https://graph.microsoft.com/v1.0/groups ---> Unable to fetch DN and Managed by information frm Azure

rBh
Tera Contributor

‎05-29-2025 06:07 AM

Hello Team,

 

Its very critical, can someone help me on this 

 

We have setup azure integration through Rest message ( O auth token authentication ) and i am able to fetch user information ( name, EmailID, UserPrincipalName ) through below API endpoint

 

https://graph.microsoft.com/v1.0/users 

 

How ever we need to fetch "dn" and "Managed by" information for DL and shared mailbox so we are using "https://graph.microsoft.com/v1.0/groups" endpoint but unable to fetch the dn and managedby info

 

Please help me guys, we need to store all these details in the custom table in servicenow

 

Regards,

Bhavana

 

 

0 Helpfuls
  • 1,515 Views
13 REPLIES 13

rBh
Tera Contributor

‎05-29-2025 06:09 AM

@Ankur Bawiskar @Atul Gupta : Please guide here

0 Helpfuls

Muhammad Salar
Giga Sage

‎05-29-2025 06:46 AM - edited ‎05-29-2025 06:53 AM

Hello, if your integration is successful with token for v1.0/users then  i think it must be a scope issue.
You need a correct scope to access that endpoint
Check if you have these scopes in Azure, you also need to add these scopes here is servicenow when sending request

MuhammadSalar_0-1748526798961.png

 

rBh
Tera Contributor

‎05-29-2025 08:14 AM

Hi Mohammad,

 

The azure admin says they have granted necessary access to fetch data, I am new to integration struggling to understand

 

using https://graph.microsoft.com/v1.0/users i got below response 

 

{"businessPhones":[],"displayName":"JAM Beer Packaging Meeting Room","givenName":null,"jobTitle":null,"mail":"JAMBeerPackagingMeetingRoom@xyz.com","mobilePhone":null,"officeLocation":null,"preferredLanguage":null,"surname":"JAM Beer Packaging Meeting Room","userPrincipalName":"0.JAMBeerPackagingRoom@Diageo.com","id":"d7be49eb3-93f3-a30a697aca55"},{"businessPhones":[],"displayName":"JAM Cellars Conference Room","givenName":null,"jobTitle":null,"mail":"JAMCellarsConferenceRoom@xyz.com","mobilePhone":null,"officeLocation":null,"preferredLanguage":null,"surname":"JAM Cellars Conference Room","userPrincipalName":"0.JAMCellarsConferenceRoom@xyz.com","id":"924f07c6-9f00-a07a71e0f43f"},

 

 

Using this link i got below sample response https://graph.microsoft.com/v1.0/groups

 

"id":"000-25f4-4439-84c3-56796a6","deletedDateTime":null,"classification":null,"createdDateTime":"2020-02-04T05:05:39Z","creationOptions":[],"description":"TASK4675377","displayName":"Local SGA sapbwlasp02","expirationDateTime":null,"groupTypes":[],"isAssignableToRole":null,"mail":null,"mailEnabled":false,"mailNickname":"azr_security_sapbwlasp02","membershipRule":null,"membershipRuleProcessingState":null,"onPremisesDomainName":"guww.net","onPremisesLastSyncDateTime":"2025-03-21T17:03:22Z","onPremisesNetBiosName":"GUWW","onPremisesSamAccountName":"Local SGA sapbwlasp02","onPremisesSecurityIdentifier":"S-1-5-21-27242-682003330-2503156","onPremisesSyncEnabled":true,"preferredDataLocation":null,"preferredLanguage":null,"proxyAddresses":[],"renewedDateTime":"2020-02-04T05:05:39Z","resourceBehaviorOptions":[],"resourceProvisioningOptions":[],"securityEnabled":true,"securityIdentifier":"S-1-12-5817220-2794874628","theme":null,"uniqueName":null,"visibility":null,"onPremisesProvisioningErrors":[],"serviceProvisioningErrors":[]

 

Please help me i need to fetch name, mailID, DN, ManagedBy information for DistributionList and shared mailbox's

 

Regards,

Bhavana

0 Helpfuls

Muhammad Salar
Giga Sage
In response to rBh

‎05-29-2025 10:11 AM

Hello @rBh ,
I have done this integration for users, groups etc only and my instance is offline where i did it so i can't test for your requirement. Here are some endpoints, try it and check if you can get any help

// Distribution Groups
    var endpointGroups = 'https://graph.microsoft.com/v1.0/groups?$filter=mailEnabled eq true and securityEnabled eq false&$select=displayName,mail,onPremisesDistinguishedName,id';
    var rmGroups = new sn_ws.RESTMessageV2();
    rmGroups.setHttpMethod('GET');
    rmGroups.setEndpoint(endpointGroups);
    rmGroups.setRequestHeader('Authorization', 'Bearer ' + accessToken);
    rmGroups.setRequestHeader('Accept', 'application/json');

    var responseGroups = rmGroups.execute();
    var bodyGroups = responseGroups.getBody();
    var statusGroups = responseGroups.getStatusCode();

    if (statusGroups == 200) {
        var groupsResponse = JSON.parse(bodyGroups);
        var groupList = groupsResponse.value;

        gs.info('Total groups fetched: ' + groupList.length);

        groupList.forEach(function(group) {
            var groupInfo = {
                displayName: group.displayName,
                mail: group.mail,
                onPremisesDN: group.onPremisesDistinguishedName,
                managedBy: []
            };

            // owners (managedBy) per group
            var endpointOwners = 'https://graph.microsoft.com/v1.0/groups/' + encodeURIComponent(group.id) + '/owners?$select=displayName,mail';
            var rmOwners = new sn_ws.RESTMessageV2();
            rmOwners.setHttpMethod('GET');
            rmOwners.setEndpoint(endpointOwners);
            rmOwners.setRequestHeader('Authorization', 'Bearer ' + accessToken);
            rmOwners.setRequestHeader('Accept', 'application/json');

            try {
                var responseOwners = rmOwners.execute();
                var bodyOwners = responseOwners.getBody();
                var statusOwners = responseOwners.getStatusCode();

                if (statusOwners == 200) {
                    var ownersResponse = JSON.parse(bodyOwners);
                    var owners = ownersResponse.value;

                    owners.forEach(function(owner) {
                        groupInfo.managedBy.push({
                            displayName: owner.displayName,
                            mail: owner.mail
                        });
                    });
                } else {
                    gs.warn('Failed to get owners for group ' + group.displayName + ', status: ' + statusOwners);
                }
            } catch (ex) {
                gs.error('Error fetching owners for group ' + group.displayName + ': ' + ex.message);
            }

            groups.push(groupInfo);
        });
    } else {
        gs.error('Failed to fetch groups from Microsoft Graph, status: ' + statusGroups);
    }

    // Users shared mailboxes
    var endpointUsers = 'https://graph.microsoft.com/v1.0/users?$select=displayName,mail,onPremisesDistinguishedName';
    var rmUsers = new sn_ws.RESTMessageV2();
    rmUsers.setHttpMethod('GET');
    rmUsers.setEndpoint(endpointUsers);
    rmUsers.setRequestHeader('Authorization', 'Bearer ' + accessToken);
    rmUsers.setRequestHeader('Accept', 'application/json');

    var responseUsers = rmUsers.execute();
    var bodyUsers = responseUsers.getBody();
    var statusUsers = responseUsers.getStatusCode();

    if (statusUsers == 200) {
        var usersResponse = JSON.parse(bodyUsers);
        var userList = usersResponse.value;

        userList.forEach(function(user) {
            if (user.mail && user.mail.toLowerCase().indexOf('shared') !== -1) {
                sharedMailboxes.push({
                    displayName: user.displayName,
                    mail: user.mail,
                    onPremisesDN: user.onPremisesDistinguishedName
                });
            }
        });

        gs.info('Total shared mailboxes found: ' + sharedMailboxes.length);
    } else {
        gs.error('Failed to fetch users from Microsoft Graph, status: ' + statusUsers);
    }

    gs.info('Distribution Lists with ManagedBy: ' + JSON.stringify(groups));
    gs.info('Shared Mailboxes: ' + JSON.stringify(sharedMailboxes));