User.ReadWrite, User.ReadWrite.All), but the AccountEnabled is always NULL.

Method for getting the user list:

    public async Task<List<User>> GetUserList()
    {
        UserCollectionResponse userCollectionResponse = await GraphClient.Users.GetAsync();



   List<User> userList = new List<User>();

    PageIterator<User, UserCollectionResponse> pageIterator =
        PageIterator<User, UserCollectionResponse>.CreatePageIterator(
            GraphClient, userCollectionResponse,
            user => { userList.Add(user); return true; });

    await pageIterator.IterateAsync();

    return userList;
}

Solution

  • Note that, Graph SDK doesn’t return all user properties by default. You need to explicitly include accountEnabled in the .Select clause of your request. If it's not specified, it will return NULL, even if the permissions are correctly configured.

    Initially, register one application and grant User.Read.All permission of Application type with admin consent as below:

    enter image description here

    Now, make use of below sample c# code that uses Microsoft.Graph library to get AccountEnabled property of users:

    using Azure.Identity;
    using Microsoft.Graph;
    using Microsoft.Graph.Models;
    
    var tenantId = "tenantId";
    var clientId = "appId";
    var clientSecret = "secret";
    
    var scopes = new[] { "https://graph.microsoft.com/.default" };
    
    var credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
    var graphClient = new GraphServiceClient(credential, scopes);
    
    var response = await graphClient.Users.GetAsync(requestConfig =>
    {
        requestConfig.QueryParameters.Select = new[] { "id", "displayName", "accountEnabled" };
    });
    
    var users = new List<User>();
    
    var iterator = PageIterator<User, UserCollectionResponse>.CreatePageIterator(
        graphClient,
        response!,
        async user =>
        {
            Console.WriteLine($"Name: {user.DisplayName}");
            Console.WriteLine($"ID: {user.Id}");
            Console.WriteLine($"Account Enabled: {user.AccountEnabled}");
            Console.WriteLine(new string('-', 30));
            users.Add(user);
            return await Task.FromResult(true);
        });
    
    await iterator.IterateAsync();
    

    Response:

    enter image description here

    Reference:

    List users with Optional query parameters - Microsoft Graph v1.0