entra_id_list_groups
Retrieve group information from Entra ID (Azure AD) using Microsoft Graph API to manage access and permissions in Microsoft Sentinel environments.
Instructions
List groups in Entra ID (Azure AD) via Microsoft Graph API.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| kwargs | Yes |
Implementation Reference
- tools/entra_id_tools.py:148-173 (handler)The EntraIDListGroupsTool class defines the tool with name 'entra_id_list_groups' and implements the handler logic in the 'run' method, which checks permissions, fetches all groups from the Microsoft Graph API '/groups' endpoint using GraphApiClient, handles pagination, and raises permission errors if Group.Read.All is missing.class EntraIDListGroupsTool(EntraIDToolBase): """ Tool to list groups in Entra ID (Azure AD) via Microsoft Graph API. """ name = "entra_id_list_groups" description = "List groups in Entra ID (Azure AD) via Microsoft Graph API." async def run(self, ctx: Context, **kwargs): self.check_graph_permissions() client = GraphApiClient() url = f"{GRAPH_API_BASE}/groups" try: def fetch(): groups = [] for page in client.call_azure_rest_api("GET", url): groups.extend(page.get("value", [])) return groups return await run_in_thread(fetch, name="entra_id_list_groups") except requests.HTTPError as e: if e.response.status_code == 403: raise Exception("Permission denied: Group.Read.All is required.") from e raise
- tools/entra_id_tools.py:203-214 (registration)The 'register_tools' function registers the EntraIDListGroupsTool (along with other Entra ID tools) with the MCP server instance via the 'register' class method.def register_tools(mcp): """ Register all Entra ID tools with the MCP server instance. Args: mcp: The MCP server instance. """ EntraIDListUsersTool.register(mcp) EntraIDGetUserTool.register(mcp) EntraIDListGroupsTool.register(mcp) EntraIDGetGroupTool.register(mcp)