Need to add new custom field For user in AAD

Ajithkumar M 41 Reputation points
2022-09-16T06:19:08.723+00:00

Hi,

Need to add new custom field called workShift in user Properties. There is any Graph API's to get and modify the custom field?

Also want to know is there any api to get available custom Fields?

Thanks,
Ajithkumar.M

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,045 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,801 questions
{count} votes

Accepted answer
  1. Shweta Mathur 29,751 Reputation points Microsoft Employee
    2022-09-19T11:59:31.657+00:00

    Hi @Ajithkumar M ,

    You can use Microsoft Graph API extensionProperty to have custom attributes which can be added to users, groups, application and devices.

    Create Extension :
    POST request:
    https://graph.microsoft.com/v1.0/applications/xxxe7035-47d1-xxx-xxx-ffa55xxxx/extensionProperties

    {
    "name": "extensionName",
    "dataType": "string",
    "targetObjects": [
    "User"
    ]
    }

    here id – object id of application

    Response –
    {
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications('xxxe7035-47d1-xxx-xxx-ffa55xxxx')/extensionProperties/$entity",
    "id": "837d4292-87e6-41c4-8f35-f4f0bef9c1d3",
    "deletedDateTime": null,
    "appDisplayName": ".Net Core Graph Tutorial",
    "dataType": "String",
    "isSyncedFromOnPremises": false,
    "name": "extension_49f9b798fcb9421dbb107cf9c8f03fd5_extensionName",
    "targetObjects": [
    "User"
    ]
    }

    Update custom attribute using
    Patch request:
    https://graph.microsoft.com/v1.0/users/{user id}

    {
    "extension_49f9b798fcb9421dbb107cf9c8f03fd5_extensionName": "isPresent"
    }

    Delete custom attribute using

    DELETE https://graph.microsoft.com/v1.0/applications/{application ObjectId}/extensionProperties/{id}

    Reference: https://learn.microsoft.com/en-us/graph/api/resources/extensionproperty?view=graph-rest-1.0

    Hope this will help.

    Thanks,
    Shweta

    -----------------------------------

    Please remember to "Accept Answer" if answer helped you.

    1 person found this answer helpful.

3 additional answers

Sort by: Most helpful
  1. JimmySalian-2011 42,121 Reputation points
    2022-09-16T08:44:20.23+00:00

    Hi @Ajithkumar M ,

    I think you can explore the custom attribute for AAD Users and also the Graph Explorer process is listed here so have a look here - custom-security-attributes-overview

    ==
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments

  2. Shweta Mathur 29,751 Reputation points Microsoft Employee
    2022-09-19T05:48:43.85+00:00

    Hi @Ajithkumar M ,

    Directory schema extensions cannot be used for authorization scenarios and attributes because the access control for the extension attributes is tied to the Azure AD object. Custom security attributes can be used for authorization and attributes needing access control because the custom security attributes can be managed and protected through separate permissions.

    Directory schema extensions are tied to an application and share the lifecycle of an application. Custom security attributes are tenant wide and not tied to an application.

    Directory schema extensions support assigning a single value to an attribute. Custom security attributes support assigning multiple values to an attribute.

    Hope this will help.

    Thanks,
    Shweta

    1 person found this answer helpful.

  3. Ajithkumar M 41 Reputation points
    2022-09-16T10:07:08.873+00:00

    @JimmySalian-2011 I searched through internet and i got below details.

    https://learn.microsoft.com/en-us/previous-versions/azure/ad/graph/howto/azure-ad-graph-api-directory-schema-extensions

    what is the difference between this and link you have shared?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.