Logged in as the Office 365 Global Administrator, I want to get the relevant people list for any user in Active Directory.
I can get my calls to return using
https://graph.microsoft.com:443/v1.0/users('my.address#contoso.com')/people
and
https://graph.microsoft.com:443/v1.0/users/{the user id}/people
and
https://graph.microsoft.com:443/v1.0/users('{the user id}')/people
and
https://graph.microsoft.com:443/v1.0/users/my.address#contoso.com/people
but, as an Office 365 admin with People.Read.All consent in the app, the call only returns one person (the target user's profile) for any user but myself. If I call it for my user I get a list of ten people
If I log in as that other person and make the People List API call it returns the expected ten results.
JWT scope: "scp": "Files.ReadWrite Mail.Send People.Read.All User.Read
I have to change the scope to People.Read for the non-admin.
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_list_people
the call only returns one person (the target user's profile) for any
user but myself.
Answer is in the API Doc. As the document says.
Retrieve a collection of person objects ordered by their relevance to
the user, which is determined by the user's communication and
collaboration patterns and business relationships.
The following request gets the people most relevant to another person in the signed-in user's organization
https://graph.microsoft.com:443/v1.0/users('my.address#contoso.com')/people
It might happen that there is no one relevant to that user.
If you want the list of contacts in other user's contact list then you can refer to this one :
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_list_contacts
UPDATE
https://developer.microsoft.com/en-us/graph/graph-explorer
I used the demo account on this website. I used this query
https://graph.microsoft.com/v1.0/users/08fa38e4-cbfa-4488-94ed-c834da6539df/people It worked.
This query gives the same result
https://graph.microsoft.com/v1.0/users('08fa38e4-cbfa-4488-94ed-c834da6539df')/people
Same result
https://graph.microsoft.com/v1.0/users('MiriamG#M365x214355.onmicrosoft.com')/people/
Same result
https://graph.microsoft.com/v1.0/users/MiriamG#M365x214355.onmicrosoft.com/people/
If you still can't get it to work and specially on Graph Explorer Website. Then it means that according to Microsoft there are no relevant people for that particular user.
As you can see there are different ways to use the same thing. Try it all if it works. Let me know.
I am not seeing this behavior in the Graph Explorer sample tenant. The behavior seems to indicate that this is auth-related. I would try to sign in with the admin again and make sure that you've consented to any of the admin-only scopes. Additionally, one thing you can do to figure out whether you have the appropriate scope in your token is decoding the JWT and examining the "scp" collection.
Related
Can I get a list of reviews from an arbitrary business?
It appears like you get a list of the reviews for a specific account and location.
https://mybusiness.googleapis.com/v3/accounts/account_name/locations/location_name/reviews
However, you can only get a list of account for an authenticated user.
https://mybusiness.googleapis.com/v3/accounts
Is there an endpoint or way to list out the reviews for any business? I just need the number or reviews, and really don't want to have to look at screen scraping type solutions.
The Places API returns only 5 for a business, GMB API requires the user as you’ve mentioned to authenticate; there’s no official endpoint for getting all listed reviews unless you either scrape the data; like Yelp, Google didn’t make it available to pull all user contributed content such as reviews; alternatively you can create your own DB for some businesses and manually update by pulling reviews off a third party site (eg: ReviewsMaker.com) where you can copy data to a table and keep track, but there’s no other real-time solution other than using the GMB API (which is restricted only to authenticated users)
I'm working on a project using Microsoft Graph API. This project uses /me/people to get data.
According to Microsoft: "Microsoft Graph applications can use the People API to retrieve the people who are most relevant to a user. Relevance is determined by the user’s communication and collaboration patterns and business relationships. People can be local contacts, contacts from social networking or from an organization’s directory, and people from recent communications (such as email and Skype)."
According to this, I think that the result can be confirmable.
For example, I have 3 users account: user1#tnv.onmicrosoft.com, user2#tnv.onmicrosoft.com, user3#tnv.onmicrosoft.com. I put them in the same AAD security group named AADTestGroup.
I expect that when user1 calls /me/people, the result contains user2 and user3. However, it does not returns as expected.
The questions are:
What am I missing here?
How could I organize user accounts in O365 to get confirmable result from /me/people?
How long does this function take to reflect changes from Office 365?
Being in the same security group isn't a relevant "communication and collaboration pattern" or "business relationship". Until you have sufficient activity between these users, they will not show up in the result. Try editing the same document, emailing each other, etc. and they will begin to show up.
How do I get organization ID? I tried this:
https://app.asana.com/api/1.0/organization_exports
But it returns
{"errors":[{"message":"Not Found","help":"For more information on API status codes and how to handle them, read the docs on errors: https://asana.com/developers/documentation/getting-started/errors"}]}
Of course I'm logged in, or use an access token, and other API calls work fine.
My final goal is to make use of the organization ID in https://github.com/Asana/export_importer.
sorry for the delay - the system that was supposed to alert us to your question didn't pick this one up.
The easiest way to get the organization ID is to query our API for your user to see what organizations you're a member of, rather than use the organization_exports endpoint - that's for exporting a full organization data dump for backup or reporting purposes.
If you look at our API documentation for getting your user at app.asana.com/api/1.0/users/me, you'll see that your user record returns a list of workspaces which have ID and name information. This is probably the most straightforward way to get your organization ID from our API.
Do you know whether it is possible to retrieve the "friendship" network in a group of Twitter users (where #X is considered to be friend of #Y when #X follows #Y) through the new Twitter api?
In other words, given two arbitrary Twitter users, do you know whether Twitter api replies to queries whether one of them follows the other one or not, when this query is made by some third party (using different authorization credentials from the ones of the former two users)?
If yes, how's is it done?
You can use Twitter REST API
The REST APIs provide programmatic access to read and write Twitter data. Author a new Tweet, read author profile and follower data, and more. The REST API identifies Twitter applications and users using OAuth; responses are available in JSON.
Specifically, you will need to use these two calls:
GET friends
Returns a cursored collection of user IDs for every user the specified user is following (otherwise known as their “friends”).
GET followers
Returns a cursored collection of user IDs for every user following the specified user.
There is not such a query exactly as you want, with input arguments #X and #Y, but with these two you should be fine.
I'm working on migrating from SOAP to valence API. I'm having some problems with a few calls like getting users (All users, based on role, by userID, etc) and grades (All variations).
I see an empty list returned with no items. There's no error of any kind. When I try to get the data using SOAP, I get the desired data.
I've checked the permissions for "Search for Students", so technically, I should be getting something when I try to get all users or by role id of students. What else am I missing here...
The D2LWS service's authentication mechanism puts the API caller in the position of being a privileged caller. The Valence Learning Framework APIs use a different auth model: the user ID/Key tokens that identify a user get employed by the back-end to restrict the functionality of calls. That is: the authenticated user should have access to the same functionality and data as the user would get through the web UI, and no more.
In this particular case, the calls succeed: they send back all the elements in the result set that your calling user has privileges to see -- none of them.
This is almost certainly an issue with the role privileges afforded to your calling user, and debugging the permissions around calls can be challenging. The Valence project's documentation provides a walkthrough topic on investigating role permissions that might shed let on a possible approach here, especially with respect to the calls to gain access to user records (or properties that appear in user records).
As the walkthrough discusses, there are various aspects to making the general call to /d2l/api/lp/{version}/users/ that bring permissions into play:
If you're trying to filter with a query parameter, does the calling user context have permissions to use the data on which you want to filter
Does the calling user context have permission to see properties affected by User Information Privacy settings
Does the calling user have permission to search for all the user roles they need to, in order find users in the result set
The users call operates on the root organization unit, so the permissions the calling user requires must be set on the organization org unit type.
By contrast, the Grades-related API calls operate not on the root organization unit, but typically on course offerings, sections, or groups. The permissions surrounding the calls there will get checked in the associated org unit types, so the calling user will need the right permissions against those types. Additionally, many of the calls related to course offerings (also sections and groups) require that the calling user be enrolled in the org unit in question (and in some cases, explicitly enrolled, not merely enrolled by cascading enrollment).
If you're sure that your calling user context does give you access to these things (and allows you access to this data through the web UI), and you still see a mismatch like this when you're calling through the API, then you may have uncovered a defect of some kind and you should please ask your organization's support contact, or your account manager, to open a support ticket to report that through Desire2Learn's support desk.