0

I need to create an o365 group for internal members and contacts using the graph api.

I tried and did not work: Distribution lists and security groups allow contacts but graph api can't create DL. Microsoft 365 groups can be created by the graph api but don't allow contacts.

Any possible solution to use only the graph api without any other service or azure?

Improve this question
1
  • 1
    Could you please add your approach while creating this : Distribution lists and security groups Commented Apr 23 at 13:53

2 Answers 2

Reset to default
0

Initially, Created Single Tenant Microsoft Entra ID application:

enter image description here

Added application type Group.ReadWrite.All and GroupMember.ReadWrite.All API permission and granted admin Consent like below:

enter image description here

Now Generated Access token using client_credentials flow.

Use below parameters:

GET https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded

client_id: <application-id>
client_secret: <client-secret>
scope: https://graph.microsoft.com/.default
grant_type: client_credentials

Response:

enter image description here

Before, creating the group, check for any policy is configured for naming-convention while creating of the Unified groups.

Connect-AzureAD
 
Get-AzureADDirectorySetting | Where-Object {$_.DisplayName -eq "Group.Unified"}
 
$setting = Get-AzureADDirectorySetting | Where-Object {$_.DisplayName -eq "Group.Unified"}
 
$setting.Values

enter image description here

Ensure to set the name of the group, As per the directory setting.

POST https://graph.microsoft.com/v1.0/groups

{
  "displayName": "InternalExternalTeam-Operations-",
  "description": "Group for the Internal and External department",
  "groupTypes": ["Unified"],
  "mailEnabled": true,
  "mailNickname": "InternalExternalTeam-Operations-",
  "securityEnabled": false,
  "visibility": "Private"
}

Response:

enter image description here

After creating the group adding the member from the tenant.

For adding the member you need to use only object-id of directory-objects. Below query is applicable for users from tenant, guest users , contacts.

POST https://graph.microsoft.com/v1.0/groups/{group-id}/members/$ref
Authorization: Bearer <access_token>
Content-Type: application/json

{
  "@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/{object-id}"
}

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

POST /me/contactFolders

POST /users/{user-id}/contactFolders

{
  "displayName": "My Contacts Group"
}
curl -X POST https://graph.microsoft.com/v1.0/me/contactFolders \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
  "displayName": "My Contacts Group"
}'
POST /me/contactFolders/{id}/contacts
{
  "givenName": "John",
  "surname": "Doe",
  "emailAddresses": [
    {
      "address": "[email protected]"
    }
  ]
}

https://grafbase.com/
Improve this answer

1 Comment

As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.