Azure Active Directory Graph API is going away: end of support and kill dates announced
It’s been coming for quite a long time but now we have the official announcement: Azure Active Directory Graph API is going away, and is just about to start its final 2-year countdown to being turned off.
In a blog post on Monday, the Microsoft Identity Platform Team announced that from June 30th 2020, no new features would be added, although technical support and security updates will continue.
However, this also kicks off the 2-year countdown to turn-off. After June 30th 2022, technical support and security updates will end, and anything using that endpoint will stop receiving responses.
Microsoft is keen to stress that all apps currentlyusing Azure AD Graph API should migrate over to Microsoft Graph, saying: “For most production apps, Microsoft Graph can already fully support Azure AD scenarios. You should start moving your Azure AD Graph apps to Microsoft Graph now.”
There is a useful list of known gaps, and how they are being address, listed on the Microsoft Graph or the Azure AD Graph page, although the table doesn’t seem to have updated since February so it’s not clear if the gaps listed below still exist:
Gaps between Microsoft Graph and Azure AD Graph
AAD Graph Capability
|Status in Microsoft Graph (February 20, 2019)|
|1. Differential query (aka delta sync) for users, groups and organizational contacts||GA availability with Delta Query.Delta query on organizational contacts is not available but is planned (see below).
Sync from now and some other new capabilities like scoping filters (track changes on one or more users or groups) are supported in Delta Query.
|2. Organizational contact resource type||Preview recently updated with a restructured resource, as we ready for release to GA, very soon.|
|3. Management of applications including:a. Application and service principal entity types
b. Managing assignment of applications to users and groups
c. Assigning OAuth permissions to apps
|Application and service principal are available in preview.Extensive breaking changes are planned over the coming few months for application APIs, in preview, before this rolls out to Microsoft Graph v1.0.|
|4. Partner admin on behalf of capability (for resellers and syndicators who are part of the Cloud Solution Provider program)||GA availability. See CSP support in Microsoft Graph.|
|5. Domain resource type (mainly relevant for Cloud Solution Providers)||GA availability. See Domain.
This now includes the ability to forcefully delete a domain.
|6. Contracts resource type (only relevant for Cloud Solution Providers)||GA availability. See Contract.|
|7. Registering directory schema extension definitions||GA availability. Extending resources with application data is available with Extensions and schema extensions.NOTE: Not available for extending application or service principal resource types.|
|8. Batching||Available in preview. See JSON batching|
|9. Missing properties on the User resources (sipProxyAddress, otherMails, licenseDetails)||GA availability: See User.This was recently updated to add otherMails, faxNumber, employeeId and other properties. With the exception of managing users in a B2C tenant (see below), the User resource in Microsoft Graph is now at parity with Azure AD Graph, and contains additional properties and capabilities (like restoring deleted users) over and above Azure AD Graph.|
|10. GetObjectsByObjectIds method||GA availability. See getByIds method.|
|11. IsMemberOf method||Not planned. Use checkMemberGroups method instead.|
|12. Manage users in a B2C tenant (set local accounts, sign in names)||
Coming soon to preview, in a few months.
Policy resource is available in preview. However some significant breaking changes are planned, before this is GA.