me/memberOf API returns null values for attributes

Frank Hobert 1 Reputation point
2022-12-22T05:26:56.323+00:00

I have created a connected/oauth app with the following scopes 273098-image-20221201-190625.png

when i do a me/memberOf api call i am receiving the following response
273104-files-from-andy.txt

all the values except for id are coming as null, i specifically need the displayName attribute, as the app already has user.Read permission and Directory.AccessAsUser.All permission what is the issue with this?

Microsoft Graph Users API
Microsoft Graph Users API
A Microsoft API that allows you to build compelling app experiences based on users, their relationships with other users and groups, and the resources they access for example their mails, calendars, files, administrative roles, group memberships.
551 questions
Microsoft Graph Permissions API
No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Vicky Kumar (Mindtree Consulting PVT LTD) 1,066 Reputation points Microsoft Employee
    2022-12-22T05:57:49.017+00:00

    Looks like the endpoint you are calling is not correct , you are using memberOf/me , whereas you should try with GET https://graph.microsoft.com/v1.0/me/memberOf

    ref doc -https://learn.microsoft.com/en-us/graph/api/group-list-memberof?view=graph-rest-1.0&tabs=http


  2. Zehui Yao_MSFT 3,431 Reputation points Microsoft Employee
    2022-12-22T06:16:53.64+00:00

    Hi @Frank Hobert , you can add Group.Read.All permission to display attributes. I tested it locally and found it to work. Hope can help you. :)

    Without Group.Read.All permission

    273113-image.png

    273152-image.png

    With Group.Read.All permission

    273122-image.png

    273172-image.png


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  3. Gopinath Chennamadhavuni-MSFT 1,526 Reputation points Microsoft Employee
    2022-12-22T06:17:50.96+00:00

    Hi @Frank Hobert ,

    Thanks for reaching out.

    When we make a call to https://graph.microsoft.com/v1.0/me/memberOf or https://graph.microsoft.com/v1.0/users/{id | userPrincipalName}memberOf in certain situations we find null values for few attributes as shown in the above JSON response. In the above response, we only see the value for GroupId and all other attributes are of null values. When an application queries the membership of a container object and does not have permission to read a certain type, members of that type are returned but with limited information. The application receives a 200 response and a collection of objects. Complete information is returned for the object types that the application has permissions to read. For the object types which the application does not have permission to read, only the object type and ID are returned.

    Resolution:
    When we queries a relationship that returns a directoryObject type collection, if it does not have permission to read a certain derived type, members of that type are returned but with limited information. To read all the other group information, you would also need to configure at least Directory.Read.All permission.

    References:
    List memberOf

    Limited information returned for inaccessible member objects

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.

    No comments