15min

AD User

Note: if you are running CloudGraph locally you can view the interactive, automatically generated documentation in either GraphQL Playground or Altair by clicking the docs button on the right-hand side of the screen. After reading the below information we highly suggest you use one of these tools to test your queries as they will autocomplete fields for you and let you know if your queries are valid before you even submit them.
Overview
You can currently query the following attributes and connections on an Azure AD User
GraphQL
|
Filtering
Get data for a single Azure AD User key that you know the ID for:
GraphQL
|
Get data for all of the AD Users with an enabled account across all accounts:
GraphQL
|
Advanced Filtering
Get data for all of the AD Users that are connected to an appRoleAssignment:
GraphQL
|
Ordering
You can order the results you get back either asc or desc depending on your preference:
GraphQL
|
Only select and return the first two AD Users that are found:
GraphQL
|
Only select and return the first two AD Users that are found, but offset by one so keys two & three are returned:
GraphQL
|
Aggregation
Count the number of AD Users across all scanned Azure subscriptions:
GraphQL
|
Count the number of AD Users with enabled accounts. Note that you can apply all of the same filters that are listed above to aggregate queries:
GraphQL
|
Examples
Find all of the AD Users that are in the management department across all your accounts:
GraphQL
|
Kitchen Sink
Putting it all together; get all data for all AD Users across all regions for all scanned Azure subscriptions in a single query. For the purposes of this example, we will only get direct children of the keys but if you want to it's easy to go from say, disk -> virtualMachine -> networkInterface ...etc:
GraphQL
|
References
﻿Dgraph documentation on querying﻿
﻿Azure AD User Documentation﻿
﻿