- Create a new application in App Registration under Azure AD.
- Once the application is created copy the Object ID.
- Open Graph Explorer by using https://developer.microsoft.com/en-us/graph/graph-explorer# url.
- Click on Sign in with Microsoft on the left and Sign in with Global Admin account who is a member of same directory and not added as external (guest) user.
- In Graph Explorer, click on Modify permissions > select Directory.AccessAsUser.All > click Modify Permissions.
- Click on Accept at consent page.
- In Graph Explorer, use following query. Where, <ObjectID_of_the_application> is the value copied in Step 2.
POST https://graph.microsoft.com/beta/<your_tenant.onmicrosoft.com>/applications/<ObjectID_of_the_application>/extensionProperties
- Use following text in the Request body. Since the targetObject is user, the attribute will be created for all Users in the tenant. Note: Please type the request body manually as with copy-paste Graph Explorer will not recognize some of the characters.
{
"name": "employeeType",
"dataType": "String",
"targetObjects": ["User"]
}
- To update the attribute with a value use:
Call:
PATCH https://graph.microsoft.com/beta/users/your_globaladmin@your_tenant.onmicrosoft.com
Body:{"extension_e175b1fc21b144019cadxxxxxxxxxxxx_employeeType":"Value_to_be_assigned"}
- To verify if the attribute is updated successfully run following query:
GET https://graph.microsoft.com/beta/users/<User’s_UPN_or_Object ID>