Retrieving onPremisesExtensionAttributes from Azure
dakolta opened this issue · 5 comments
We use several onPremisesExtensionAttributes for filtering users, but am unable to do an ldapsearch query to retrieve any of the extensionAttributes.
Do I need to modify the base graph url to get those and how do they get exposed to ldapjs?
I got the extensionAttributes working by making the following changes:
ldap_customizer line 11 added onPremisesExtensionAttributes to the uri
ldapwrapper.js starting at line 531 add the following lines:
"extensionAttribute1": user.onPremisesExtensionAttributes.extensionAttribute1,
"extensionAttribute2": user.onPremisesExtensionAttributes.extensionAttribute2,
"extensionAttribute3": user.onPremisesExtensionAttributes.extensionAttribute3,
"extensionAttribute4": user.onPremisesExtensionAttributes.extensionAttribute4,
"extensionAttribute5": user.onPremisesExtensionAttributes.extensionAttribute5,
"extensionAttribute6": user.onPremisesExtensionAttributes.extensionAttribute6,
"extensionAttribute7": user.onPremisesExtensionAttributes.extensionAttribute7,
"extensionAttribute8": user.onPremisesExtensionAttributes.extensionAttribute8,
"extensionAttribute9": user.onPremisesExtensionAttributes.extensionAttribute9,
"extensionAttribute10": user.onPremisesExtensionAttributes.extensionAttribute10,
"extensionAttribute11": user.onPremisesExtensionAttributes.extensionAttribute11,
"extensionAttribute12": user.onPremisesExtensionAttributes.extensionAttribute12,
"extensionAttribute13": user.onPremisesExtensionAttributes.extensionAttribute13,
"extensionAttribute14": user.onPremisesExtensionAttributes.extensionAttribute14,
"extensionAttribute15": user.onPremisesExtensionAttributes.extensionAttribute15,
After those changes I can now get the extensions attributes in a ldap query:
entryCSN: 20220301211408.497736Z#000000#000#000000
modifyTimestamp: 20220301211408Z
extensionAttribute1: 1998
extensionAttribute5: np nf nt
jobTitle: IT Tester
Hi! I'm glad you already found a way to solve the problem :)
Another approach would be to also set the values in your ldap_customizer.js. With a separate file like this, you don`t have to add your changes after each update.
Did you use this example as a basis? It uses the beta endpoint instead of the official version. I recommend to change line 11 back to v1.0:
apiConfig.uri = `${MS_GRAPH_SCOPE}v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,userType,externalUserState,onPremisesExtensionAttributes${config.GRAPH_FILTER_USERS}`;
To set your values in the customizer as well, you could do something like that:
// set more attributes form azure
customizer.ModifyLDAPUser = function (ldapuser, azureuser) {
// flatten onPremisesExtensionAttributes
var flattendAttributes = {};
flattendAttributes.extensionAttribute1 = azureuser.onPremisesExtensionAttributes.extensionAttribute1;
flattendAttributes.extensionAttribute2 = azureuser.onPremisesExtensionAttributes.extensionAttribute2;
flattendAttributes.extensionAttribute3 = azureuser.onPremisesExtensionAttributes.extensionAttribute3;
flattendAttributes.extensionAttribute4 = azureuser.onPremisesExtensionAttributes.extensionAttribute4;
flattendAttributes.extensionAttribute5 = azureuser.onPremisesExtensionAttributes.extensionAttribute5;
flattendAttributes.extensionAttribute6 = azureuser.onPremisesExtensionAttributes.extensionAttribute6;
flattendAttributes.extensionAttribute7 = azureuser.onPremisesExtensionAttributes.extensionAttribute7;
flattendAttributes.extensionAttribute8 = azureuser.onPremisesExtensionAttributes.extensionAttribute8;
flattendAttributes.extensionAttribute9 = azureuser.onPremisesExtensionAttributes.extensionAttribute9;
flattendAttributes.extensionAttribute10 = azureuser.onPremisesExtensionAttributes.extensionAttribute10;
flattendAttributes.extensionAttribute11 = azureuser.onPremisesExtensionAttributes.extensionAttribute11;
flattendAttributes.extensionAttribute12 = azureuser.onPremisesExtensionAttributes.extensionAttribute12;
flattendAttributes.extensionAttribute13 = azureuser.onPremisesExtensionAttributes.extensionAttribute13;
flattendAttributes.extensionAttribute14 = azureuser.onPremisesExtensionAttributes.extensionAttribute14;
flattendAttributes.extensionAttribute15 = azureuser.onPremisesExtensionAttributes.extensionAttribute15;
// assign first ldapuser so all attributes are there in the correct order
// then append flattendAttributes
ldapuser = Object.assign({}, ldapuser, flattendAttributes, ldapuser);
return ldapuser;
};
I did what you suggested but with v1.0 in the uri I got the following errors:
INFO: 2022-11-07T13:31:20.493Z: ldapwrapper.js try fetching the users ERROR: 2022-11-07T13:31:21.031Z: graph_azuread.js callApi-error [AxiosError: Request failed with status code 500] { message: 'Request failed with status code 500', name: 'AxiosError', code: 'ERR_BAD_RESPONSE', config: { transitional: { silentJSONParsing: true, forcedJSONParsing: true, clarifyTimeoutError: false }, adapter: [Function: httpAdapter], transformRequest: [ [Function: transformRequest] ], transformResponse: [ [Function: transformResponse] ], timeout: 0, xsrfCookieName: 'XSRF-TOKEN', xsrfHeaderName: 'X-XSRF-TOKEN', maxContentLength: -1, maxBodyLength: -1, env: { FormData: [Function] }, validateStatus: [Function: validateStatus], headers: { Accept: 'application/json, text/plain, */*', Authorization: 'Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IjlqMkZhN0Rfb21VN3R6WVY1ZVhaSkloRFhBdmFEMm5GMDNocVo2YmVySEkiLCJhbGciOiJSUzI1NiIsIng1dCI6IjJaUXBKM1VwYmpBWVhZR2FYRUpsOGxWMFRPSSIsImtpZCI6IjJaUXBKM1VwYmpBWVhZR2FYRUpsOGxWMFRPSSJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC84OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQvIiwiaWF0IjoxNjY3ODI3NjEzLCJuYmYiOjE2Njc4Mjc2MTMsImV4cCI6MTY2NzgzMTUxMywiYWlvIjoiRTJaZ1lPaGdNejc3ckxWNC9hdHpWN2IvZi9TZUh3QT0iLCJhcHBfZGlzcGxheW5hbWUiOiJMREFQLUdyYXBoIiwiYXBwaWQiOiIyZWMxZjYwNi0yYTI4LTQ4YjAtYmZjMy00YjRhOGNlZmI0ZWEiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC84OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQvIiwiaWR0eXAiOiJhcHAiLCJvaWQiOiI5YjlmYmVhMy05ODE2LTQ3YmYtOGVjMS1jNTkyOWE1MzQzYjgiLCJyaCI6IjAuQVh3QTlTRzNpRlVNQTBLbUhRdlFqQl8xWkFNQUFBQUFBQUFBd0FBQUFBQUFBQUI4QUFBLiIsInJvbGVzIjpbIkdyb3VwLlJlYWQuQWxsIiwiVXNlci5SZWFkLkFsbCJdLCJzdWIiOiI5YjlmYmVhMy05ODE2LTQ3YmYtOGVjMS1jNTkyOWE1MzQzYjgiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiTkEiLCJ0aWQiOiI4OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQiLCJ1dGkiOiJfSlB5VFVsSWZVQ0h1YkJXMEctZUFBIiwidmVyIjoiMS4wIiwid2lkcyI6WyIwOTk3YTFkMC0wZDFkLTRhY2ItYjQwOC1kNWNhNzMxMjFlOTAiXSwieG1zX3RjZHQiOjE2MjA4Mjk4MjB9.dYsj0uwHd0COHIKb7iNGlBTPW6K5XNSIP4uDw1WeShuZf--zaURvrmIVAzeM4YIFTLydjs8V0vUU7yvSvk04nDRIhDzqB383omJt6QR1Ad4pYdg3PRiLknFEhcCEbKaa8CGgeKKcIn_HTJF5rbQthstE4NHQQq1T_kxvmg-riLsTiuiqZdiqFMw8haYCYBUmBTzSHH8SzIMwFZks4-axjkF_V5X5Gs3Zhd5pzfwAcGT_38WYSwUPB76FJU4BXiF51Mc2rekzw-7eim-Ie0oIA8ETzNpsdmH7ubqAzpq15pfWT769BhEaysSB0s1_2mVrLhLANt8Crdbntoji0HqH2g', 'User-Agent': 'axios/0.27.2' }, method: 'get', url: 'https://graph.microsoft.com/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes', data: undefined }, request: ClientRequest { _events: [Object: null prototype] { socket: [Function], abort: [Function], aborted: [Function], connect: [Function], error: [Function], timeout: [Function], prefinish: [Function: requestOnPrefinish] }, _eventsCount: 7, _maxListeners: undefined, outputData: [], outputSize: 0, writable: true, _last: true, chunkedEncoding: false, shouldKeepAlive: false, useChunkedEncodingByDefault: false, sendDate: false, _removedConnection: false, _removedContLen: false, _removedTE: false, _contentLength: 0, _hasBody: true, _trailer: '', finished: true, _headerSent: true, socket: TLSSocket { _tlsOptions: [Object], _secureEstablished: true, _securePending: false, _newSessionPending: false, _controlReleased: true, _SNICallback: null, servername: 'graph.microsoft.com', alpnProtocol: false, authorized: true, authorizationError: null, encrypted: true, _events: [Object: null prototype], _eventsCount: 9, connecting: false, _hadError: false, _parent: null, _host: 'graph.microsoft.com', _readableState: [ReadableState], readable: true, _maxListeners: undefined, _writableState: [WritableState], writable: false, allowHalfOpen: false, _sockname: null, _pendingData: null, _pendingEncoding: '', server: undefined, _server: null, ssl: [TLSWrap], _requestCert: true, _rejectUnauthorized: true, parser: null, _httpMessage: [Circular], [Symbol(res)]: [TLSWrap], [Symbol(asyncId)]: 3034, [Symbol(kHandle)]: [TLSWrap], [Symbol(lastWriteQueueSize)]: 0, [Symbol(timeout)]: null, [Symbol(kBuffer)]: null, [Symbol(kBufferCb)]: null, [Symbol(kBufferGen)]: null, [Symbol(kCapture)]: false, [Symbol(kBytesRead)]: 0, [Symbol(kBytesWritten)]: 0, [Symbol(connect-options)]: [Object] }, connection: TLSSocket { _tlsOptions: [Object], _secureEstablished: true, _securePending: false, _newSessionPending: false, _controlReleased: true, _SNICallback: null, servername: 'graph.microsoft.com', alpnProtocol: false, authorized: true, authorizationError: null, encrypted: true, _events: [Object: null prototype], _eventsCount: 9, connecting: false, _hadError: false, _parent: null, _host: 'graph.microsoft.com', _readableState: [ReadableState], readable: true, _maxListeners: undefined, _writableState: [WritableState], writable: false, allowHalfOpen: false, _sockname: null, _pendingData: null, _pendingEncoding: '', server: undefined, _server: null, ssl: [TLSWrap], _requestCert: true, _rejectUnauthorized: true, parser: null, _httpMessage: [Circular], [Symbol(res)]: [TLSWrap], [Symbol(asyncId)]: 3034, [Symbol(kHandle)]: [TLSWrap], [Symbol(lastWriteQueueSize)]: 0, [Symbol(timeout)]: null, [Symbol(kBuffer)]: null, [Symbol(kBufferCb)]: null, [Symbol(kBufferGen)]: null, [Symbol(kCapture)]: false, [Symbol(kBytesRead)]: 0, [Symbol(kBytesWritten)]: 0, [Symbol(connect-options)]: [Object] }, _header: 'GET /v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes HTTP/1.1\r\n' + 'Accept: application/json, text/plain, */*\r\n' + 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IjlqMkZhN0Rfb21VN3R6WVY1ZVhaSkloRFhBdmFEMm5GMDNocVo2YmVySEkiLCJhbGciOiJSUzI1NiIsIng1dCI6IjJaUXBKM1VwYmpBWVhZR2FYRUpsOGxWMFRPSSIsImtpZCI6IjJaUXBKM1VwYmpBWVhZR2FYRUpsOGxWMFRPSSJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC84OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQvIiwiaWF0IjoxNjY3ODI3NjEzLCJuYmYiOjE2Njc4Mjc2MTMsImV4cCI6MTY2NzgzMTUxMywiYWlvIjoiRTJaZ1lPaGdNejc3ckxWNC9hdHpWN2IvZi9TZUh3QT0iLCJhcHBfZGlzcGxheW5hbWUiOiJMREFQLUdyYXBoIiwiYXBwaWQiOiIyZWMxZjYwNi0yYTI4LTQ4YjAtYmZjMy00YjRhOGNlZmI0ZWEiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC84OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQvIiwiaWR0eXAiOiJhcHAiLCJvaWQiOiI5YjlmYmVhMy05ODE2LTQ3YmYtOGVjMS1jNTkyOWE1MzQzYjgiLCJyaCI6IjAuQVh3QTlTRzNpRlVNQTBLbUhRdlFqQl8xWkFNQUFBQUFBQUFBd0FBQUFBQUFBQUI4QUFBLiIsInJvbGVzIjpbIkdyb3VwLlJlYWQuQWxsIiwiVXNlci5SZWFkLkFsbCJdLCJzdWIiOiI5YjlmYmVhMy05ODE2LTQ3YmYtOGVjMS1jNTkyOWE1MzQzYjgiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiTkEiLCJ0aWQiOiI4OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQiLCJ1dGkiOiJfSlB5VFVsSWZVQ0h1YkJXMEctZUFBIiwidmVyIjoiMS4wIiwid2lkcyI6WyIwOTk3YTFkMC0wZDFkLTRhY2ItYjQwOC1kNWNhNzMxMjFlOTAiXSwieG1zX3RjZHQiOjE2MjA4Mjk4MjB9.dYsj0uwHd0COHIKb7iNGlBTPW6K5XNSIP4uDw1WeShuZf--zaURvrmIVAzeM4YIFTLydjs8V0vUU7yvSvk04nDRIhDzqB383omJt6QR1Ad4pYdg3PRiLknFEhcCEbKaa8CGgeKKcIn_HTJF5rbQthstE4NHQQq1T_kxvmg-riLsTiuiqZdiqFMw8haYCYBUmBTzSHH8SzIMwFZks4-axjkF_V5X5Gs3Zhd5pzfwAcGT_38WYSwUPB76FJU4BXiF51Mc2rekzw-7eim-Ie0oIA8ETzNpsdmH7ubqAzpq15pfWT769BhEaysSB0s1_2mVrLhLANt8Crdbntoji0HqH2g\r\n' + 'User-Agent: axios/0.27.2\r\n' + 'Host: graph.microsoft.com\r\n' + 'Connection: close\r\n' + '\r\n', _onPendingData: [Function: noopPendingOutput], agent: Agent { _events: [Object: null prototype], _eventsCount: 2, _maxListeners: undefined, defaultPort: 443, protocol: 'https:', options: [Object], requests: {}, sockets: [Object], freeSockets: {}, keepAliveMsecs: 1000, keepAlive: false, maxSockets: Infinity, maxFreeSockets: 256, maxCachedSessions: 100, _sessionCache: [Object], [Symbol(kCapture)]: false }, socketPath: undefined, method: 'GET', insecureHTTPParser: undefined, path: '/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes', _ended: true, res: IncomingMessage { _readableState: [ReadableState], readable: false, _events: [Object: null prototype], _eventsCount: 4, _maxListeners: undefined, socket: [TLSSocket], connection: [TLSSocket], httpVersionMajor: 1, httpVersionMinor: 1, httpVersion: '1.1', complete: true, headers: [Object], rawHeaders: [Array], trailers: {}, rawTrailers: [], aborted: false, upgrade: false, url: '', method: null, statusCode: 500, statusMessage: 'Internal Server Error', client: [TLSSocket], _consuming: true, _dumped: false, req: [Circular], responseUrl: 'https://graph.microsoft.com/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes', redirects: [], [Symbol(kCapture)]: false }, aborted: false, timeoutCb: null, upgradeOrConnect: false, parser: null, maxHeadersCount: null, reusedSocket: false, _redirectable: Writable { _writableState: [WritableState], writable: true, _events: [Object: null prototype], _eventsCount: 3, _maxListeners: undefined, _options: [Object], _ended: true, _ending: true, _redirectCount: 0, _redirects: [], _requestBodyLength: 0, _requestBodyBuffers: [], _onNativeResponse: [Function], _currentRequest: [Circular], _currentUrl: 'https://graph.microsoft.com/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes', [Symbol(kCapture)]: false }, [Symbol(kCapture)]: false, [Symbol(kNeedDrain)]: false, [Symbol(corked)]: 0, [Symbol(kOutHeaders)]: [Object: null prototype] { accept: [Array], authorization: [Array], 'user-agent': [Array], host: [Array] } }, response: { status: 500, statusText: 'Internal Server Error', headers: { 'cache-control': 'no-cache', 'transfer-encoding': 'chunked', 'content-type': 'application/json', 'strict-transport-security': 'max-age=31536000', 'request-id': '3dc18740-73d7-47f9-bc12-28d8aae5ecd6', 'client-request-id': '3dc18740-73d7-47f9-bc12-28d8aae5ecd6', 'x-ms-ags-diagnostic': '{"ServerInfo":{"DataCenter":"West US","Slice":"E","Ring":"4","ScaleUnit":"005","RoleInstance":"SJ1PEPF00000F47"}}', 'x-ms-resource-unit': '2', date: 'Mon, 07 Nov 2022 13:32:26 GMT', connection: 'close' }, config: { transitional: [Object], adapter: [Function: httpAdapter], transformRequest: [Array], transformResponse: [Array], timeout: 0, xsrfCookieName: 'XSRF-TOKEN', xsrfHeaderName: 'X-XSRF-TOKEN', maxContentLength: -1, maxBodyLength: -1, env: [Object], validateStatus: [Function: validateStatus], headers: [Object], method: 'get', url: 'https://graph.microsoft.com/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes', data: undefined }, request: ClientRequest { _events: [Object: null prototype], _eventsCount: 7, _maxListeners: undefined, outputData: [], outputSize: 0, writable: true, _last: true, chunkedEncoding: false, shouldKeepAlive: false, useChunkedEncodingByDefault: false, sendDate: false, _removedConnection: false, _removedContLen: false, _removedTE: false, _contentLength: 0, _hasBody: true, _trailer: '', finished: true, _headerSent: true, socket: [TLSSocket], connection: [TLSSocket], _header: 'GET /v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes HTTP/1.1\r\n' + 'Accept: application/json, text/plain, */*\r\n' + 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IjlqMkZhN0Rfb21VN3R6WVY1ZVhaSkloRFhBdmFEMm5GMDNocVo2YmVySEkiLCJhbGciOiJSUzI1NiIsIng1dCI6IjJaUXBKM1VwYmpBWVhZR2FYRUpsOGxWMFRPSSIsImtpZCI6IjJaUXBKM1VwYmpBWVhZR2FYRUpsOGxWMFRPSSJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC84OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQvIiwiaWF0IjoxNjY3ODI3NjEzLCJuYmYiOjE2Njc4Mjc2MTMsImV4cCI6MTY2NzgzMTUxMywiYWlvIjoiRTJaZ1lPaGdNejc3ckxWNC9hdHpWN2IvZi9TZUh3QT0iLCJhcHBfZGlzcGxheW5hbWUiOiJMREFQLUdyYXBoIiwiYXBwaWQiOiIyZWMxZjYwNi0yYTI4LTQ4YjAtYmZjMy00YjRhOGNlZmI0ZWEiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC84OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQvIiwiaWR0eXAiOiJhcHAiLCJvaWQiOiI5YjlmYmVhMy05ODE2LTQ3YmYtOGVjMS1jNTkyOWE1MzQzYjgiLCJyaCI6IjAuQVh3QTlTRzNpRlVNQTBLbUhRdlFqQl8xWkFNQUFBQUFBQUFBd0FBQUFBQUFBQUI4QUFBLiIsInJvbGVzIjpbIkdyb3VwLlJlYWQuQWxsIiwiVXNlci5SZWFkLkFsbCJdLCJzdWIiOiI5YjlmYmVhMy05ODE2LTQ3YmYtOGVjMS1jNTkyOWE1MzQzYjgiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiTkEiLCJ0aWQiOiI4OGI3MjFmNS0wYzU1LTQyMDMtYTYxZC0wYmQwOGMxZmY1NjQiLCJ1dGkiOiJfSlB5VFVsSWZVQ0h1YkJXMEctZUFBIiwidmVyIjoiMS4wIiwid2lkcyI6WyIwOTk3YTFkMC0wZDFkLTRhY2ItYjQwOC1kNWNhNzMxMjFlOTAiXSwieG1zX3RjZHQiOjE2MjA4Mjk4MjB9.dYsj0uwHd0COHIKb7iNGlBTPW6K5XNSIP4uDw1WeShuZf--zaURvrmIVAzeM4YIFTLydjs8V0vUU7yvSvk04nDRIhDzqB383omJt6QR1Ad4pYdg3PRiLknFEhcCEbKaa8CGgeKKcIn_HTJF5rbQthstE4NHQQq1T_kxvmg-riLsTiuiqZdiqFMw8haYCYBUmBTzSHH8SzIMwFZks4-axjkF_V5X5Gs3Zhd5pzfwAcGT_38WYSwUPB76FJU4BXiF51Mc2rekzw-7eim-Ie0oIA8ETzNpsdmH7ubqAzpq15pfWT769BhEaysSB0s1_2mVrLhLANt8Crdbntoji0HqH2g\r\n' + 'User-Agent: axios/0.27.2\r\n' + 'Host: graph.microsoft.com\r\n' + 'Connection: close\r\n' + '\r\n', _onPendingData: [Function: noopPendingOutput], agent: [Agent], socketPath: undefined, method: 'GET', insecureHTTPParser: undefined, path: '/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes', _ended: true, res: [IncomingMessage], aborted: false, timeoutCb: null, upgradeOrConnect: false, parser: null, maxHeadersCount: null, reusedSocket: false, _redirectable: [Writable], [Symbol(kCapture)]: false, [Symbol(kNeedDrain)]: false, [Symbol(corked)]: 0, [Symbol(kOutHeaders)]: [Object: null prototype] }, data: { error: [Object] } } } ERROR: 2022-11-07T13:31:21.045Z: graph_azuread.js callApi-endpoint https://graph.microsoft.com/v1.0/users?$select=businessPhones,displayName,givenName,jobTitle,mail,mobilePhone,officeLocation,preferredLanguage,surname,userPrincipalName,id,identities,employeeId,userType,externalUserState,onPremisesExtensionAttributes,customSecurityAttributes ERROR: 2022-11-07T13:31:21.045Z: graph_azuread.js callApi-opts {}
Works fine with beta in the uri.
This is probably due to the customSecurityAttributes - if you need these values, beta is fine. Otherwise, just remove "customSecurityAttributes" from the url in line 11.
Removed "customSecurityAttributes" and everything is working as expected, thank you.