az_user: User in Azure Active Directory

az_userR Documentation

User in Azure Active Directory


Class representing an AAD user account.


An R6 object of class az_user, inheriting from az_object.


  • token: The token used to authenticate with the Graph host.

  • tenant: The Azure Active Directory tenant for this user.

  • type: always "user" for a user object.

  • properties: The user properties.


  • new(...): Initialize a new user object. Do not call this directly; see 'Initialization' below.

  • delete(confirm=TRUE): Delete a user account. By default, ask for confirmation first.

  • update(...): Update the user information in Azure Active Directory.

  • do_operation(...): Carry out an arbitrary operation on the user account.

  • sync_fields(): Synchronise the R object with the app data in Azure Active Directory.

  • list_direct_memberships(filter=NULL, n=Inf): List the groups and directory roles this user is a direct member of.

  • list_owned_objects(type=c("user", "group", "application", "servicePrincipal"), filter=NULL, n=Inf): List directory objects (groups/apps/service principals) owned by this user. Specify the type argument to limit the result to specific object type(s).

  • list_created_objects(type=c("user", "group", "application", "servicePrincipal"), filter=NULL, n=Inf): List directory objects (groups/apps/service principals) created by this user. Specify the type argument to limit the result to specific object type(s).

  • list_owned_devices(filter=NULL, n=Inf): List the devices owned by this user.

  • list_registered_devices(filter=NULL, n=Inf): List the devices registered by this user.

  • reset_password(password=NULL, force_password_change=TRUE): Resets a user password. By default the new password will be randomly generated, and must be changed at next login.


Creating new objects of this class should be done via the create_user and get_user methods of the ms_graph and az_app classes. Calling the new() method for this class only constructs the R object; it does not call the Microsoft Graph API to create the actual user account.

List methods

All list_* methods have filter and n arguments to limit the number of results. The former should be an OData expression as a string to filter the result set on. The latter should be a number setting the maximum number of (filtered) results to return. The default values are filter=NULL and n=Inf. If n=NULL, the ms_graph_pager iterator object is returned instead to allow manual iteration over the results.

Support in the underlying Graph API for OData queries is patchy. Not all endpoints that return lists of objects support filtering, and if they do, they may not allow all of the defined operators. If your filtering expression results in an error, you can carry out the operation without filtering and then filter the results on the client side.

See Also

ms_graph, az_app, az_group, az_device, az_object

Microsoft Graph overview, REST API reference


## Not run: 

gr <- get_graph_login()

# my user account

# another user account
usr <- gr$get_user("")

grps <- usr$list_direct_memberships()

# owned objects

# owned apps and service principals
usr$list_owned_objects(type=c("application", "servicePrincipal"))

# first 5 objects

# get the pager object
pager <- usr$list_owned_objects(n=NULL)

## End(Not run)

AzureGraph documentation built on March 18, 2022, 8:04 p.m.