entra_id_get_group
Retrieve a specific Entra ID (Azure AD) group using its object ID to manage access controls and security policies within Microsoft Sentinel.
Instructions
Get a group from Entra ID (Azure AD) by object ID.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| kwargs | Yes |
Implementation Reference
- tools/entra_id_tools.py:175-201 (handler)The EntraIDGetGroupTool class defines the core handler logic for the 'entra_id_get_group' tool. It checks Graph API permissions, extracts the group_id parameter, constructs the Microsoft Graph API URL, fetches the group data asynchronously, and handles errors including permission denials.
class EntraIDGetGroupTool(EntraIDToolBase): """ Tool to get a group by object ID from Entra ID (Azure AD). """ name = "entra_id_get_group" description = "Get a group from Entra ID (Azure AD) by object ID." async def run(self, ctx: Context, **kwargs): self.check_graph_permissions() group_id = self._extract_param(kwargs, "group_id") if not group_id: raise Exception("Missing required parameter: group_id") client = GraphApiClient() url = f"{GRAPH_API_BASE}/groups/{group_id}" try: def fetch(): for page in client.call_azure_rest_api("GET", url): return page return await run_in_thread(fetch, name="entra_id_get_group") except requests.HTTPError as e: if e.response.status_code == 403: raise Exception("Permission denied: Group.Read.All is required.") from e raise - tools/entra_id_tools.py:203-214 (registration)The register_tools function registers the EntraIDGetGroupTool (along with other Entra ID tools) with the MCP server instance using the register method inherited from the base class.
def register_tools(mcp): """ Register all Entra ID tools with the MCP server instance. Args: mcp: The MCP server instance. """ EntraIDListUsersTool.register(mcp) EntraIDGetUserTool.register(mcp) EntraIDListGroupsTool.register(mcp) EntraIDGetGroupTool.register(mcp)