I am trying to add member in mail enabled security group using graph api, Is that possible?

Question

I am trying to add member in mail enabled security group using graph api, Is that possible?

Sourav Bhunia 31

I was able to add or remove users from the mail-enabled security group using graph API. but suddenly it stopped working. I am getting an error that the mail-enabled group can not update.

Please refer your ms doc

Diana Wanjuhi 1,376 Reputation points

2021-11-02T11:22:44.49+00:00

Hello @Sourav Bhunia thank you for reaching out. Would you kindly share the error message and request id so we can investigate?
Sourav Bhunia 31 Reputation points

2021-11-02T11:37:58.703+00:00

Hi. thanks for your reply. Please find the request ID And error massage below

RequestID: d890243a-c035-4c45-bab0-12c1b6c6a4f2
Error:
Code: Request_BadRequest
Message: Cannot Update a mail-enabled security groups and or distribution list.
Inner error:
AdditionalData:
date: 2021-11-02T11:35:17
request-id: d890243a-c035-4c45-bab0-12c1b6c6a4f2
client-request-id: d890243a-c035-4c45-bab0-12c1b6c6a4f2
ClientRequestId: d890243a-c035-4c45-bab0-12c1b6c6a4f2

Please let me know if you need any further information
Colin 21 Reputation points

2021-11-03T18:30:01.817+00:00

We are trying to do the same, according to the docs, managing Mail-Enabled Security Groups is not possible via Graph API.
https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/compare-groups?view=o365-worldwide

"$type": "Microsoft.Graph.ServiceException, Microsoft.Graph.Core",
"ClassName": "Microsoft.Graph.ServiceException",
"Message": "Code: Request_BadRequest
Message: Cannot Update a mail-enabled security groups and or distribution list.
Inner error:
\tAdditionalData:
\tdate: 2021-11-01T14:47:13
\trequest-id: 42ff0b15-1c2f-4f15-9907-71c5353797be
\tclient-request-id: 42ff0b15-1c2f-4f15-9907-71c5353797be
ClientRequestId: 42ff0b15-1c2f-4f15-9907-71c5353797be

Does Microsoft plan to expose an API to manage these type of groups in the near future?
Are there any work arounds?

Thank you.
Francis Ollivier 1 Reputation point

2021-11-18T15:05:33.237+00:00

Hi,
I had a similar issue with a PowerAutomate which used to add a member to a mail-enabled security group. End of october it suddenly stopped working with the same error message.

I suppose the root of the problem is the same; I was trying to fall back to Graph tas a workaround but I see it's not possible with Graph either, at least for now.

Do we know if it is a bug or if that is meant to be like that ? In the Graph documentation I do see it's supposed to be possible to add a member to a mail-enabled security group.

Thank you
Francis
Lenny 6 Reputation points

2022-09-07T15:58:35.207+00:00

Hi,

What other options are out there? How can I manage members within a Group (Distribution list)?

Thank you,
Lenny
Admin DL Shumate 16 Reputation points

2022-09-12T14:39:43.83+00:00

Great question Lenny. I'm perplexed how this can be? Is it 2022?
Julien BARREAU-MAINSON 41 Reputation points

2022-12-05T10:23:30.427+00:00

I can only agree with that statement, that's incredible !
Anonymous

2024-10-24T18:31:34.2266667+00:00

Still its not working :(
Whebert Souza 5 Reputation points

2025-05-08T13:58:22.3766667+00:00

2025 and nothing so far. Is there any way around it?
Blood Wolf Merlin 5 Reputation points

2025-05-30T00:16:52.5466667+00:00

Is mail enabled security group support on the Graph API roadmap? Any work arounds?

6 answers

Your answer

Diana Wanjuhi 1,376 Reputation points

2021-11-02T11:22:44.49+00:00

Hello @Sourav Bhunia thank you for reaching out. Would you kindly share the error message and request id so we can investigate?
Sourav Bhunia 31 Reputation points

2021-11-02T11:37:58.703+00:00

Hi. thanks for your reply. Please find the request ID And error massage below

RequestID: d890243a-c035-4c45-bab0-12c1b6c6a4f2
Error:
Code: Request_BadRequest
Message: Cannot Update a mail-enabled security groups and or distribution list.
Inner error:
AdditionalData:
date: 2021-11-02T11:35:17
request-id: d890243a-c035-4c45-bab0-12c1b6c6a4f2
client-request-id: d890243a-c035-4c45-bab0-12c1b6c6a4f2
ClientRequestId: d890243a-c035-4c45-bab0-12c1b6c6a4f2

Please let me know if you need any further information
Colin 21 Reputation points

2021-11-03T18:30:01.817+00:00

We are trying to do the same, according to the docs, managing Mail-Enabled Security Groups is not possible via Graph API.
https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/compare-groups?view=o365-worldwide

"$type": "Microsoft.Graph.ServiceException, Microsoft.Graph.Core",
"ClassName": "Microsoft.Graph.ServiceException",
"Message": "Code: Request_BadRequest
Message: Cannot Update a mail-enabled security groups and or distribution list.
Inner error:
\tAdditionalData:
\tdate: 2021-11-01T14:47:13
\trequest-id: 42ff0b15-1c2f-4f15-9907-71c5353797be
\tclient-request-id: 42ff0b15-1c2f-4f15-9907-71c5353797be
ClientRequestId: 42ff0b15-1c2f-4f15-9907-71c5353797be

Does Microsoft plan to expose an API to manage these type of groups in the near future?
Are there any work arounds?

Thank you.
Francis Ollivier 1 Reputation point

2021-11-18T15:05:33.237+00:00

Hi,
I had a similar issue with a PowerAutomate which used to add a member to a mail-enabled security group. End of october it suddenly stopped working with the same error message.

I suppose the root of the problem is the same; I was trying to fall back to Graph tas a workaround but I see it's not possible with Graph either, at least for now.

Do we know if it is a bug or if that is meant to be like that ? In the Graph documentation I do see it's supposed to be possible to add a member to a mail-enabled security group.

Thank you
Francis
Lenny 6 Reputation points

2022-09-07T15:58:35.207+00:00

Hi,

What other options are out there? How can I manage members within a Group (Distribution list)?

Thank you,
Lenny
Admin DL Shumate 16 Reputation points

2022-09-12T14:39:43.83+00:00

Great question Lenny. I'm perplexed how this can be? Is it 2022?
Julien BARREAU-MAINSON 41 Reputation points

2022-12-05T10:23:30.427+00:00

I can only agree with that statement, that's incredible !
Anonymous

2024-10-24T18:31:34.2266667+00:00

Still its not working :(
Whebert Souza 5 Reputation points

2025-05-08T13:58:22.3766667+00:00

2025 and nothing so far. Is there any way around it?
Blood Wolf Merlin 5 Reputation points

2025-05-30T00:16:52.5466667+00:00

Is mail enabled security group support on the Graph API roadmap? Any work arounds?

Answer 1

Hi @Rakhesh Sasidharan , @Sourav Bhunia ,

I would like to share the latest update on this. As per mentioned in this documentation, managing mail-enabled security groups through Microsoft Graph are currently not possible. Mail-enabled security groups cannot be modified by Microsoft Graph as they are owned by Exchange Online and hence these groups need to be managed via Exchange Online PowerShell. Also, the documentation issue in this Group resource type documentation page has already been corrected for mail-enabled security groups.

167850-microsot-graph-api-mail-enabled-security-groups.jpg

Note: I have also upvoted for your feature request on managing mail-enabled security groups using MS graph API.

Hope this helps.

If the answer is helpful, please click "Accept Answer" , so that it will be useful for the other communinity users and kindly upvote it. If you have further questions about this answer, please click "Comment".

Blood Wolf Merlin 5 Reputation points

2025-05-30T00:19:36.07+00:00

Is there an update on this feature request?

Answer 2

Omar Khalil Admin 0

For people wondering how to go around this, how I did it is by writing an Azure Functions PowerShell that can be triggered via API and under the hood it connects with exchange PS

Elvis Eyobor 0 Reputation points

2024-10-22T21:43:26.02+00:00

Please share how i could go about this

I am trying to modify a distribution list from powerapps

Thanks

Answer 3

Rakhesh Sasidharan 21

I just got a reply today to the GitHub issue I raised. Turns out you could add users to mail enabled groups previously via Graph API, but that was a bug... which they've now fixed. Also, the documentation is incorrect so MS will be correcting that. :-/

I raised a feature request for this here in case anyone wants to upvote.

0 comments

Answer 4

Rakhesh Sasidharan 21

In case it helps anyone else... I have the luxury of falling back to ExO as I have creds for that too so I modified my code to do that. Here's a snippet:

New-MgGroupMember -GroupId $dstGroupId -DirectoryObjectId $UserObj.Id
    if ($? -eq $false) { 
        Write-Warning "==> Error adding $member via Graph, failing back to ExO" 
        try {
            Add-DistributionGroupMember -Identity "$dstGroupName" -Member $UserObj.mail -Confirm:$false -BypassSecurityGroupManagerCheck -ErrorAction Stop
        } catch {
            Write-Error "==> Error adding $member via ExO" 
        }
    }

This way I can keep my script working until this issue is fixed.

Mark Baumann 0 Reputation points

2023-03-09T09:05:53.09+00:00

How should be the code in Python?

Answer 5

Rakhesh Sasidharan 21

Just to add I too am facing the same issue and came across this post while Googling. Until the 20th of Oct the New-MgGroupMember cmdlet could add users to a mail enabled security group but now it fails.

New-MgGroupMember -GroupId 4938ba57-5e96-4a3e-b069-a066dd194a55 -DirectoryObjectId b269b48d-afa4-49ed-a26e-d684531b62c7
New-MgGroupMember_CreateExpanded1: Cannot Update a mail-enabled security groups and or distribution list.

Either the docs are now incorrect and Graph API doesn't allow adding users to mail enabled security groups, or there's a bug. I've also raised this as a GitHub issue with the docs team.

Colin 21 Reputation points

2021-11-10T13:37:06.15+00:00

Thanks for sharing. I am still holding out hope.

Share via

I am trying to add member in mail enabled security group using graph api, Is that possible?

6 answers

Your answer