I am currently trying to manipulate the "aboutMe" field of a user. See:
https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0
https://learn.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http
I am able to edit my own aboutMe field, but not that of others. Am I missing a permission? Is there a reason I can’t edit the property of others? In the "update user" documentation it says:
To update the following properties, you must specify them in their own PATCH request,
without including the other properties listed in the table above: aboutMe, birthday,
interests, mySite, pastProjects, responsibilities, schools, and skills.
This is the request I am currently trying:
And this is the response I am getting:
2
Answers
I think that you must be assigned at least User Administrator role to be able to edit properties of others.
Required permissions are
Directory.ReadWrite.All
andUser.ReadWrite.All
.Initially, I generated access token using authorization code flow by signing with Global Administrator account via Postman like this:
Response:
When I ran below PATCH request with token generated with user having Global Administrator role, I too got same error as below:
Response:
You can decode the token in jwt.ms and check
upn
andscp
claims for confirmation like this:When I used above token in calling
/me
endpoint via PATCH request, I got response successfully as below:Response:
With roles like User Administrator or Global Administrator, you can update sensitive properties like accountEnabled, mobilePhone etc.. of other users but not
aboutMe
property.Reference:
Update user – Microsoft Graph v1.0