user: getMemberGroups

Return all the groups that the user is a member of. The check is transitive, unlike reading the memberOf navigation property, which returns only the groups that the user is a direct member of.

This function supports Office 365 and other types of groups provisioned in Azure AD. The maximum number of groups each request can return is 2046. Note that Office 365 Groups cannot contain groups. So membership in an Office 365 Group is always direct.

Prerequisites

One of the following scopes is required to execute this API: User.Read or User.ReadBasic.All and Group.Read.All; Directory.Read.All; Directory.ReadWrite.All; Directory.AccessAsUser.All

HTTP request

POST /users/{id | userPrincipalName}/getMemberGroups

Request headers

Header Value
Authorization Bearer {token}. Required.
Content-Type application/json

Request body

In the request body, provide a JSON object with the following parameters.

Parameter Type Description
securityEnabledOnly Boolean true to specify that only security groups that the user is a member of should be returned; false to specify that all groups that the user is a member of should be returned. Note: Setting this parameter to true is only supported when calling this method on a user.

Response

If successful, this method returns 200, OK response code and String collection in the response body that contains the IDs of the groups that the user is a member of.

Example

Here is an example of how to call this API.

Request

Here is an example of the request.

POST https://graph.microsoft.com/beta/me/getMemberGroups
Content-type: application/json
Content-length: 33

{
  "securityEnabledOnly": true
}
Response

Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 200 OK
Content-type: application/json
Content-length: 39

{
  "value": [
    "string-value"
  ]
}