Using Microsoft Graph how do i get Azure AD user fields that were synced from On Premise AD

Question

I have Active Directory On-Premise which syncs to my Azure AD instance using a connector.

Fields such as 'Other Mobile' and 'Other Telephone' are set to sync from On-Prem AD to Azure AD. (All users have these values populated)

However when querying using the Microsoft Graph i am unable to see these fields, this is the URL i am using (i can see the standard fields fine):

https://graph.microsoft.com/v1.0/users/[USER ID HERE]

I have tried various queries but no luck. Is it even possible using the Graph API to see all fields that are on Azure AD for a user, including the ones synced from On-Prem AD? What other options do i have?

I have tried queries including '$select=otherMobile,otherTelephone' and also extensions

I have also tried the Azure AD graph explorer, however the user object does not contain these fields either:

https://graph.windows.net/ $metadata#directoryObjects/Microsoft.DirectoryServices.User

Answer 1

By default, only a limited set of properties are returned ( businessPhones, displayName, givenName, id, jobTitle, mail, mobilePhone, officeLocation, preferredLanguage, surname, userPrincipalName).To return an alternative property set, you must specify the desired set of user properties using the OData $select query parameter.

For example, to return displayName, givenName, and postalCode, you would need to add the following to your query $select=displayName,givenName,postalCode.

You must specify all fields in the select, as $select=* will only output the key fields in Graph API implementation.

You can't access Fields such as 'Other Mobile' and 'Other Telephone' using the Graph API as there are only several User fields are available for access. Refer: User Entity for more info on user fields.

Answer 2

After literally search for days for a response regarding this, returning back here, in case anyone else has this problem: by default msgraph doensn't return back those special attributes, they are part of a different schema. The way to figure out what schemas are available, I used the following api:

https://graph.microsoft.com/v1.0/schemaExtensions

It needs a access token, and based on that, it will return back available schemas, and in my case there was something with an id of: someId_UserExt , which I though makes some sense where it would store them.

Afterwards I used in a query like @Ajay posted above, using the id from above alongside the other extensions I needed:

...$select={someId_UserExt} displayName, givenName, postalCode, {extensionId_otherMobile}

One thing to note here, is that these extensions are not directly called otherMobile , or otherTelephone , they have some form of an id in front of them something like: 92432132132141321321_otherMobile etc. and that would the extension name that is needed to properly select values

An endpoint used to check these ids would be: https://graph.microsoft.com/v1.0/applications/{appId}/extensionProperties or possibly grabbing their name or objectId at least, from Azure AD.

Some good read on the above: https://docs.microsoft.com/en-us/graph/api/application-list-extensionproperty?view=graph-rest-1.0&tabs=http