How to properly filter for specific enabled services via the Graph API/SDK

The limited (and convoluted) filter capabilities of the Graph API have lead to scenarios where people are using incorrect queries to filter out the set of users enabled for specific Microsoft 365 service(s). In this article, we will go over some of the common mistakes I’ve seen in online examples, and provide you with a “proper” solution, to the best of the current Graph API filtering capabilities. …

Continue readingHow to properly filter for specific enabled services via the Graph API/SDK

How to fetch data for reports Microsoft is yet to provide Graph API endpoints for

As Microsoft is yet to provide Graph API endpoints for access to all of the Microsoft 365 reports, in this article we examine a workaround that allows you to fetch the same data by alternative means. As an added bonus, this method allows you to also fetch data for some reports that are not even exposed in the UI yet! …

Continue readingHow to fetch data for reports Microsoft is yet to provide Graph API endpoints for

Some ramblings around Continuous access evaluation, support for Graph and service principals

Does the Graph resource support Continuous Access Evaluation? How exactly are long-lived CAE tokens issued, and is it worth it to accept some additional risk as a tradeoff? But most importantly, beware of scenarios where CAE-capable service principal is compromised, as the advertised support for revocation seems to be a bit shady! …

Continue readingSome ramblings around Continuous access evaluation, support for Graph and service principals