November 17th, 2018

30DaysMSGraph – Day 17 – Use Case: Assign an Office 365 license

List of all posts in the #30DaysMSGraph series

In Day 16 we extended the base .Net Core console application to create a user by calling Azure AD.  Today we’ll extend the base console application to assign a user license in Office 365.  Note that it is not required to perform each of the daily Use Case samples in order to continue to the next.  Starting with the base console application from Day 15 will be sufficient if building from scratch, or as always, you can clone the completed version in the provided repo at bottom of this post.

You can assign licenses to an Office 365 user by calling the /Users/<id>/assignLicense endpoint as detailed in the Microsoft Graph documentation.  Not only can you assign licenses but you can also remove licenses as well as enable or disable specific plans within a license.  In this post and associated code sample we are only covering the assign license aspect.

Permissions required

The User.ReadWrite.All or Directory.ReadWrite.All permission is required to assign or remove a license.  Before we can assign or remove a license though we must know which licenses are available within the tenant.  Available licenses (also called subscribed SKUs) is available through the /subscriberSkus endpoint (documentation) and requires Directory.Read.All or Directory.ReadWrite.All permissions.  In order to simplify overall necessary permissions we will assign and consent the Directory.ReadWrite.All permissions for today.

Since you didn’t assign this permission in a previous day ensure that you assign them now to your Azure AD application.  Navigate to the Preview App Registrations experience in the Azure AD portal and assign the application permission for Directory.ReadWrite.All under Microsoft Graph API.

Get user

The first step in assigning a license is getting a reference to a user within the tenant.  For today’s solution we’ll use the Microsoft Graph SDK and look up a user by their UPN.

public async Task<User> GetUser(string UPN)
{
    var user = await _graphClient.Users[UPN].Request().GetAsync();
    return user;
}

List licenses (subscription SKUs)

The second step is getting a reference to a license (subscription SKU) within the tenant.  If you know the exact internal name of the SKU you could perform a query but many times the internal name (ex. “ENTERPRISEPREMIUM” is not the same as the display name (ex. “Office 365 Enterprise E5”).  As such we’ll query for all SKUs and then select the first result from the collection that comes back.

public async Task<SubscribedSku> GetLicense()
{
    var skuResult = await _graphClient.SubscribedSkus.Request().GetAsync();
    return skuResult[0];
}

Assign license

The last step is building a request containing the licenses to add and the licenses to remove.  In this case we pass in the userId and skuId from the previous calls above.

public async Task AddLicense(string userId, Guid? skuId)
{
    var licensesToAdd = new List<AssignedLicense>();
    var licensesToRemove = new List<Guid>();

    var license = new AssignedLicense()
    {
        SkuId = skuId,
    };

    licensesToAdd.Add(license);

    await _graphClient.Users[userId].AssignLicense(licensesToAdd, licensesToRemove).Request().PostAsync();
}

 

Try It Out

Navigate to the dotnetcore-console-sample repo.  Do one (or both) of the following:

Day 17 repo link

  1. Clone the repo and configure the project in the Day 17 sub-folder.
  2. Follow the instructions in Day 17 sub-folder to build the project from scratch yourself.

If you run into any issues while building or configuring the project please create a new Issue on the repo.

 

Join us tomorrow as we update a user mailbox using Microsoft Graph requests in Day 18.