-1
const msRestAzure = require('ms-rest-azure');
const { GraphRbacManagementClient }  = require('azure-graph');

module.exports = async function (context, req) {
   try{
        const credentials = await msRestAzure.loginWithServicePrincipalSecret(clientId, clientSecret, tanent);
        const client = new GraphRbacManagementClient(credentials, tenantId);
        const results = await client.users.list();

        context.res = {
           body: results
        };
   } catch (error) {
       console.log('error==> ',error);   // Getting error: Authentication_MissingOrMalformed
       context.res = {
           body: error
       };
   }
}

I want to get all users list using azure graph sdk. But after calling the client.users.list() function I'm getting the error ("Authentication_MissingOrMalformed"). How do I fix this error and get all users list.

How to get all users list from Azure Active Directory using Azure Graph SDK (Nodejs) ?

Param
  • 41
  • 1
  • 12
  • Did you try... reading the error message... and thinking about what it suggests? – Ian Kemp Sep 22 '20 at 13:40
  • Hi, please refer to the solution I provided below. If it helps your problem, please [accept](https://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) it as answer(click on the check mark beside my answer to toggle it from greyed out to filled in). Thanks in advance~ – Hury Shen Sep 23 '20 at 02:15

1 Answers1

0

The main problem is missing { tokenAudience: 'graph' }, please refer to my code:

const msRestAzure = require('ms-rest-azure');
const { GraphRbacManagementClient }  = require('azure-graph');

module.exports = async function (context, req) {
    try{
         msRestAzure.loginWithServicePrincipalSecret("clientId", "clientSecret", "tenantId", { tokenAudience: 'graph' }, function (err, credentials) {
            if (err) return console.log(err);
            const client = new GraphRbacManagementClient(credentials, "tenantId");

            client.users.list((err, results, request, response) => {
                if (err) return console.log(err);
                console.log(JSON.parse(response.body).value.length);
            });
            
         });
    } catch (error) {
        console.log('error==> ',error);
        context.res = {
            body: error
        };
    }
}

After running the code above, if the number of users in your AD is greater than 100, it will output 100 because graph api can response 100 users in a page(default is 100).

==================================Update================================

Please check if you have added the permission to the application registered in Azure AD. If you didn't add the permission, please follow the below steps:

1. Go to the application which registered in your Azure AD (It's the application which you use its clientId).

2. Add the permission.

enter image description here

enter image description here

3. Click "Grant admin consent for xxx". enter image description here

4. After a few minutes, run your code again.

Hury Shen
  • 14,948
  • 1
  • 9
  • 18
  • l{"code":"Authorization_RequestDenied","message":{"lang":"en","value":"Insufficient privileges to complete the operation."} – Param Sep 23 '20 at 06:18
  • Hi @Param The error message means you don't have permission to do this operation. You need to add the permission, please refer to the "Update" in my answer. – Hury Shen Sep 24 '20 at 01:14
  • @Param Did you run the code success ? If still have any problem, please let me know. – Hury Shen Sep 24 '20 at 06:20
  • I'm really sorry to response you late. Actually I don't have the API permission that's why I'm getting the above error. I talked to Admin when I'll get permission as soon as I'll update you. Thank you once again !! – Param Sep 28 '20 at 13:13