Microsoft Active Directory

Microsoft Active Directory and Microsoft Entra ID provide identity and access management for organizations of all sizes. Microsoft Graph API is the unified REST API gateway for accessing and managing Microsoft Entra ID (formerly Azure Active Directory), including users, groups, applications, devices, conditional access policies, identity governance, and directory administration. Legacy on-premises Active Directory is managed through LDAP, Kerberos, and PowerShell protocols; cloud identity is managed through Microsoft Graph.

10 APIs 10 Features
Active DirectoryAuthenticationAuthorizationDirectory ServicesIdentity ManagementMicrosoft EntraZero Trust

APIs

Microsoft Graph Users API

Manage the entire lifecycle of users in Microsoft Entra ID, including creating, reading, updating, and deleting user accounts, managing licenses, group memberships, authenticati...

Microsoft Graph Groups API

Create and manage Microsoft Entra security groups, Microsoft 365 groups, and distribution lists. Manage group memberships, owners, and settings. Groups enable efficient entitlem...

Microsoft Graph Applications and Service Principals API

Register and manage Microsoft Entra applications and their associated service principals programmatically. Configure app permissions, OAuth2 permission grants, app role assignme...

Microsoft Graph Devices API

Manage devices registered or joined to Microsoft Entra ID, including Entra joined, Entra registered, and hybrid Azure AD joined devices. Retrieve BitLocker recovery keys and Loc...

Microsoft Graph Directory Roles and Administrative Units API

Manage Microsoft Entra built-in and custom directory roles, role assignments, and role-scoped administrative units. Assign administrator roles to users, groups, or service princ...

Microsoft Graph Conditional Access API

Create and manage Microsoft Entra Conditional Access policies that enforce access controls based on user, location, device, and risk signals. Configure named locations, authenti...

Microsoft Graph Identity Governance API

Manage Microsoft Entra ID Governance features including access reviews, entitlement management (access packages, catalogs, and policies), Privileged Identity Management (PIM) fo...

Microsoft Graph Identity Protection API

Detect, investigate, and remediate identity-based risks using Microsoft Entra ID Protection. Access risk detections, risky users, risky service principals, and risk events, and ...

Microsoft Graph Authentication Methods API

Manage authentication methods registered for users in Microsoft Entra ID, including FIDO2 security keys, Microsoft Authenticator, phone (SMS/voice call), email OTP, Windows Hell...

Microsoft Graph Identity and Access Reports API

Access audit logs, sign-in logs, provisioning logs, and identity-related reports for monitoring, compliance, and troubleshooting. Stream logs to Azure Monitor and Log Analytics ...

Collections

Arazzo Workflows

Active Directory Audit User Group Memberships

Resolve a user by UPN, read their full profile, then list their group memberships and manager.

ARAZZO

Active Directory Create Group And Add Two Members

Create a security group, then add two existing users to it by their object IDs.

ARAZZO

Active Directory Create Microsoft 365 Group With Owner

Create a user, create a Microsoft 365 group owned by that user, and add the user as a member.

ARAZZO

Active Directory Decommission Application

Resolve an application by name, read its details, and soft-delete the registration.

ARAZZO

Active Directory Find User And Update Profile

Look up a user by principal name, then patch their job title and department.

ARAZZO

Active Directory Offboard User From Group

Resolve a user by UPN, remove them from a named group, then disable the account.

ARAZZO

Active Directory Onboard User To Existing Group

Find an existing group by name, create a user, and add the user to that group.

ARAZZO

Active Directory Provision Application With Service Principal

Register an application, then locate and read its service principal and app role assignments.

ARAZZO

Active Directory Provision User Into New Group

Create a user, create a security group, and add the user as a member of that group.

ARAZZO

Active Directory Rename Group And List Members

Resolve a group by name, update its display name and description, then list its members and owners.

ARAZZO

Active Directory Self-Service Profile Review

Read the signed-in user's profile, then list their group memberships and look up their manager.

ARAZZO

Active Directory Transfer User Between Groups

Resolve a user and two groups by name, remove the user from one group and add them to another.

ARAZZO

Active Directory Update Application Redirect URIs

Resolve an application by name, read it, then patch its web redirect URIs and description.

ARAZZO

Pricing Plans

Rate Limits

Active Directory Rate Limits

7 limits

RATE LIMITS

FinOps

Features

Unified Identity API

Single REST endpoint (graph.microsoft.com) for all Microsoft Entra identity and directory operations.

User Lifecycle Management

Full CRUD operations for user accounts including bulk operations, license assignment, and guest management.

Group Management

Create and manage security groups, Microsoft 365 groups, and dynamic membership groups.

Application Registration

Programmatic app registration, permission configuration, and service principal management.

Conditional Access Automation

Create, update, and evaluate Conditional Access policies via API for Zero Trust enforcement.

Privileged Identity Management

Just-in-time role activation, time-bound access, and PIM policy management via API.

Identity Protection

Access risk signals, risky users, and risk detections for automated threat response.

Authentication Method Management

Manage MFA and passwordless authentication methods registered for users.

Audit and Sign-in Logs

Programmatic access to audit logs, sign-in logs, and provisioning logs for SIEM integration.

Identity Governance

Access reviews, entitlement management, and lifecycle workflows for automated IAM.

Use Cases

User Provisioning Automation

Automate user account creation, attribute updates, and deprovisioning for HR-driven identity lifecycle.

Zero Trust Policy Enforcement

Programmatically deploy and manage Conditional Access policies across the organization.

SIEM Integration

Stream audit logs and sign-in events to security information and event management systems.

Application Access Management

Automate app registration, permission grants, and app role assignments for developer self-service.

Identity Risk Remediation

Detect and respond to risky sign-ins and compromised accounts via Identity Protection APIs.

Compliance Reporting

Generate access reviews, entitlement reports, and audit logs for regulatory compliance.

Privileged Access Governance

Enforce just-in-time privileged access and audit role assignments via PIM APIs.

Integrations

Azure Active Directory

Microsoft Entra ID (formerly Azure AD) is the cloud identity backbone accessed via Microsoft Graph.

Microsoft 365

Microsoft Graph provides unified access to Microsoft 365 user data alongside identity operations.

Azure Monitor

Stream Microsoft Entra sign-in and audit logs to Azure Monitor Log Analytics for analysis.

Microsoft Sentinel

Feed identity risk signals and audit logs into Microsoft Sentinel SIEM for threat hunting.

Intune

Microsoft Graph Intune APIs integrate device management with identity policies.

SCIM Providers

Automate user provisioning to SaaS applications using Microsoft Entra SCIM provisioning.

SAML and OIDC Applications

Register and manage federated applications using SAML 2.0 and OpenID Connect via Microsoft Graph.

Semantic Vocabularies

Active Directory Context

1 classes · 69 properties

JSON-LD

API Governance Rules

Microsoft Active Directory API Rules

33 rules · 14 errors 15 warnings 4 info

SPECTRAL

JSON Structure

Applications Application Structure

0 properties

JSON STRUCTURE

Groups Group Structure

0 properties

JSON STRUCTURE

Users User Structure

0 properties

JSON STRUCTURE

Example Payloads

Groups Group Example

17 fields

EXAMPLE

Users User Example

22 fields

EXAMPLE

Resources

🔗
PostmanWorkspace
PostmanWorkspace
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🌐
Portal
Portal
🚀
GettingStarted
GettingStarted
🔗
Documentation
Documentation
🔑
Authentication
Authentication
🔗
APIReference
APIReference
🔗
RateLimits
RateLimits
📦
SDKs
SDKs
🔗
CLI
CLI
📰
Blog
Blog
🟢
StatusPage
StatusPage
💬
Support
Support
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
💰
Pricing
Pricing
📄
ChangeLog
ChangeLog
👥
GitHubOrganization
GitHubOrganization
👥
GitHubRepository
GitHubRepository
👥
StackOverflow
StackOverflow
🎓
Training
Training
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
JSONLD
JSONLD

Sources

Raw ↑
info:
  _postman_id: ab95bef1-f577-47f1-a2c8-6f66f5f3ba39
  name: Microsoft Graph Users API
  description: "Manage the entire lifecycle of users in Microsoft Entra ID (formerly Azure Active Directory) via Microsoft\
    \ Graph. Create, read, update, and delete user accounts; manage licenses, group memberships, manager relationships, authentication\
    \ methods, and profile photos. All endpoints require OAuth2 authentication with Microsoft identity platform.\n\nContact\
    \ Support:\n Name: Microsoft Graph Support"
  schema: https://schema.getpostman.com/json/collection/v2.1.0/collection.json
  createdAt: '2026-06-05T14:58:52.000Z'
  updatedAt: '2026-06-05T14:58:52.000Z'
  lastUpdatedBy: '35240'
  uid: 35240-ab95bef1-f577-47f1-a2c8-6f66f5f3ba39
item:
- name: users
  item:
  - name: '{userId}'
    item:
    - name: memberOf
      item:
      - name: Active Directory List User Group Memberships
        id: fd049c9b-358e-40ff-b104-43daccddfe72
        protocolProfileBehavior:
          disableBodyPruning: true
        request:
          method: GET
          header:
          - key: Accept
            value: application/json
          url:
            raw: '{{baseUrl}}/users/:userId/memberOf?$filter=<string>'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            - memberOf
            query:
            - description: OData filter to scope to groups only (e.g. microsoft.graph.group)
              key: $filter
              value: <string>
            variable:
            - id: 4a671a90-350e-4508-b2ea-7a31b6a126c5
              key: userId
              value: <string>
              description: (Required) User object ID or userPrincipalName
          description: Get the groups, directory roles, and administrative units that the user is a direct member of. This
            operation does not return transitive group memberships. Use /users/{id}/transitiveMemberOf for transitive memberships.
        response:
        - id: c6930896-8ddf-47e3-a886-dda62f61ebde
          name: Collection of groups the user is a member of
          originalRequest:
            method: GET
            header:
            - key: Accept
              value: application/json
            - description: 'Added as a part of security scheme: oauth2'
              key: Authorization
              value: <token>
            url:
              raw: '{{baseUrl}}/users/:userId/memberOf?$filter=<string>'
              host:
              - '{{baseUrl}}'
              path:
              - users
              - :userId
              - memberOf
              query:
              - description: OData filter to scope to groups only (e.g. microsoft.graph.group)
                key: $filter
                value: <string>
              variable:
              - key: userId
          status: OK
          code: 200
          _postman_previewlanguage: json
          header:
          - key: Content-Type
            value: application/json
          cookie: []
          responseTime: null
          body: "{\n  \"@odata.context\": \"<string>\",\n  \"value\": [\n    {\n      \"id\": \"<string>\",\n      \"displayName\"\
            : \"<string>\",\n      \"groupTypes\": [\n        \"<string>\",\n        \"<string>\"\n      ]\n    },\n    {\n\
            \      \"id\": \"<string>\",\n      \"displayName\": \"<string>\",\n      \"groupTypes\": [\n        \"<string>\"\
            ,\n        \"<string>\"\n      ]\n    }\n  ]\n}"
          createdAt: '2026-06-05T14:58:53.000Z'
          updatedAt: '2026-06-05T14:58:53.000Z'
          uid: 35240-c6930896-8ddf-47e3-a886-dda62f61ebde
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-fd049c9b-358e-40ff-b104-43daccddfe72
      id: 1fb28163-725c-44a4-99a6-8639a86ea994
      createdAt: '2026-06-05T14:58:52.000Z'
      updatedAt: '2026-06-05T14:58:52.000Z'
      uid: 35240-1fb28163-725c-44a4-99a6-8639a86ea994
    - name: manager
      item:
      - name: Active Directory Get User Manager
        id: 467aea59-a711-43f0-b949-d83a62c706e9
        protocolProfileBehavior:
          disableBodyPruning: true
        request:
          method: GET
          header:
          - key: Accept
            value: application/json
          url:
            raw: '{{baseUrl}}/users/:userId/manager'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            - manager
            variable:
            - id: 72c2043c-8406-4741-a20e-6e78352ab1b3
              key: userId
              value: <string>
              description: (Required) User object ID or userPrincipalName
          description: Returns the user or organizational contact assigned as the user's manager in Microsoft Entra ID. The
            manager relationship represents the organizational hierarchy.
        response:
        - id: cd2db051-6741-42c1-87b8-3290f668da25
          name: Manager user object
          originalRequest:
            method: GET
            header:
            - key: Accept
              value: application/json
            - description: 'Added as a part of security scheme: oauth2'
              key: Authorization
              value: <token>
            url:
              raw: '{{baseUrl}}/users/:userId/manager'
              host:
              - '{{baseUrl}}'
              path:
              - users
              - :userId
              - manager
              variable:
              - key: userId
          status: OK
          code: 200
          _postman_previewlanguage: json
          header:
          - key: Content-Type
            value: application/json
          cookie: []
          responseTime: null
          body: "{\n  \"id\": \"<uuid>\",\n  \"displayName\": \"<string>\",\n  \"userPrincipalName\": \"<string>\",\n  \"\
            mail\": \"<email>\",\n  \"givenName\": \"<string>\",\n  \"surname\": \"<string>\",\n  \"jobTitle\": \"<string>\"\
            ,\n  \"department\": \"<string>\",\n  \"officeLocation\": \"<string>\",\n  \"mobilePhone\": \"<string>\",\n  \"\
            businessPhones\": [\n    \"<string>\",\n    \"<string>\"\n  ],\n  \"accountEnabled\": \"<boolean>\",\n  \"usageLocation\"\
            : \"<string>\",\n  \"preferredLanguage\": \"<string>\",\n  \"createdDateTime\": \"<dateTime>\",\n  \"lastPasswordChangeDateTime\"\
            : \"<dateTime>\",\n  \"passwordPolicies\": \"<string>\",\n  \"userType\": \"Guest\",\n  \"assignedLicenses\":\
            \ [\n    {\n      \"skuId\": \"<uuid>\",\n      \"disabledPlans\": [\n        \"<uuid>\",\n        \"<uuid>\"\n\
            \      ]\n    },\n    {\n      \"skuId\": \"<uuid>\",\n      \"disabledPlans\": [\n        \"<uuid>\",\n     \
            \   \"<uuid>\"\n      ]\n    }\n  ],\n  \"onPremisesSyncEnabled\": \"<boolean>\",\n  \"onPremisesDistinguishedName\"\
            : \"<string>\",\n  \"externalUserState\": \"<string>\"\n}"
          createdAt: '2026-06-05T14:58:53.000Z'
          updatedAt: '2026-06-05T14:58:53.000Z'
          uid: 35240-cd2db051-6741-42c1-87b8-3290f668da25
        - id: 5c2148ed-53a4-4a0f-bb3a-2b589066e4a4
          name: Resource not found
          originalRequest:
            method: GET
            header:
            - key: Accept
              value: application/json
            - description: 'Added as a part of security scheme: oauth2'
              key: Authorization
              value: <token>
            url:
              raw: '{{baseUrl}}/users/:userId/manager'
              host:
              - '{{baseUrl}}'
              path:
              - users
              - :userId
              - manager
              variable:
              - key: userId
          status: Not Found
          code: 404
          _postman_previewlanguage: json
          header:
          - key: Content-Type
            value: application/json
          cookie: []
          responseTime: null
          body: "{\n  \"error\": {\n    \"code\": \"<string>\",\n    \"message\": \"<string>\",\n    \"innerError\": {\n \
            \     \"date\": \"<dateTime>\",\n      \"request-id\": \"<uuid>\",\n      \"client-request-id\": \"<uuid>\"\n\
            \    }\n  }\n}"
          createdAt: '2026-06-05T14:58:53.000Z'
          updatedAt: '2026-06-05T14:58:53.000Z'
          uid: 35240-5c2148ed-53a4-4a0f-bb3a-2b589066e4a4
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-467aea59-a711-43f0-b949-d83a62c706e9
      id: 54f01856-fd5b-404d-8c46-da78441c0527
      createdAt: '2026-06-05T14:58:52.000Z'
      updatedAt: '2026-06-05T14:58:52.000Z'
      uid: 35240-54f01856-fd5b-404d-8c46-da78441c0527
    - name: Active Directory Get User
      id: e5ee2f1e-4e25-4b1c-ad62-3435db7f220a
      protocolProfileBehavior:
        disableBodyPruning: true
      request:
        method: GET
        header:
        - key: Accept
          value: application/json
        url:
          raw: '{{baseUrl}}/users/:userId?$select=<string>'
          host:
          - '{{baseUrl}}'
          path:
          - users
          - :userId
          query:
          - description: Comma-separated properties to include
            key: $select
            value: <string>
          variable:
          - id: ab289b7a-68ca-435c-b16a-584455aa12af
            key: userId
            value: <string>
            description: (Required) User object ID (UUID) or userPrincipalName
        description: Retrieve the properties and relationships of a specific user in Microsoft Entra ID by their object ID
          or userPrincipalName. Use $select to retrieve specific properties.
      response:
      - id: 869cca34-a346-4aad-a0da-f198f05efd91
        name: User object
        originalRequest:
          method: GET
          header:
          - key: Accept
            value: application/json
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          url:
            raw: '{{baseUrl}}/users/:userId?$select=<string>'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            query:
            - description: Comma-separated properties to include
              key: $select
              value: <string>
            variable:
            - key: userId
        status: OK
        code: 200
        _postman_previewlanguage: json
        header:
        - key: Content-Type
          value: application/json
        cookie: []
        responseTime: null
        body: "{\n  \"id\": \"<uuid>\",\n  \"displayName\": \"<string>\",\n  \"userPrincipalName\": \"<string>\",\n  \"mail\"\
          : \"<email>\",\n  \"givenName\": \"<string>\",\n  \"surname\": \"<string>\",\n  \"jobTitle\": \"<string>\",\n  \"\
          department\": \"<string>\",\n  \"officeLocation\": \"<string>\",\n  \"mobilePhone\": \"<string>\",\n  \"businessPhones\"\
          : [\n    \"<string>\",\n    \"<string>\"\n  ],\n  \"accountEnabled\": \"<boolean>\",\n  \"usageLocation\": \"<string>\"\
          ,\n  \"preferredLanguage\": \"<string>\",\n  \"createdDateTime\": \"<dateTime>\",\n  \"lastPasswordChangeDateTime\"\
          : \"<dateTime>\",\n  \"passwordPolicies\": \"<string>\",\n  \"userType\": \"Guest\",\n  \"assignedLicenses\": [\n\
          \    {\n      \"skuId\": \"<uuid>\",\n      \"disabledPlans\": [\n        \"<uuid>\",\n        \"<uuid>\"\n    \
          \  ]\n    },\n    {\n      \"skuId\": \"<uuid>\",\n      \"disabledPlans\": [\n        \"<uuid>\",\n        \"<uuid>\"\
          \n      ]\n    }\n  ],\n  \"onPremisesSyncEnabled\": \"<boolean>\",\n  \"onPremisesDistinguishedName\": \"<string>\"\
          ,\n  \"externalUserState\": \"<string>\"\n}"
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-869cca34-a346-4aad-a0da-f198f05efd91
      - id: caf87217-0881-4e7c-89dd-2cb60a4cc818
        name: Resource not found
        originalRequest:
          method: GET
          header:
          - key: Accept
            value: application/json
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          url:
            raw: '{{baseUrl}}/users/:userId?$select=<string>'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            query:
            - description: Comma-separated properties to include
              key: $select
              value: <string>
            variable:
            - key: userId
        status: Not Found
        code: 404
        _postman_previewlanguage: json
        header:
        - key: Content-Type
          value: application/json
        cookie: []
        responseTime: null
        body: "{\n  \"error\": {\n    \"code\": \"<string>\",\n    \"message\": \"<string>\",\n    \"innerError\": {\n   \
          \   \"date\": \"<dateTime>\",\n      \"request-id\": \"<uuid>\",\n      \"client-request-id\": \"<uuid>\"\n    }\n\
          \  }\n}"
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-caf87217-0881-4e7c-89dd-2cb60a4cc818
      createdAt: '2026-06-05T14:58:53.000Z'
      updatedAt: '2026-06-05T14:58:53.000Z'
      uid: 35240-e5ee2f1e-4e25-4b1c-ad62-3435db7f220a
    - name: Active Directory Update User
      id: b0b3e33a-1060-4413-9909-ff8d3e24399f
      protocolProfileBehavior:
        disableBodyPruning: true
      request:
        method: PATCH
        header:
        - key: Content-Type
          value: application/json
        - key: Accept
          value: application/json
        body:
          mode: raw
          raw: "{\n  \"displayName\": \"<string>\",\n  \"givenName\": \"<string>\",\n  \"surname\": \"<string>\",\n  \"jobTitle\"\
            : \"<string>\",\n  \"department\": \"<string>\",\n  \"officeLocation\": \"<string>\",\n  \"mobilePhone\": \"<string>\"\
            ,\n  \"preferredLanguage\": \"<string>\",\n  \"usageLocation\": \"<string>\",\n  \"passwordProfile\": {\n    \"\
            password\": \"<string>\",\n    \"forceChangePasswordNextSignIn\": true,\n    \"forceChangePasswordNextSignInWithMfa\"\
            : \"<boolean>\"\n  },\n  \"accountEnabled\": \"<boolean>\"\n}"
          options:
            raw:
              headerFamily: json
              language: json
        url:
          raw: '{{baseUrl}}/users/:userId'
          host:
          - '{{baseUrl}}'
          path:
          - users
          - :userId
          variable:
          - id: d156e8e2-5880-47ab-b327-097bed7f1ad1
            key: userId
            value: <string>
            description: (Required) User object ID or userPrincipalName
        description: Update the properties of a user in Microsoft Entra ID. Only include properties you want to update in
          the request body; all other properties retain their current values.
      response:
      - id: b98c8bc0-79cf-4923-baff-5449ae9d5af9
        name: User updated successfully (no content)
        originalRequest:
          method: PATCH
          header:
          - key: Content-Type
            value: application/json
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          body:
            mode: raw
            raw: "{\n  \"displayName\": \"<string>\",\n  \"givenName\": \"<string>\",\n  \"surname\": \"<string>\",\n  \"\
              jobTitle\": \"<string>\",\n  \"department\": \"<string>\",\n  \"officeLocation\": \"<string>\",\n  \"mobilePhone\"\
              : \"<string>\",\n  \"preferredLanguage\": \"<string>\",\n  \"usageLocation\": \"<string>\",\n  \"passwordProfile\"\
              : {\n    \"password\": \"<string>\",\n    \"forceChangePasswordNextSignIn\": true,\n    \"forceChangePasswordNextSignInWithMfa\"\
              : \"<boolean>\"\n  },\n  \"accountEnabled\": \"<boolean>\"\n}"
            options:
              raw:
                headerFamily: json
                language: json
          url:
            raw: '{{baseUrl}}/users/:userId'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            variable:
            - key: userId
        status: No Content
        code: 204
        _postman_previewlanguage: text
        header: []
        cookie: []
        responseTime: null
        body: null
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-b98c8bc0-79cf-4923-baff-5449ae9d5af9
      - id: b0b19af5-c654-4617-9ec3-c951e05fd2f9
        name: Bad request — invalid query parameters or request body
        originalRequest:
          method: PATCH
          header:
          - key: Content-Type
            value: application/json
          - key: Accept
            value: application/json
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          body:
            mode: raw
            raw: "{\n  \"displayName\": \"<string>\",\n  \"givenName\": \"<string>\",\n  \"surname\": \"<string>\",\n  \"\
              jobTitle\": \"<string>\",\n  \"department\": \"<string>\",\n  \"officeLocation\": \"<string>\",\n  \"mobilePhone\"\
              : \"<string>\",\n  \"preferredLanguage\": \"<string>\",\n  \"usageLocation\": \"<string>\",\n  \"passwordProfile\"\
              : {\n    \"password\": \"<string>\",\n    \"forceChangePasswordNextSignIn\": true,\n    \"forceChangePasswordNextSignInWithMfa\"\
              : \"<boolean>\"\n  },\n  \"accountEnabled\": \"<boolean>\"\n}"
            options:
              raw:
                headerFamily: json
                language: json
          url:
            raw: '{{baseUrl}}/users/:userId'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            variable:
            - key: userId
        status: Bad Request
        code: 400
        _postman_previewlanguage: json
        header:
        - key: Content-Type
          value: application/json
        cookie: []
        responseTime: null
        body: "{\n  \"error\": {\n    \"code\": \"<string>\",\n    \"message\": \"<string>\",\n    \"innerError\": {\n   \
          \   \"date\": \"<dateTime>\",\n      \"request-id\": \"<uuid>\",\n      \"client-request-id\": \"<uuid>\"\n    }\n\
          \  }\n}"
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-b0b19af5-c654-4617-9ec3-c951e05fd2f9
      - id: 5ad81bc4-01b0-4269-88ef-fdc3173ca2da
        name: Resource not found
        originalRequest:
          method: PATCH
          header:
          - key: Content-Type
            value: application/json
          - key: Accept
            value: application/json
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          body:
            mode: raw
            raw: "{\n  \"displayName\": \"<string>\",\n  \"givenName\": \"<string>\",\n  \"surname\": \"<string>\",\n  \"\
              jobTitle\": \"<string>\",\n  \"department\": \"<string>\",\n  \"officeLocation\": \"<string>\",\n  \"mobilePhone\"\
              : \"<string>\",\n  \"preferredLanguage\": \"<string>\",\n  \"usageLocation\": \"<string>\",\n  \"passwordProfile\"\
              : {\n    \"password\": \"<string>\",\n    \"forceChangePasswordNextSignIn\": true,\n    \"forceChangePasswordNextSignInWithMfa\"\
              : \"<boolean>\"\n  },\n  \"accountEnabled\": \"<boolean>\"\n}"
            options:
              raw:
                headerFamily: json
                language: json
          url:
            raw: '{{baseUrl}}/users/:userId'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            variable:
            - key: userId
        status: Not Found
        code: 404
        _postman_previewlanguage: json
        header:
        - key: Content-Type
          value: application/json
        cookie: []
        responseTime: null
        body: "{\n  \"error\": {\n    \"code\": \"<string>\",\n    \"message\": \"<string>\",\n    \"innerError\": {\n   \
          \   \"date\": \"<dateTime>\",\n      \"request-id\": \"<uuid>\",\n      \"client-request-id\": \"<uuid>\"\n    }\n\
          \  }\n}"
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-5ad81bc4-01b0-4269-88ef-fdc3173ca2da
      createdAt: '2026-06-05T14:58:53.000Z'
      updatedAt: '2026-06-05T14:58:53.000Z'
      uid: 35240-b0b3e33a-1060-4413-9909-ff8d3e24399f
    - name: Active Directory Delete User
      id: 98de2e20-97b4-4086-b780-9d7b5b78e1c8
      protocolProfileBehavior:
        disableBodyPruning: true
      request:
        method: DELETE
        header:
        - key: Accept
          value: application/json
        url:
          raw: '{{baseUrl}}/users/:userId'
          host:
          - '{{baseUrl}}'
          path:
          - users
          - :userId
          variable:
          - id: eb5cf0a1-ef6b-4b58-91db-901545a95fcd
            key: userId
            value: <string>
            description: (Required) User object ID or userPrincipalName
        description: Delete a user from Microsoft Entra ID. The deleted user is moved to the recycle bin for 30 days before
          permanent deletion. During this period, the user can be restored.
      response:
      - id: c08c6221-7f7e-4fd9-9ad0-ed7427b93e4f
        name: User deleted successfully (no content)
        originalRequest:
          method: DELETE
          header:
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          url:
            raw: '{{baseUrl}}/users/:userId'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            variable:
            - key: userId
        status: No Content
        code: 204
        _postman_previewlanguage: text
        header: []
        cookie: []
        responseTime: null
        body: null
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-c08c6221-7f7e-4fd9-9ad0-ed7427b93e4f
      - id: 897ceb54-1021-472b-989c-436f48108ab4
        name: Resource not found
        originalRequest:
          method: DELETE
          header:
          - key: Accept
            value: application/json
          - description: 'Added as a part of security scheme: oauth2'
            key: Authorization
            value: <token>
          url:
            raw: '{{baseUrl}}/users/:userId'
            host:
            - '{{baseUrl}}'
            path:
            - users
            - :userId
            variable:
            - key: userId
        status: Not Found
        code: 404
        _postman_previewlanguage: json
        header:
        - key: Content-Type
          value: application/json
        cookie: []
        responseTime: null
        body: "{\n  \"error\": {\n    \"code\": \"<string>\",\n    \"message\": \"<string>\",\n    \"innerError\": {\n   \
          \   \"date\": \"<dateTime>\",\n      \"request-id\": \"<uuid>\",\n      \"client-request-id\": \"<uuid>\"\n    }\n\
          \  }\n}"
        createdAt: '2026-06-05T14:58:53.000Z'
        updatedAt: '2026-06-05T14:58:53.000Z'
        uid: 35240-897ceb54-1021-472b-989c-436f48108ab4
      createdAt: '2026-06-05T14:58:53.000Z'
      updatedAt: '2026-06-05T14:58:53.000Z'
      uid: 35240-98de2e20-97b4-4086-b780-9d7b5b78e1c8
    id: df792acc-b741-4932-8226-a1ce957ea4a6
    createdAt: '2026-06-05T14:58:52.000Z'
    updatedAt: '2026-06-05T14:58:52.000Z'
    uid: 35240-df792acc-b741-4932-8226-a1ce957ea4a6
  - name: Active Directory List Users
    id: a953203b-932c-45d6-9962-b20daf2d9830
    protocolProfileBehavior:
      disableBodyPruning: true
    request:
      method: GET
      header:
      - key: Accept
        value: application/json
      url:
        raw: '{{baseUrl}}/users?$filter=<string>&$select=<string>&$top=<integer>&$orderby=<string>&$search=<string>&$count=<boolean>'
        host:
        - '{{baseUrl}}'
        path:
        - users
        query:
        - description: OData filter expression (e.g. displayName eq 'John Doe')
          key: $filter
          value: <string>
        - description: Comma-separated list of properties to include in response
          key: $select
          value: <string>
        - description: Maximum number of users to return (max 999)
          key: $top
          value: <integer>
        - description: Property to sort by (e.g. displayName asc)
          key: $orderby
          value: <string>
        - description: Search expression for user properties
          key: $search
          value: <string>
        - description: Include total count of matching users
          key: $count
          value: <boolean>
      description: Retrieve a list of user objects from Microsoft Entra ID. Supports OData query parameters for filtering,
        selecting specific properties, ordering, and pagination.
    response:
    - id: 42f41a1c-e5a4-4e72-8fc8-a479ba9a55bb
      name: List of users
      originalRequest:
        method: GET
        header:
        - key: Accept
          value: application/json
        - description: 'Added as a part of security scheme: oauth2'
          key: Authorization
          value: <token>
        url:
          raw: '{{baseUrl}}/users?$filter=<string>&$select=<string>&$top=<integer>&$orderby=<string>&$search=<string>&$count=<boolean>'
          host:
          - '{{baseUrl}}'
          path:
          - users
          query:
          - description: OData filter expression (e.g. displayName eq 'John Doe')
            key: $filter
            value: <string>
          - description: Comma-separated list of properties to include in response
            key: $select
            value: <string>
          - description: Maximum number of users to return (max 999)
            key: $top
            value: <integer>
          - description: Property to sort by (e.g. displayName asc)
            key: $orderby
            value: <string>
          - description: Search expression for user properties
            key: $search
            value: <string>
          - description: Include total count of matching users
            key: $count
            value: <boolean>
      status: OK
      code: 200
      _postman_previewlanguage: json
      header:
      - key: Content-Type
        value: application/json
      cookie: []
      responseTime: null
      body: "{\n  \"@odata.context\": \"<string>\",\n  \"@odata.nextLink\": \"<string>\",\n  \"value\": [\n    {\n      \"\
        id\": \"<uuid>\",\n      \"displayName\": \"<string>\",\n      \"userPrincipalName\": \"<string>\",\n      \"mail\"\
        : \"<email>\",\n      \"givenName\": \"<string>\",\n      \"surname\": \"<string>\",\n      \"jobTitle\": \"<string>\"\
        ,\n      \"department\": \"<string>\",\n      \"officeLocation\": \"<string>\",\n      \"mobilePhone\": \"<string>\"\
        ,\n      \"businessPhones\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"accountEnabled\": \"\
        <boolean>\",\n      \"usageLocation\": \"<string>\",\n      \"preferredLanguage\": \"<string>\",\n      \"createdDateTime\"\
        : \"<dateTime>\",\n      \"lastPasswordChangeDateTime\": \"<dateTime>\",\n      \"passwordPolicies\": \"<string>\"\
        ,\n      \"userType\": \"Guest\",\n      \"assignedLicenses\": [\n        {\n          \"skuId\": \"<uuid>\",\n  \
        \        \"disabledPlans\": [\n            \"<uuid>\",\n            \"<uuid>\"\n          ]\n        },\n        {\n\
        \          \"skuId\": \"<uuid>\",\n          \"disabledPlans\": [\n            \"<uuid>\",\n            \"<uuid>\"\
        \n          ]\n        }\n      ],\n      \"onPremisesSyncEnabled\": \"<boolean>\",\n      \"onPremisesDistinguishedName\"\
        : \"<string>\",\n      \"externalUserState\": \"<string>\"\n    },\n    {\n      \"id\": \"<uuid>\",\n      \"displayName\"\
        : \"<string>\",\n      \"userPrincipalName\": \"<string>\",\n      \"mail\": \"<email>\",\n      \"givenName\": \"\
        <string>\",\n      \"surname\": \"<string>\",\n      \"jobTitle\": \"<string>\",\n      \"department\": \"<string>\"\
        ,\n      \"officeLocation\": \"<string>\",\n      \"mobilePhone\": \"<string>\",\n      \"businessPhones\": [\n  \
        \      \"<string>\",\n        \"<string>\"\n      ],\n      \"accountEnabled\": \"<boolean>\",\n      \"usageLocation\"\
        : \"<string>\",\n      \"preferredLanguage\": \"<string>\",\n      \"createdDateTime\": \"<dateTime>\",\n      \"\
        lastPasswordChangeDateTime\": \"<dateTime>\",\n      \"passwordPolicies\": \"<string>\",\n      \"userType\": \"Member\"\
        ,\n      \"assignedLicenses\": [\n        {\n          \"skuId\": \"<uuid>\",\n          \"disabledPlans\": [\n  \
        \          \"<uuid>\",\n            \"<uuid>\"\n          ]\n        },\n        {\n          \"skuId\": \"<uuid>\"\
        ,\n          \"disabledPlans\": [\n            \"<uuid>\",\n            \"<uuid>\"\n          ]\n        }\n     \
        \ ],\n      \"onPremisesSyncEnabled\": \"<boolean>\",\n      \"onPremisesDistinguishedName\": \"<string>\",\n    \
        \  \"externalUserState\": \"<string>\"\n    }\n  ]\n}"
      createdAt: '2026-06-05T14:58:53.000Z'
      updatedAt: '2026-06-05T14:58:53.000Z'
      uid: 35240-42f41a1c-e5a4-4e72-8fc8-a479ba9a55bb
    - id: 2cc08a54-22bc-42c3-b53b-c91e3df04e1e
      name: Bad request — invalid query parameters or request body
      originalRequest:
        method: GET
        header:
        - key: Accept
          value: application/json
        - description: 'Added as a part of security scheme: oauth2'
          key: Authorization
          value: <token>
        url:
          raw: '{{baseUrl}}/users?$filter=<string>&$select=<string>&$top=<integer>&$orderby=<string>&$search=<string>&$count=<boolean>'
          host:
          - '{{baseUrl}}'
          path:
          - users
          query:
          - description: OData filter expression (e.g. displayName eq 'John Doe')
            key: $filter
            value: <string>
          - description: Comma-separated list of properties to include in response
            key: $select
            value: <string>
          - description: Maximum number of users to return (max 999)
            key: $top
            value: <integer>
          - description: Property to sort by (e.g. displayName asc)
            key: $orderby
            value: <string>
          - description: Search expression for user properties
            key: $search
            value: <string>
          - description: Include total count of matching users
            key: $count
            value: <boolean>
      status: Bad Request
      code: 400
      _postman_previewlanguage: json
      header:
      - key: Content-Type
        value: application/json
      cookie: []
      responseTime: null
      body: "{\n  \"error\": {\n    \"code\": \"<string>\",\n    \"message\": \"<string>\",\n    \"innerError\": {\n     \
        \ \"date\": \"<dateTime>\",\n      \"request-id\": \"<uuid>\",\n      \"client-request-id\": \"<uuid>\"\n    }\n \
        \ }\n}"
      createdAt: '2026-06-05T14:58:53.000Z'
      updatedAt: '2026-06-05T14:58:53.000Z'
      uid: 35240-2cc08a54-22bc-42c3-b53b-c91e3df04e1e
    - id: ccbb0f34-60f4-492a-a117-165c9dd1abc0
      name: Authentication required — missing or invalid access token
      originalRequest:
        method: GET
        header:
        - key: Accept
          value: application/json
        - description: 'Added as a part of security scheme: oauth2'
          key: Authorization
          value: <token>
        url:
          raw: '{{baseUrl}}/users?$filter=<string>&$select=<string>&$top=<integer>&$orderby=<string>&$search=<string>&$count=<boolean>'
          host:
          - '{{baseUrl}}'
          path:
          - users
          query:
          - description: OData filter expression (e.g. displayName eq 'John Doe')
            key: $filter
            value: <string>
          - description: Comma-separated list of properties to include in response
            key: $select
            value: <string>
          - description: Maximum number of users to return (max 999)
            key: $top
            v

# --- truncated at 32 KB (49 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/active-directory/refs/heads/main/apis.yml