How to Create Azure AD Security Group using Microsoft Graph APIs (Postman & Python Code Sample)
Azure Active Directory (Azure AD) groups are used to manage users that all need the same access and permissions to resources, such as potentially restricted apps and services. Instead of adding special permissions to individual users, you create a group that applies the special permissions to every member of that group.
You can refer to below steps for the scenarios in which you have Azure AD service principle with required permissions to create Security Groups in Azure Active Directory and need to call Microsoft Graph REST APIs from your dev or local environment via Postman or through python code.
First step is to register a client application with Azure AD and assign required permissions to create AD groups
1. Sign in the Azure portal, search for and select Azure Active Directory.
2. In the left panel, under Manage, select App registrations > All Applications > Select your registered application (Service Principal Account) > API Permissions
3. Least Privileged Permissions required to create AAD groups are:
- Group.Read.All
- Group.ReadWrite.All
- Group.Create
Python Source Code:
Refer attached python source code (SecurityGroupCreatePythonSample.zip)
- Update ClientId, ClientSecret and Tenant details in config.cfg file
- Update Request body to create new group in graph.py file
- Install Required dependencies to build the project.
python3 -m pip install azure-identity python3 -m pip install msgraph-core -
Ensure that installed package script path are added into System Environment Variables.
- Run Main.py file. Choice 6 and 7 are the methods to list or create group using SPN (App Only Authentication)
Reference Link:
Build Python apps with Microsoft Graph - Microsoft Graph | Microsoft Docs
Step 7: Build Python apps with Microsoft Graph - Microsoft Graph | Microsoft Docs
Step 8: Build Python apps with Microsoft Graph - Microsoft Graph | Microsoft Docs
Postman:
Create Authorization Header in Postman Requests Collection Folder Level:
Access Token Url: https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/token
Scope: https://graph.microsoft.com/.default
Grant_Type = Client Credentials
Rest API to create Group:
Url: https://graph.microsoft.com/v1.0/groups
Request Type: Post
Authorization Type: Bearer Token. Copy the access token created from above step
Request Body:
Reference Link:
Use Postman with the Microsoft Graph API - Microsoft Graph | Microsoft Docs
Note:
- If SPN is granted with Delegated permission, you need to follow User Authorization Code to generate access token
- If SPN is granted with Application permission, you can follow Grant type= Client Credentials
Published on:
Learn moreRelated posts
SharePoint: UPPER function
Converts text to uppercase, leaving numbers and punctuation untouched. The result is always text.
What’s new across Microsoft SQL in 2026 so far (SQL Server, Azure SQL, and SQL database in Fabric)
We’re halfway through 2026, and Microsoft SQL has not slowed down. Since SQLCon/FabCon in March (where we released a ton of things, and those ...
Claude dans Microsoft 365 Copilot : choisir le bon modèle d'IA pour votre PME
Claude dans Microsoft 365 Copilot : choisir le bon modèle d'IA pour votre PME Depuis quelques semaines, la même question r...
Updates available for Microsoft 365 Apps for Current Channel
We’ve released updates to the following update channel for Microsoft 365 Apps: Current Channel When this will happen: We’ll be gra...
Microsoft 365 for IT Pros (13th Edition) and some other news
It is July morning, which means the latest edition of the best Microsoft 365 book out there is now available! For this year’s edition, w...
Announcing Microsoft 365 for IT Pros (2027 Edition)
We're happy to announce the publication of Microsoft 365 for IT Pros (2027 edition) eBook, the most comprehensive and up-to-date book covering...
Microsoft Teams: Front-of-room view control for Town Halland Webinar in Teams Rooms on Android
When a Teams Rooms on Android is invited as a meeting presenter, the front-of-room display defaults to the attendee view. Presenters always ha...
Microsoft Copilot (Microsoft 365): Insights: Copilot Analytics – Cowork adoption and impact
Deeper insights into Cowork adoption and impact accessible from the new AI Cost dashboard and Copilot dashboard. Includes export capability. A...
SharePoint Framework (SPFx) roadmap update – July 2026
June celebrates the announcement of upcoming SharePoint Copilot Apps, ships the quality-focused SPFx 1.23.2 release, and shares the roadmap fo...
SharePoint Framework (SPFx) roadmap update – July 2026
June celebrates the announcement of upcoming SharePoint Copilot Apps, ships the quality-focused SPFx 1.23.2 release, and shares the roadmap fo...