During the development of the custom solutions, we have to get the user properties from the Azure Active Directory (AAD). By default, we only get a limited number of user properties and sometimes we need more than that.
For example, EmployeeId is not returned by default when you make the following Microsoft Graph call:
Or when you use the Get-PnpAzureADUser in PowerShell.
In this article, we will look at how to retrieve the additional properties of an Azure AD user using PowerShell. The additional properties of a user include details such as the employee id, display name, and so on.
Install the SharePointPnPPowerShellOnline module by running the command:
> Install-Module SharePointPnPPowerShellOnline> Install-Module SharePointPnPPowerShellOnline
Set the execution policy for PowerShell scripts by running the command:
> Set-ExecutionPolicy RemoteSigned
The above script connects to the SharePoint Online site using the Connect-PnPOnline cmdlet and the -Interactive parameter. This allows the script to interactively log in to the SharePoint Online site using a pop-up. The script then retrieves the additional properties of the Azure AD user using the Get-PnPAzureADUser cmdlet. The -Identity parameter specifies the user email, and the -Select parameter specifies the properties we want to retrieve. Without the parameter, results will contain the limited default set of user attributes.
In this example, the additional property of the user is the EmployeeId. The script retrieves the employee id of the user with the email address email@example.com.
In conclusion, the PowerShell script provides an easy way to retrieve the additional properties of Azure AD users. With the help of the SharePoint PnP PowerShell library, you can automate many SharePoint and Azure AD tasks, thereby improving your productivity.
For more information on the SharePoint PnP PowerShell library and its cmdlets, you can refer to the official documentation: