This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
I am trying to access the custom attributes of my users with graph api. I've created an attribute set with attributes and I've set a few of them on my users for testing purpose. This is the code I'm using, I tried both the current and the beta version of the graph api nugget. The application I'm using to access the information has User.ReadWrite.All for both app and delegate. But when I execute this code, the property is always null.
var users = await graphClient.Users
.GetAsync(config =>
{
config.QueryParameters.Select = new[] { "Id", "DisplayName", "CustomSecurityAttributes" };
});
Also, I may be wrong but I've noticed that the endpoint doesn't match the model of the nugget library, the attribute is a IDictionnary<string, object> but in the documentation, we can see there is a list of attribute sets that contains the attribute list (Engineering attribute set, Project attribute), here is an example from the patch documentation from learn.microsoft.com:
PATCH https://graph.microsoft.com/v1.0/users/{id}
{
"customSecurityAttributes":
{
"Engineering":
{
"@odata.type":"#Microsoft.DirectoryServices.CustomSecurityAttributeValue",
"Project@odata.type":"#Collection(String)",
"Project":["Baker","Cascade"]
}
}
}
The User.ReadWrite.All permission on its own is not sufficient, you must also have the CustomSecAttributeAssignment.Read.All or equivalent permission. Details are here: https://learn.microsoft.com/en-us/graph/custom-security-attributes-examples?tabs=http#prerequisites
That's it, thanks, it works. I misread that part.