Cant create Schema Extension for Azure AD

Rawat, Mayank 1 Reputation point

I am trying to create a Schema Extension in Azure Active Directory. But I get this error message:

GraphError { headers: Some(GraphHeaders { url: "", status: 400, header_map: {"cache-control": "no-cache", "transfer-encoding": "chunked", "content-type": "application/json", "strict-transport-security": "max-age=31536000", "request-id": "8b0e00a9-3f69-404d-b78d-30af76bf45d8", "client-request-id": "8b0e00a9-3f69-404d-b78d-30af76bf45d8", "x-ms-ags-diagnostic": "{\"ServerInfo\":{\"DataCenter\":\"West US\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"005\",\"RoleInstance\":\"SJ1PEPF00000BAD\"}}", "x-ms-resource-unit": "1", "date": "Mon, 29 Aug 2022 21:35:23 GMT"} }), code: 400, error_message: ErrorMessage { error: Some(ErrorStatus { code: Some("Request_BadRequest"), message: Some("Object of class ComplexExtensionDefinition is not valid for Megatenant with ContextId: 0dd6c721-d5fc-4450-b331-**. Update to segmentation metadata failed."), inner_error: Some(InnerError { code: None, request_id: Some("8b0e00a9-3f69-404d-b78d-30af76bf45d8"), date: Some("2022-08-29T21:35:24") }) }) } }

Seems like Azure AD tenant doesn't support schema extensions?

Here is the code:

use graph_rs_sdk::oauth::OAuth;  
use reqwest::StatusCode;  
use graph_rs_sdk::prelude::*;  
use graph_rs_sdk::error::GraphFailure;  

pub async fn account_ext(client: OAuth) -> Result<StatusCode, GraphFailure> {  
    let graph_client = Graph::new_async(client.get_access_token().unwrap().bearer_token());  

    let properties = serde_json::json!({  
        "id": "tenantaccountExt",  
        "description": "Tenant account extension properties",  
        "targetTypes": [  
        "status": "InDevelopment",  
        "owner": "90fd44ac-18d2-4920-909b-***********",  
        "properties": [  
                "name": "region",  
                "type": "String"  
                "name": "contact",  
                "type": "String"  

    match graph_client.v1()  
        .await {  
            Ok(response) => Ok(response.status()),  
            Err(GraphFailure::GraphError(err)) => {  
                println!("{:?}", err);  
            Err(err) => Err(err)  
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,878 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,901 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JimmySalian-2011 41,936 Reputation points


    Yes you can use directory extensions to extend the schema in Azure Active Directory (Azure AD) with your own attributes from on-premises Active Directory. This feature enables you to build LOB apps by consuming attributes that you continue to manage on-premises. These attributes can be consumed through custom extensions as per this extensibility-overview

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.