You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Therefore, guard needs to do page queries to get details of all groups the user belong to. But getbyids does not support query options like $top and $expand and returns error:
So in this case guard cannot rely on AAD to do paging and needs to do paging itself to fetch membership group details from AAD.
The text was updated successfully, but these errors were encountered:
When trying to detailed description of AAD membership groups using API getbyids: https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/v1.0/api/directoryobject_getbyids.md if AAD member has more than 1000 group memerships
AAD returns:
"code": "Request_BadRequest",
"message": "Number of included identifiers cannot exceed '1000'.",
Therefore, guard needs to do page queries to get details of all groups the user belong to. But getbyids does not support query options like $top and $expand and returns error:
"code": "Request_BadRequest",
"message": "The following query options are not supported by this request method or cannot be applied to the requested resource: $filter,$expand,$orderby,$count,$inlinecount,$select,$skiptoken,$skip,$top"
So in this case guard cannot rely on AAD to do paging and needs to do paging itself to fetch membership group details from AAD.
Github issue: kubeguard#132
* Add paging to get around directoryObjects.getByIds limit of 1000
When trying to detailed description of AAD membership groups using API getbyids: https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/v1.0/api/directoryobject_getbyids.md if AAD member has more than 1000 group memerships
AAD returns:
"code": "Request_BadRequest",
"message": "Number of included identifiers cannot exceed '1000'.",
Therefore, guard needs to do page queries to get details of all groups the user belong to. But getbyids does not support query options like $top and $expand and returns error:
"code": "Request_BadRequest",
"message": "The following query options are not supported by this request method or cannot be applied to the requested resource: $filter,$expand,$orderby,$count,$inlinecount,$select,$skiptoken,$skip,$top"
So in this case guard cannot rely on AAD to do paging and needs to do paging itself to fetch membership group details from AAD.
Github issue: #132
When trying to detailed description of AAD membership groups using API
getbyids
: https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/v1.0/api/directoryobject_getbyids.md if AAD member has more than1000
group memerships AAD returns:Therefore, guard needs to do page queries to get details of all groups the user belong to. But
getbyids
does not support query options like$top
and$expand
and returns error:So in this case guard cannot rely on AAD to do paging and needs to do paging itself to fetch membership group details from AAD.
The text was updated successfully, but these errors were encountered: