Get member groups

Return all the groups that the specified user, group, or directory object is a member of. This function is transitive.


One of the following scopes are required to execute this API: - User.Read.All AND Group.Read.All - Directory.Read.All

Note: Permission scopes are listed in least privilege required order.

HTTP request

POST /me/getMemberGroups
POST /users/{id | userPrincipalName}/getMemberGroups
POST /groups/{id}/getMemberGroups
POST /directoryObjects/{id}/getMemberGroups

Request headers

Name Type Description
Authorization string Bearer {token}. Required.
Content-Type application/json  

Request body

In the request body, provide a JSON object with the following parameters.

Parameter Type Description
securityEnabledOnly Boolean true to specify that only security groups that the entity is a member of should be returned; false to specify that all groups and directory roles that the entity is a member of should be returned. Note: The function can only be called on a user if the parameter is true.


If successful, this method returns 200, OK response code and String collection object in the response body.


Content-type: application/json

  "securityEnabledOnly": true

Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 200 OK
Content-type: application/json

    "@odata.context": "$metadata#Collection(Edm.String)",
    "value": [