Matthew Goddard

Playing the infinite game

81: MS Graph API – Remove a User from a Group (Python)

Following on from yesterday’s post on Finding a user by email, here’s a method for removing a user from an AAD group using MS Graph API. 

def RemoveUserFromGroup(user, group_id):
    headers = {"AUTHORIZATION": f"Bearer {token}", "Content-type": "application/json"}
    url = f"https://graph.microsoft.com/v1.0/groups/{group_id}/members/{user['id']}/$ref"
    response = requests.delete(url=url, headers=headers, json=data)
    
    if response.status_code == 204 :
        logger.info(f"User {user['displayName']} removed to group: {response.status_code}")
    elif response.status_code == 200 :
        logger.error(f"ERROR: User {user['displayName']} does not exist in the group: {response.status_code}")
    else:
        logger.error(f"ERROR: User {user['displayName']} cannot be removed: {response.status_code}")

I’m passing in the full user object received from the GetUserByEmail method.

We use the User’s Id property in the /groups/ endpoint to remove the user from the Group ID.

If the user is removed, the endpoint will return a status code of 204.

If the user isn’t in the group and can’t be removed, the endpoint will return a status code of 200.

Matt Goddard's avatar

Posted by:

Matt Goddard

2 responses to “81: MS Graph API – Remove a User from a Group (Python)”

  1. 80: MS Graph API – Find a user by email (python) – Matthew Goddard

    […] 81: MS Graph API – Remove a User from a Group (Python) […]

    Reply
  2. 82: MS Graph API – Adding Users to a group (python) – Matthew Goddard

    […] 81: MS Graph API – Remove a User from a Group (Python) […]

    Reply

Leave a Reply

Discover more from Matthew Goddard

Subscribe now to keep reading and get access to the full archive.

Continue reading