I have not been able to find a method of using the graph to subscribe to all users changes, it looks like it is not possible.
So I set about subscribing to everyone individually, ideally I would like all updates from calendars, email and contacts eventually, but I started with calendars.
The code works perfectly with just my user, however when I try to subscribe for everyone (around 300 users), I hit a hard a limit, at seven subscriptions, as in further requests fail with a generic Bad Request
status.
In the official docs https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/resources/webhooks it says:
Limitations Certain limits apply and may generate errors when exceeded:
1) Maximum subscription quotas
- Per App: 50,000 total subscriptions
- Per Tenant: 35 total subscriptions across all apps
- Per App and Tenant combination: 7 total subscriptions
It seems that Tenant refers to an actual active directory, so we are limited to 7 per app, or 35 in total.
There is zero chance of splitting users into multi Active Directories of domains, even juggling multiple apps to do the same thing seems strange, these limits make no sense at all to me.
Is there any way to increase these tiny limits?
I am subscribing to users/$email/events
so I post to https://graph.microsoft.com/v1.0/subscriptions
{
"changeType": "created,updated,deleted",
"notificationUrl": "https://webhooks.mydomain.com/my/endpoint",
"resource": "users/$email/events",
"expirationDateTime":"2018-05-12T16:00:00.9356913Z",
"clientState": "my-super-secret-identifier"
}
And it works great, as long as I want <=7 subscriptions. I also subscribed to, the root /users to see if that would give me all changes, which meant I could then only subscribe to 6 individual calendars.
I am using the official PHP library, but presume/hope that doesn't matter.
Azure Active Directory (Azure AD) Graph is deprecated and will be retired at any time after June 30, 2023, without advance notice, as we announced in September, 2022.
Microsoft Graph Data Connect consumption charges are billed monthly on a pay-as-you-go basis. Charges are calculated using a flat rate based on the count of per-1,000 objects extracted through the connector.
Although clientState is not required, you must include it to comply with our recommended change notification handling process. Setting this property will allow you to confirm that change notifications you receive originate from the Microsoft Graph service.
As Jason said in the comments, the restriction in the question should only have applied to Active Directory Resources, not on the user level, the docs have now been changed:
Azure AD Resource Limitations
Certain limits apply to Azure AD based resources (users, groups) and may generate errors when exceeded:
Maximum subscription quotas:
- Per App: 50,000 total subscriptions
- Per Tenant: 35 total subscriptions
- across all apps Per App and Tenant combination: 7 total subscriptions
Whether it was a case of the power of suggestion causing the issue, or some transient bug somewhere I don't know, but the Gods of the Interwebs have smiled on me, and my code works now; even though I didn't change it.
Maybe removing and adding permissions helped in my case? Not sure.
At least the docs are right now.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With