entra_id_get_group
Retrieve Azure AD groups by object ID to manage access controls and security policies in Microsoft Sentinel environments.
Instructions
Get a group from Entra ID (Azure AD) by object ID.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| kwargs | Yes |
Implementation Reference
- tools/entra_id_tools.py:175-201 (handler)The EntraIDGetGroupTool class implements the core logic for the 'entra_id_get_group' tool. It checks permissions, extracts the group_id parameter, constructs the Microsoft Graph API URL, fetches the group data, and handles errors including permission checks.class EntraIDGetGroupTool(EntraIDToolBase): """ Tool to get a group by object ID from Entra ID (Azure AD). """ name = "entra_id_get_group" description = "Get a group from Entra ID (Azure AD) by object ID." async def run(self, ctx: Context, **kwargs): self.check_graph_permissions() group_id = self._extract_param(kwargs, "group_id") if not group_id: raise Exception("Missing required parameter: group_id") client = GraphApiClient() url = f"{GRAPH_API_BASE}/groups/{group_id}" try: def fetch(): for page in client.call_azure_rest_api("GET", url): return page return await run_in_thread(fetch, name="entra_id_get_group") except requests.HTTPError as e: if e.response.status_code == 403: raise Exception("Permission denied: Group.Read.All is required.") from e raise
- tools/entra_id_tools.py:203-213 (registration)The register_tools function registers the EntraIDGetGroupTool (along with other Entra ID tools) with the MCP server instance via EntraIDGetGroupTool.register(mcp). This is where the tool is made available to the MCP server.def register_tools(mcp): """ Register all Entra ID tools with the MCP server instance. Args: mcp: The MCP server instance. """ EntraIDListUsersTool.register(mcp) EntraIDGetUserTool.register(mcp) EntraIDListGroupsTool.register(mcp) EntraIDGetGroupTool.register(mcp)