对组的操作 |Graph API 参考
**适用范围: ** Graph API | Azure Active Directory
本主题讨论如何使用 Azure Active Directory (AD) Graph API 对组执行操作。 使用 Azure AD Graph API,你可以创建、读取、更新和删除组。 你还可以查询组的成员、在某个组添加和删除成员、检查组在其他组中的成员身份,以及向组分配应用角色等。 某些组操作是可传递的,其他操作的仅限于组的直接成员。 对于某些操作的支持在安全组、邮件分发组和已启用邮件的安全组之间有所不同。 组可能会将用户、联系人和其他组作为成员。
Graph API 是与 OData 3.0 兼容的 REST API,它提供对 Azure Active Directory 中的目录对象(如用户、组、组织联系人和应用程序)的编程访问。
重要
Azure AD Graph API 功能也可通过 Microsoft Graph 使用。Microsoft Graph 是一个统一的 API,它还包括其他 Microsoft 服务(如 Outlook、OneDrive、OneNote、Planner 和 Office Graph)的 API,这些都可以使用单个访问令牌通过单个终结点进行访问。
对组执行 REST 操作
若要使用 Graph API 对组执行操作,请使用受支持的方法(GET、POST、PATCH、PUT 或 DELETE)将 HTTP 请求发送给面向组资源集合、特定组、组或函数的导航属性或可以对组调用的操作的终结点。 以下各节讨论如何面向和撰写对组的操作。
Graph API 请求使用以下基本 URL:
https://graph.windows.net/{tenant_id}/{resource_path}?{api_version}[odata_query_parameters]
重要
发送到 Graph API 的请求必须格式良好,以有效的终结点和 Graph API 版本为目标并且具有从 Authorization 标头中的 Azure AD 获取的有效访问令牌。 有关使用 Graph API 创建请求和接收响应的更多详细信息,请参阅 [Operations Overview]。
以不同的方式指定 {resource_path},具体取决于是否以你的租户中的所有组的集合、单个组或特定组的导航属性为目标。
/groups以组资源集合为目标。 你可以使用此资源路径读取你的租户中的所有组,或在你的租户中创建新安全组。/groups/{object_id}以你的租户中的单个组为目标。 使用其对象 ID (GUID) 指定目标组。 你可以使用此资源路径获取组的声明属性、修改组的声明属性或删除安全组。/group/{object_id}/{nav_property}以某个组的指定导航属性为目标。 你可以使用它返回由指定组的目标导航属性引用的一个或多个对象;例如,组的成员。 注意: 这种格式的寻址仅适用于读取操作。/groups/{object_id}/$links/{nav_property}以某个组的指定导航属性为目标。 可以使用这种格式的寻址读取和修改导航属性。 读取时,属性引用的对象将作为响应正文中的一个或多个链接返回。 写入时,这些对象将指定为请求正文中的一个或多个链接。
例如,以下请求返回指向指定组的成员的链接集合:
GET https://graph.windows.net/myorganization/groups/ffffffff-ffff-ffff-ffff-ffffffffffff/$links/members?api-version=1.6
对组的基本操作
通过以组资源集合或特定组为目标,你可以对组及其声明属性执行基本的创建、读取、更新和删除 (CRUD) 操作。 下列主题介绍了如何操作。
Graph API 支持对组的操作,如下所示:
- 创建 (POST): 仅安全组。
- 读取 (GET): 所有组。
- 更新 (PATCH): 安全组和启用了邮件的安全组。 并不支持所有属性。
- 删除 (DELETE): 仅安全组。
获取组
获取组的集合。 可以将 OData 查询参数添加到请求以对响应进行排序和标记页码。 有关详细信息,请参阅 [Supported Queries, Filters, and Paging Options]。
成功后,将返回 [Group] 对象的集合;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "get groups",
"showComponents": {
"codeGenerator": "true",
"tryFeature": "true"
}
}
获取组
获取指定的组。 通过其对象 ID (GUID) 指定组。
成功后,将返回指定组的 [Group] 对象;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "get group by id",
"showComponents": {
"codeGenerator": "true",
"tryFeature": "true"
}
}
创建组
将安全组添加到租户。 请求正文包含要创建的组的属性。 必须指定组的必需属性。 可以选择指定任何其他可写属性。
重要提示: 使用 Graph API 仅可创建安全组。 无法创建启用了邮件的安全组或邮件分发组。
下表显示创建组时所需的属性。
| 必需的参数 | 类型 | 描述 |
|---|---|---|
| displayName | 字符串 | 要在组的通讯簿中显示的姓名。 |
| mailEnabled | boolean | 必须为 false。 这是因为使用 Graph API 只能创建纯安全组。 |
| mailNickname | 字符串 | 组的邮件别名。 |
| securityEnabled | boolean | 必须为 true。 这是因为使用 Graph API 只能创建纯安全组。 |
成功后,将返回新创建的 [Group];否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "create group"
}
更新组
更新组的属性。 在请求正文中指定任何可写入 [Group] 属性。 仅更改指定的属性。
重要提示:
- 只能更新安全组和启用了邮件的安全组。
- 不能将安全组更新为启用了邮件的安全组或邮件分发组。
成功后,不返回任何响应正文;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "update group"
}
删除组
删除组。 已删除的组不可恢复。
重要提示: 使用 Graph API 只能删除安全组。 无法删除启用了邮件的安全组或邮件分发组。
成功后,不返回任何响应正文;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "delete group"
}
对组导航属性的操作
通过导航属性公开某个组和目录中的其他对象(如用户、联系人和可能是其成员的其他组)之间的关系。 你可以读取,并在某些情况下,通过在请求中以这些导航属性为目标来修改这些关系。
支持的操作如下:
- 读取 (GET): 所有组。
- 更新 (POST): 安全组和启用了邮件的安全组(仅成员和所有者)。
- 删除 (DELETE): 仅安全组(仅成员和所有者)。
获取组的直接成员
从 members 导航属性获取组的直接成员。
成功后,将返回指向 [User]、[Contact]、[ServicePrincipal] 以及作为此组的直接成员的其他 [Group] 的链接集合;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "get group members links",
"showComponents": {
"codeGenerator": "true",
"tryFeature": "true"
}
}
添加组成员
通过 members 导航属性将成员添加到安全组或启用了邮件的安全组。 你可以添加用户、联系人、服务主体或其他组。 请求正文包含指向要添加的 [User]、[Contact]、[ServicePrincipal] 或 [Group] 的单个链接。
重要提示: 只能向安全组和启用了邮件的安全组添加成员。
成功后,不返回任何响应正文;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "add group members"
}
删除组成员
通过 members 导航属性从安全组中删除指定的组成员。 指定要在终端 URL 段中删除的 [User]、[Contact]、[ServicePrincipal] 或 [Group] 的对象 ID。
重要提示: 只能从纯安全组删除成员。
成功后,不返回任何响应正文;否则,响应正文将包含错误详细信息。 有关错误的详细信息,请参阅 [Error Codes and Error Handling]。
{
"api": "Groups",
"operation": "delete group member"
}
其他导航属性
通过使用上面所示的相同模式,可以以组公开的其他导航属性为目标。 某些属性为只读属性,而其他属性可被修改。 有关组导航属性的详细信息,请参阅针对 [Group] 的文档。
有关组的函数和操作
你可以对组调用任意以下函数或操作。
检查特定组中的成员身份(可传递)
可以调用 [isMemberOf] 函数来检查用户、联系人、服务主体或另一个组在特定组中的成员身份。 此检查是可传递的。
检查组列表中的成员身份(可传递)
可以调用 [checkMemberGroups] 函数来检查用户、联系人、服务主体或组在组列表中的成员身份。 此检查是可传递的。
获取所有组成员身份(可传递)
可以调用 [getMemberGroups] 函数来返回用户、联系人、服务主体或组所属的所有组。 此检查是可传递的。
获取所有组和目录角色成员身份(可传递)
可以调用 [getMemberObjects] 函数以返回用户、联系人、组或服务主体为其成员的所有组和目录角色。 此检查是可传递的。
其他资源
- 在 Graph API 概念中了解有关 Graph API 支持的特性、功能和预览功能的详细信息
Get groups
GET https://graph.windows.net/myorganization/groups?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.Group",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.Group",
"objectType": "Group",
"objectId": "c57cdc98-0dcd-4f90-a82f-c911b288bab9",
"deletionTimestamp": null,
"description": "Marketing Group",
"dirSyncEnabled": null,
"displayName": "Marketing",
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "cdf76b17-0734-41bc-9c24-9a7af93f3502",
"mailEnabled": false,
"onPremisesSecurityIdentifier": null,
"provisioningErrors": [],
"proxyAddresses": [],
"securityEnabled": true
},
{
"odata.type": "Microsoft.DirectoryServices.Group",
"objectType": "Group",
"objectId": "cc9869f0-6ac0-4d00-bc24-621a2d949d35",
"deletionTimestamp": null,
"description": "Engineering Group",
"dirSyncEnabled": null,
"displayName": "Engineering",
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "ef3b8cc1-721b-4452-9e30-9867d1de80ea",
"mailEnabled": false,
"onPremisesSecurityIdentifier": null,
"provisioningErrors": [],
"proxyAddresses": [],
"securityEnabled": true
},
{
"odata.type": "Microsoft.DirectoryServices.Group",
"objectType": "Group",
"objectId": "fc15e7ef-993f-4865-bf37-317d9b8017b8",
"deletionTimestamp": null,
"description": "Test Group",
"dirSyncEnabled": null,
"displayName": "Test",
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "fec6273a-20af-49ba-8129-3cbde45a0a16",
"mailEnabled": false,
"onPremisesSecurityIdentifier": null,
"provisioningErrors": [],
"proxyAddresses": [],
"securityEnabled": true
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The results are returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/groups?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/groups?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/groups");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/groups?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/groups";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/groups');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/groups?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/groups?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/groups')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Get a group
GET https://graph.windows.net/myorganization/groups/{object_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | f795caea-121d-49c7-8ae6-a95623add8aa | The object ID (GUID) of the target group. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
GET https://graph.windows.net/myorganization/groups/f795caea-121d-49c7-8ae6-a95623add8aa?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.Group/@Element",
"odata.type": "Microsoft.DirectoryServices.Group",
"objectType": "Group",
"objectId": "b4bda672-1fba-4711-8fb1-5383c40b2c14",
"deletionTimestamp": null,
"description": "Marketing Department",
"dirSyncEnabled": null,
"displayName": "Marketing",
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "BposMailNickName",
"mailEnabled": false,
"onPremisesSecurityIdentifier": null,
"provisioningErrors": [],
"proxyAddresses": [],
"securityEnabled": true
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. The group is returned in the response body. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/groups/{object_id}?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/groups/{object_id}?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/groups/{object_id}");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/groups/{object_id}?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/groups/{object_id}";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/groups/{object_id}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/groups/{object_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/groups/{object_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/groups/{object_id}')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Create a group
POST https://graph.windows.net/myorganization/groups?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"displayName": "Example Group",
"mailNickname": "ExampleGroup",
"mailEnabled": false,
"securityEnabled": true
}
Response
Status Code:201
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.Group/@Element",
"odata.type": "Microsoft.DirectoryServices.Group",
"objectType": "Group",
"objectId": "c7ebe5ed-b1d2-4990-88f7-892e4db2e5f3",
"deletionTimestamp": null,
"description": null,
"dirSyncEnabled": null,
"displayName": "Example Group",
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "ExampleGroup",
"mailEnabled": false,
"onPremisesSecurityIdentifier": null,
"provisioningErrors": [],
"proxyAddresses": [],
"securityEnabled": true
}
Response List
| Status Code | Description |
|---|---|
| 201 | Created. Indicates success. The new group is returned in the response body. |
Update a group
PATCH https://graph.windows.net/myorganization/groups/{object_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | c7ebe5ed-b1d2-4990-88f7-892e4db2e5f3 | The object ID (GUID) of the target group. |
| Query | ----- | ----- | ------ |
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"description": "Example Security Group"
}
PATCH https://graph.windows.net/myorganization/groups/c7ebe5ed-b1d2-4990-88f7-892e4db2e5f3?api-version=1.6
Response
Status Code:204
Content-Type: application/json
Response List
|Status Code|Description| |-----------|-----------| 204 No Content. Indicates success. No response body is returned.
Delete a group
DELETE https://graph.windows.net/myorganization/groups/{object_id}[?api-version]
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| object_id | string | c7ebe5ed-b1d2-4990-88f7-892e4db2e5f3 | The object ID (GUID) of the target group. |
| Query | |||
| api-version | string | 1.6 | Specifies the version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
DELETE https://graph.windows.net/myorganization/groups/c7ebe5ed-b1d2-4990-88f7-892e4db2e5f3?api-version=1.6
Response
Status Code:204
Content-Type: application/json
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. |
Get a group's direct members
GET https://graph.windows.net/myorganization/groups/{object_id}/$links/members?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| user_id | string | f795caea-121d-49c7-8ae6-a95623add8aa | The object ID (GUID) of the target group. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
GET https://graph.windows.net/myorganization/groups/f795caea-121d-49c7-8ae6-a95623add8aa/$links/members?api-version=1.6
Response
Status Code:200
Content-Type: application/json
{
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/$links/members",
"value": [
{
"url": "https://graph.windows.net/myorganization/directoryObjects/06adda87-a819-4c2e-ab30-127f308468b5/Microsoft.DirectoryServices.User"
},
{
"url": "https://graph.windows.net/myorganization/directoryObjects/225711c4-501c-4e38-b10c-654a4f62ad67/Microsoft.DirectoryServices.User"
},
{
"url": "https://graph.windows.net/myorganization/directoryObjects/2355eace-6b1d-4560-a481-eddabb529537/Microsoft.DirectoryServices.User"
},
{
"url": "https://graph.windows.net/myorganization/directoryObjects/2b0a2e75-f6f5-498a-9f5c-3543e171a5a6/Microsoft.DirectoryServices.User"
}
]
}
Response List
| Status Code | Description |
|---|---|
| 200 | OK. Indicates success. A collection of links to the group members is returned. |
Code Samples
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
/* OAuth2 is required to access this API. For more information visit:
https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks */
// Specify values for the following required parameters
queryString["api-version"] = "1.6";
// Specify values for path parameters (shown as {...})
var uri = "https://graph.windows.net/myorganization/groups/{object_id}/$links/members?" + queryString;
var response = await client.GetAsync(uri);
if (response.Content != null)
{
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
}
}
@ECHO OFF
REM OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
REM Specify values for path parameters (shown as {...}), values for query parameters
curl -v -X GET "https://graph.windows.net/myorganization/groups/{object_id}/$links/members?api-version=1.6&"^
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample {
public static void main(String[] args) {
HttpClient httpclient = HttpClients.createDefault();
try
{
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
URIBuilder builder = new URIBuilder("https://graph.windows.net/myorganization/groups/{object_id}/$links/members");
// Specify values for the following required parameters
builder.setParameter("api-version", "1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
var params = {
// Specify values for the following required parameters
'api-version': "1.6",
};
$.ajax({
// Specify values for path parameters (shown as {...})
url: 'https://graph.windows.net/myorganization/groups/{object_id}/$links/members?' + $.param(params),
type: 'GET',
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
// Specify values for path parameters (shown as {...})
NSString* path = @"https://graph.windows.net/myorganization/groups/{object_id}/$links/members";
NSArray* array = @[
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"GET"];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if(nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if(nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the pecl_http package. (for more information: http://pecl.php.net/package/pecl_http)
require_once 'HTTP/Request2.php';
$headers = array(
);
$query_params = array(
// Specify values for the following required parameters
'api-version' => '1.6',
);
$request = new Http_Request2('https://graph.windows.net/myorganization/groups/{object_id}/$links/members');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader($headers);
// OAuth2 is required to access this API. For more information visit:
// https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
$url = $request->getUrl();
$url->setQueryVariables($query_params);
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/groups/{object_id}/$links/members?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/groups/{object_id}/$links/members?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://graph.windows.net/myorganization/groups/{object_id}/$links/members')
uri.query = URI.encode_www_form({
# Specify values for the following required parameters
'api-version' => '1.6',
})
request = Net::HTTP::Get.new(uri.request_uri)
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body
Add group members
POST https://graph.windows.net/myorganization/groups/{object_id}/$links/members?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| user_id | string b4bda672-1fba-4711-8fb1-5383c40b2c14 | The object ID (GUID) of the target group. | |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
| Body | ----- | ----- | ------ |
| Content-Type: application/json | ----- | ----- | ------ |
{
"url": "https://graph.windows.net/myorganization/directoryObjects/3eb6055a-baeb-44d4-a1ea-2fee86d8891b"
}
POST https://graph.windows.net/myorganization/groups/b4bda672-1fba-4711-8fb1-5383c40b2c14/$links/members?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |
Delete a group member
DELETE https://graph.windows.net/myorganization/groups/{object_id}/$links/members/{member_id}?api-version
Parameters
| Parameter | Type | Value | Notes |
|---|---|---|---|
| URL | |||
| user_id | string | b4bda672-1fba-4711-8fb1-5383c40b2c14 | The object ID (GUID) of the target group. |
| member_id | string | 3eb6055a-baeb-44d4-a1ea-2fee86d8891b | The object ID (GUID) of the member to be removed. Can be a user, a contact, or a group. |
| Query | |||
| api-version | string | 1.6 | The version of the Graph API to target. Beginning with version 1.5, the api-version string is represented in major.minor format. Prior releases were represented as date strings: '2013-11-08' and '2013-04-05'. Required. |
DELETE https://graph.windows.net/myorganization/groups/b4bda672-1fba-4711-8fb1-5383c40b2c14/$links/members/3eb6055a-baeb-44d4-a1ea-2fee86d8891b?api-version=1.6
Response
Status Code:204
Content-Type: application/json
none
Response List
| Status Code | Description |
|---|---|
| 204 | No Content. Indicates success. No response body is returned. |