<!--<div align="center">
<a href="https://github.com/othneildrew/Best-README-Template">
<img src="images/logo.png" alt="Logo" width="80" height="80">
</a>-->
<h1 align="center">azure-graph-toolkit</h1>
<div align="center">
[](https://github.com/Ivanodib/azure-graph-toolkit/actions/workflows/unittest-pipeline.yml) [](https://coveralls.io/github/Ivanodib/azure-graph-toolkit) [](https://codeclimate.com/github/Ivanodib/azure-graph-toolkit/maintainability) [](https://github.com/Ivanodib/azure-graph-toolkit/actions/workflows/deployment-pipeline.yml) 
</div>
<div align="center">
[](https://pepy.tech/project/azure-graph-toolkit)
[](https://pepy.tech/project/azure-graph-toolkit)
</div>
<p align="center">
Lightweight python library for easily managing Azure AD (Entra ID) users and groups through the Graph API.
<br />
<a href=https://github.com/Ivanodib/azure-graph-toolkit><strong>Explore the docs (work in progress)»</strong></a>
<br />
<br />
·
<a href="https://github.com/Ivanodib/azure-graph-toolkit/issues">Report Bug</a>
·
<a href="https://github.com/Ivanodib/azure-graph-toolkit/issues">Request Feature</a>
</p>
</div>
<!-- TABLE OF CONTENTS -->
<details>
<summary>Table of Contents</summary>
<ol>
<li>
<a href="#about-the-project">About The Project</a>
<ul>
<li><a href="#built-with">Built With</a></li>
</ul>
</li>
<li>
<a href="#getting-started">Getting Started</a>
<ul>
<li><a href="#prerequisites">Prerequisites</a></li>
<li><a href="#installation">Installation</a></li>
<li><a href="#usage">Usage</a></li>
</ul>
</li>
<li><a href="#roadmap">Roadmap</a></li>
<li><a href="#contact">Contact</a></li>
</ol>
</details>
<!-- ABOUT THE PROJECT -->
## About The Project
There are many great Azure libraries available on GitHub; however, I didn't find one that really suited my needs, so I created this one to simplify and automate daily tasks.
Features:
* Add user to AAD group
* Remove user from AAD group
* Check if user is member of a group
* List all user membership groups
* Reset user password
* Disable/enable user
* Revoke user session tokens
<!-- Here's why:
* Automate Sysadmin daily task
* Get user and groups informations. -->
<br>
<br>
<!-- GETTING STARTED -->
## Getting Started
### Prerequisites
1. Python >= 3.8
2. Azure AD App Registration with the following role assigned:
| Least privilege role | Delegation type | Description |
| --- | --- | --- |
| `GroupMember.ReadWrite.All` | Application | To manage user membership groups. |
| `GroupMember.Read.All` | Application | List all the groups available. |
| `User.ReadWrite.All`, `User Administrator role` | Application | To change user password. |
| `User.ManageIdentities.All`, `User.EnableDisableAccount.All` | Application | To disable/enable user. |
| `User.RevokeSessions.All` | Application | To revoke user session tokens. |
<br>
### Installation
1. Install azure-graph-toolkit library from PyPi
```sh
pip install azure-graph-toolkit
```
2. Profit 😁
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- USAGE EXAMPLES -->
### Usage
Import library modules
```python
from azure_graph_toolkit import graph_auth, graph_utils
```
App authentication and authorization. Once get the access token is possible to interact with Azure AD Graph API.
```python
tenant_id = '<tenant Id>'
client_id = '<client (App) Id>'
client_secret = '<client secret>'
access_token = graph_auth.get_access_token(tenant_id, client_id, client_secret)
```
<br>
**Add user to AAD group:**
```python
result = graph_utils.add_user_to_group('mario.rossi@domain.com', 'block-usb-group', access_token)
print(result)
```
<br>
**Remove user from AAD group:**
```python
result = graph_utils.remove_user_from_group('mario.rossi@domain.com', 'block-usb-group', access_token)
print(result)
```
<br>
**Disable user:**
```python
result = graph_utils.set_user_account_status('mario.rossi@domain.com', enable_account=False, access_token)
print(result)
```
<br>
**Revoke user sessions:**
```python
result = graph_utils.user_revoke_sessions('mario.rossi@domain.com', access_token)
print(result)
```
<br>
Example Output
```python
{'status_code': 204, 'message': 'Success. User mario.rossi@domain.com added to AAD group block-usb-group.'}
```
```python
{'status_code': 404, 'message': 'No AAD group with a name containing \'block-usb-group\' was found. Please try another group name.'}
```
<!--_For more examples, please refer to the [Documentation](https://example.com)_ -->
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- ROADMAP -->
## Roadmap
- [ ] List user MFA status
- [ ] List user's owned devices
- [ ] List devices compliance status
- [ ] Add device to group
- [ ] Remove device from group
- [ ] Create and delete users
- [ ] Create and delete groups
<!-- See the [open issues](https://github.com/othneildrew/Best-README-Template/issues) for a full list of proposed features (and known issues). -->
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- CONTACT -->
## Contact
Ivano Dibenedetto - [@Linkedin](https://www.linkedin.com/in/ivano-dibenedetto-b526ab188/) - ivano.dibenedetto7@gmail.com
Project Link: [https://github.com/Ivanodib/azure-graph-toolkit](https://github.com/Ivanodib/azure-graph-toolkit)
<p align="right">(<a href="#readme-top">back to top</a>)</p>
Raw data
{
"_id": null,
"home_page": "https://github.com/Ivanodib/azure-graph-toolkit",
"name": "azure-graph-toolkit",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": null,
"author": "Ivano Dibenedetto",
"author_email": "ivano.dibenedetto7@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/59/37/a35d14bafa7c41840a5c5189a37e1cf3d40a889165daede29470aa679f59/azure_graph_toolkit-1.1.1.tar.gz",
"platform": null,
"description": "<!--<div align=\"center\">\n <a href=\"https://github.com/othneildrew/Best-README-Template\">\n <img src=\"images/logo.png\" alt=\"Logo\" width=\"80\" height=\"80\">\n </a>-->\n\n <h1 align=\"center\">azure-graph-toolkit</h1>\n\n\n<div align=\"center\">\n \n[](https://github.com/Ivanodib/azure-graph-toolkit/actions/workflows/unittest-pipeline.yml) [](https://coveralls.io/github/Ivanodib/azure-graph-toolkit) [](https://codeclimate.com/github/Ivanodib/azure-graph-toolkit/maintainability) [](https://github.com/Ivanodib/azure-graph-toolkit/actions/workflows/deployment-pipeline.yml)  \n\n</div>\n\n<div align=\"center\">\n \n[](https://pepy.tech/project/azure-graph-toolkit)\n[](https://pepy.tech/project/azure-graph-toolkit)\n\n</div>\n\n\n <p align=\"center\">\n Lightweight python library for easily managing Azure AD (Entra ID) users and groups through the Graph API.\n <br />\n <a href=https://github.com/Ivanodib/azure-graph-toolkit><strong>Explore the docs (work in progress)\u00bb</strong></a>\n <br />\n <br />\n \u00b7\n <a href=\"https://github.com/Ivanodib/azure-graph-toolkit/issues\">Report Bug</a>\n \u00b7\n <a href=\"https://github.com/Ivanodib/azure-graph-toolkit/issues\">Request Feature</a>\n </p>\n</div>\n\n\n\n<!-- TABLE OF CONTENTS -->\n<details>\n <summary>Table of Contents</summary>\n <ol>\n <li>\n <a href=\"#about-the-project\">About The Project</a>\n <ul>\n <li><a href=\"#built-with\">Built With</a></li>\n </ul>\n </li>\n <li>\n <a href=\"#getting-started\">Getting Started</a>\n <ul>\n <li><a href=\"#prerequisites\">Prerequisites</a></li>\n <li><a href=\"#installation\">Installation</a></li>\n <li><a href=\"#usage\">Usage</a></li>\n </ul>\n </li>\n <li><a href=\"#roadmap\">Roadmap</a></li>\n <li><a href=\"#contact\">Contact</a></li>\n </ol>\n</details>\n\n\n\n<!-- ABOUT THE PROJECT -->\n## About The Project\nThere are many great Azure libraries available on GitHub; however, I didn't find one that really suited my needs, so I created this one to simplify and automate daily tasks.\n\nFeatures:\n* Add user to AAD group\n* Remove user from AAD group\n* Check if user is member of a group\n* List all user membership groups\n* Reset user password\n* Disable/enable user\n* Revoke user session tokens\n\n<!-- Here's why:\n* Automate Sysadmin daily task\n* Get user and groups informations. -->\n\n<br>\n<br>\n\n\n<!-- GETTING STARTED -->\n## Getting Started\n\n\n### Prerequisites\n\n1. Python >= 3.8\n2. Azure AD App Registration with the following role assigned:\n\n\n| Least privilege role | Delegation type | Description |\n| --- | --- | --- |\n| `GroupMember.ReadWrite.All` | Application | To manage user membership groups. |\n| `GroupMember.Read.All` | Application | List all the groups available. |\n| `User.ReadWrite.All`, `User Administrator role` | Application | To change user password. |\n| `User.ManageIdentities.All`, `User.EnableDisableAccount.All` | Application | To disable/enable user. |\n| `User.RevokeSessions.All` | Application | To revoke user session tokens. |\n\n<br>\n\n### Installation\n\n1. Install azure-graph-toolkit library from PyPi \n ```sh\n pip install azure-graph-toolkit\n ```\n2. Profit \ud83d\ude01\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n\n\n<!-- USAGE EXAMPLES -->\n### Usage\n\nImport library modules\n\n```python\nfrom azure_graph_toolkit import graph_auth, graph_utils\n ```\n\nApp authentication and authorization. Once get the access token is possible to interact with Azure AD Graph API.\n```python\n\ntenant_id = '<tenant Id>'\nclient_id = '<client (App) Id>'\nclient_secret = '<client secret>'\n\naccess_token = graph_auth.get_access_token(tenant_id, client_id, client_secret)\n ```\n\n<br>\n\n\n**Add user to AAD group:**\n```python\n\nresult = graph_utils.add_user_to_group('mario.rossi@domain.com', 'block-usb-group', access_token)\n\nprint(result)\n\n ```\n\n<br>\n\n **Remove user from AAD group:**\n```python\n\nresult = graph_utils.remove_user_from_group('mario.rossi@domain.com', 'block-usb-group', access_token)\n\nprint(result)\n ```\n <br>\n\n **Disable user:**\n```python\n\nresult = graph_utils.set_user_account_status('mario.rossi@domain.com', enable_account=False, access_token)\n\nprint(result)\n ```\n <br>\n\n **Revoke user sessions:**\n```python\n\nresult = graph_utils.user_revoke_sessions('mario.rossi@domain.com', access_token)\n\nprint(result)\n ```\n <br>\n\n\n\n Example Output\n ```python\n {'status_code': 204, 'message': 'Success. User mario.rossi@domain.com added to AAD group block-usb-group.'}\n \n ```\n ```python\n {'status_code': 404, 'message': 'No AAD group with a name containing \\'block-usb-group\\' was found. Please try another group name.'}\n ```\n\n\n<!--_For more examples, please refer to the [Documentation](https://example.com)_ -->\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n\n\n<!-- ROADMAP -->\n## Roadmap\n\n- [ ] List user MFA status\n- [ ] List user's owned devices\n- [ ] List devices compliance status\n- [ ] Add device to group\n- [ ] Remove device from group\n- [ ] Create and delete users\n- [ ] Create and delete groups\n\n<!-- See the [open issues](https://github.com/othneildrew/Best-README-Template/issues) for a full list of proposed features (and known issues). -->\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n\n<!-- CONTACT -->\n## Contact\nIvano Dibenedetto - [@Linkedin](https://www.linkedin.com/in/ivano-dibenedetto-b526ab188/) - ivano.dibenedetto7@gmail.com\n\nProject Link: [https://github.com/Ivanodib/azure-graph-toolkit](https://github.com/Ivanodib/azure-graph-toolkit)\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n",
"bugtrack_url": null,
"license": null,
"summary": "Lightweight python library for easily managing Azure AD (Entra ID) users and groups through the Graph API.",
"version": "1.1.1",
"project_urls": {
"Homepage": "https://github.com/Ivanodib/azure-graph-toolkit"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "b1219bcf844d1e674c14ffb0c535f594dd3056e67474de1916ec621dc8519aaf",
"md5": "848b6a11161a049d895268aac82e4c85",
"sha256": "8a96b07fcb252b6b25a8b490ca7a126deea71471e1819288023a80d36d06158e"
},
"downloads": -1,
"filename": "azure_graph_toolkit-1.1.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "848b6a11161a049d895268aac82e4c85",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 23070,
"upload_time": "2024-08-22T14:54:30",
"upload_time_iso_8601": "2024-08-22T14:54:30.646445Z",
"url": "https://files.pythonhosted.org/packages/b1/21/9bcf844d1e674c14ffb0c535f594dd3056e67474de1916ec621dc8519aaf/azure_graph_toolkit-1.1.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "5937a35d14bafa7c41840a5c5189a37e1cf3d40a889165daede29470aa679f59",
"md5": "a156502cdd8d60e7c2d23a26c18fe693",
"sha256": "e302942060a09622c3745cf2db7c4f0cdcbbb217ae594c0b1b61ee999dc2b51d"
},
"downloads": -1,
"filename": "azure_graph_toolkit-1.1.1.tar.gz",
"has_sig": false,
"md5_digest": "a156502cdd8d60e7c2d23a26c18fe693",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 23303,
"upload_time": "2024-08-22T14:54:31",
"upload_time_iso_8601": "2024-08-22T14:54:31.569314Z",
"url": "https://files.pythonhosted.org/packages/59/37/a35d14bafa7c41840a5c5189a37e1cf3d40a889165daede29470aa679f59/azure_graph_toolkit-1.1.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-08-22 14:54:31",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Ivanodib",
"github_project": "azure-graph-toolkit",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "azure-graph-toolkit"
}
JSON
