Skip to content
/ azure-graph-toolkit Public

Lightweight python library for easily managing Azure AD (Entra ID) users and groups through the Graph API.

License

GPL-3.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Ivanodib/azure-graph-toolkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

199 Commits
.github/workflows
.github/workflows
 
 
azure_graph_toolkit
azure_graph_toolkit
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

azure-graph-toolkit

Unit test Coverage Status Maintainability Deployment PyPI - Version

Downloads Downloads Downloads

Lightweight python library for easily managing Azure AD (Entra ID) users and groups through the Graph API.
Explore the docs (work in progress)»

· Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Roadmap
  4. Contact

About The Project

There are many great Azure libraries available on GitHub; however, I didn't find one that really suited my needs, so I created this one to simplify and automate daily tasks.

Features:

  • Add user to AAD group
  • Remove user from AAD group
  • Check if user is member of a group
  • List all user membership groups
  • Reset user password
  • Disable/enable user
  • Revoke user session tokens


Getting Started

Prerequisites

  1. Python >= 3.8
  2. Azure AD App Registration with the following role assigned:
Least privilege role Delegation type Description
GroupMember.ReadWrite.All Application To manage user membership groups.
GroupMember.Read.All Application List all the groups available.
User.ReadWrite.All, User Administrator role Application To change user password.
User.ManageIdentities.All, User.EnableDisableAccount.All Application To disable/enable user.
User.RevokeSessions.All Application To revoke user session tokens.

Installation

  1. Install azure-graph-toolkit library from PyPi 
    pip install azure-graph-toolkit
  2. Profit 😁

(back to top)

Usage

Import library modules

from azure_graph_toolkit import graph_auth, graph_utils

App authentication and authorization. Once get the access token is possible to interact with Azure AD Graph API.

tenant_id = '<tenant Id>'
client_id = '<client (App) Id>'
client_secret = '<client secret>'

access_token = graph_auth.get_access_token(tenant_id, client_id, client_secret)

Add user to AAD group:

result = graph_utils.add_user_to_group('mario.rossi@domain.com', 'block-usb-group', access_token)

print(result)

Remove user from AAD group:

result = graph_utils.remove_user_from_group('mario.rossi@domain.com', 'block-usb-group', access_token)

print(result)

Disable user:

result = graph_utils.set_user_account_status('mario.rossi@domain.com', enable_account=False, access_token)

print(result)

Revoke user sessions:

result = graph_utils.user_revoke_sessions('mario.rossi@domain.com', access_token)

print(result)

Example Output

{'status_code': 204, 'message': 'Success. User mario.rossi@domain.com added to AAD group block-usb-group.'}
{'status_code': 404, 'message': 'No AAD group with a name containing \'block-usb-group\' was found. Please try another group name.'}

(back to top)

Roadmap

  • List user MFA status
  • List user's owned devices
  • List devices compliance status
  • Add device to group
  • Remove device from group
  • Create and delete users
  • Create and delete groups

(back to top)

Contact

Ivano Dibenedetto - @Linkedin - ivano.dibenedetto7@gmail.com

Project Link: https://github.com/Ivanodib/azure-graph-toolkit

(back to top)

About

Lightweight python library for easily managing Azure AD (Entra ID) users and groups through the Graph API.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v1.1.1 Latest
Aug 22, 2024
+ 4 releases

Packages

No packages published

Languages