10

I need to discover user's tenant name, since the service endpoint, resourceId that I'll be using an Azure service that requires me to specify the tenant name:

service endpoint: https://[tenantnamme].api.crm.dynamics.com/...
resource Id: https://[tenantname].crm.dynamics.com

I was hoping Unified Microsoft Graph API can discover this for me. I looked at the documentation, the closest I can see is to use graph.microsoft.com/v1.0/organization which will give me back: verifiedDomains : [ .... "name" : "contoso.onmicrosoft.com" ]

But, I'm not sure if this is the right approach. What if an org has multiple verified domains? Does verified domain name is the same as tenant name?

Update: This is my real scenario. I have a web app that allows user to authenticate to Azure AD via OAuth2. I have no problem obtaining refresh token and access token from OAuth interactions. However, in other to use other service, it requires [azure-ad-tenant-name] in their service end point. That's my question coming from.

David
  • 2,412
  • 1
  • 14
  • 22
Andy H.
  • 101
  • 1
  • 4

2 Answers2

7

I believe that you're on the right track with the graph.microsoft.com/v1.0/organization endpoint. You should be able to find the tenant name in the verifiedDomains list. The entry that should contain domain with the tenant name is the initial domain: 

{
    ...
    "isInitial": true,
    "name": "contoso.onmicrosoft.com",
    ...
}
shtrule
  • 658
  • 10
  • 23
0

Same. When you create a AD, you will obtain a domain name and a tenant id without tenant name, they are both the unique identifier of a AD. Use Get-AzureRmTenant to get all tenantid and domains in your subscription.

Lily_user4045
  • 795
  • 4
  • 11
  • Thanks. But I'm not looking for Powershell solution. I'm looking for REST solution, which we will implement on opensource solutions – Andy H. Apr 07 '16 at 18:45
  • If you can obtain access token that indicate your tenant has been created, you only need to hardcoding your tenant id to [azure-ad-tenant-name], because every access token do not have more than one tenant id. – Lily_user4045 Apr 08 '16 at 05:53
  • 1
    Ok. If you need tenant name(domain name) using API, use the Grapgh API: `https://graph.windows.net/tenantid/domains?api-version=beta`,hope it helps you. – Lily_user4045 Apr 08 '16 at 09:43
  • There's also a Nuget package that can help you out with the Graph API, take a look at `Microsoft.Azure.ActiveDirectory.GraphClient` – Tom Wuyts Jul 17 '16 at 06:53