- Create a new application in App Registration under Azure AD.
- Once the application is created copy the Object ID.
- Open Graph Explorer by using https://developer.microsoft.com/en-us/graph/graph-explorer# url.
- Click on Sign in with Microsoft on the left and Sign in with Global Admin account who is a member of same directory and not added as external (guest) user.
- In Graph Explorer, click on Modify permissions > select Directory.AccessAsUser.All > click Modify Permissions.
- Click on Accept at consent page.
- In Graph Explorer, use following query. Where, <ObjectID_of_the_application> is the value copied in Step 2.
- Use following text in the Request body. Since the targetObject is user, the attribute will be created for all Users in the tenant. Note: Please type the request body manually as with copy-paste Graph Explorer will not recognize some of the characters.
- To update the attribute with a value use:
- To verify if the attribute is updated successfully run following query:
GET https://graph.microsoft.com/beta/users/<User’s_UPN_or_Object ID>