openapi: 3.1.0
info:
title: Microsoft Entra Microsoft Graph Identity API
description: >-
RESTful API for managing identity resources in Microsoft Entra ID
(formerly Azure Active Directory) through Microsoft Graph. Provides
CRUD operations for users, groups, applications, and service principals
enabling directory management, identity governance, and application
integration.
version: v1.0
contact:
name: Microsoft Graph Support
url: https://developer.microsoft.com/en-us/graph
termsOfService: https://www.microsoft.com/licensing/terms/
license:
name: Microsoft API License
url: https://learn.microsoft.com/en-us/legal/microsoft-apis/terms-of-use
externalDocs:
description: Microsoft Graph Identity and Access Management Documentation
url: https://learn.microsoft.com/en-us/graph/azuread-identity-access-management-concept-overview
servers:
- url: https://graph.microsoft.com/v1.0
description: Microsoft Graph v1.0 production endpoint
- url: https://graph.microsoft.com/beta
description: Microsoft Graph beta endpoint (preview features)
tags:
- name: Applications
description: >-
Register and manage application objects that define application
configuration including credentials, permissions, and sign-in settings
- name: Groups
description: >-
Manage groups for organizing users, devices, and other principals
including Microsoft 365 groups, security groups, and distribution lists
- name: ServicePrincipals
description: >-
Manage service principal objects that represent application instances
in a tenant for authentication and authorization
- name: Users
description: >-
Manage user accounts in the directory including creation, updates,
profile management, and lifecycle operations
security:
- oauth2: []
paths:
/users:
get:
operationId: listUsers
summary: Microsoft Entra List Users
description: >-
Retrieve a list of user objects in the directory. Returns a paged
collection of user resources with support for OData query parameters
including $select, $filter, $orderby, $top, $skip, $count, $search,
and $expand.
tags:
- Users
parameters:
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Filter'
- $ref: '#/components/parameters/OrderBy'
- $ref: '#/components/parameters/Top'
- $ref: '#/components/parameters/Skip'
- $ref: '#/components/parameters/Count'
- $ref: '#/components/parameters/Search'
- $ref: '#/components/parameters/Expand'
- $ref: '#/components/parameters/ConsistencyLevel'
responses:
'200':
description: Collection of user objects
content:
application/json:
schema:
$ref: '#/components/schemas/UserCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
operationId: createUser
summary: Microsoft Entra Create User
description: >-
Create a new user in the directory. The request body must contain
the required properties including displayName, accountEnabled,
mailNickname, userPrincipalName, and passwordProfile.
tags:
- Users
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/User'
responses:
'201':
description: User created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/User'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/users/{user-id}:
get:
operationId: getUser
summary: Microsoft Entra Get User
description: >-
Retrieve the properties and relationships of a user object.
Specify the user by id or userPrincipalName.
tags:
- Users
parameters:
- $ref: '#/components/parameters/UserId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Expand'
responses:
'200':
description: User object
content:
application/json:
schema:
$ref: '#/components/schemas/User'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
patch:
operationId: updateUser
summary: Microsoft Entra Update User
description: >-
Update the properties of a user object. Not all properties can be
updated by member or guest users with their default permissions
without administrator roles.
tags:
- Users
parameters:
- $ref: '#/components/parameters/UserId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/User'
responses:
'204':
description: User updated successfully
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
delete:
operationId: deleteUser
summary: Microsoft Entra Delete User
description: >-
Delete a user object. The user is moved to the deletedItems
container and can be restored within 30 days. After 30 days the
user is permanently deleted.
tags:
- Users
parameters:
- $ref: '#/components/parameters/UserId'
responses:
'204':
description: User deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/users/{user-id}/memberOf:
get:
operationId: listUserMemberOf
summary: Microsoft Entra List User Group Memberships
description: >-
Get the groups, directory roles, and administrative units that the
user is a direct member of.
tags:
- Users
parameters:
- $ref: '#/components/parameters/UserId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Filter'
- $ref: '#/components/parameters/Top'
responses:
'200':
description: Collection of directory objects the user is a member of
content:
application/json:
schema:
$ref: '#/components/schemas/DirectoryObjectCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/groups:
get:
operationId: listGroups
summary: Microsoft Entra List Groups
description: >-
List all groups in the directory including Microsoft 365 groups,
security groups, mail-enabled security groups, and distribution
groups. Returns a paged collection with OData query support.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Filter'
- $ref: '#/components/parameters/OrderBy'
- $ref: '#/components/parameters/Top'
- $ref: '#/components/parameters/Skip'
- $ref: '#/components/parameters/Count'
- $ref: '#/components/parameters/Search'
- $ref: '#/components/parameters/Expand'
- $ref: '#/components/parameters/ConsistencyLevel'
responses:
'200':
description: Collection of group objects
content:
application/json:
schema:
$ref: '#/components/schemas/GroupCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
operationId: createGroup
summary: Microsoft Entra Create Group
description: >-
Create a new group in the directory. You can create Microsoft 365
groups, security groups, or mail-enabled security groups. Specify
the groupTypes, mailEnabled, and securityEnabled properties to
determine the type of group.
tags:
- Groups
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
responses:
'201':
description: Group created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/groups/{group-id}:
get:
operationId: getGroup
summary: Microsoft Entra Get Group
description: >-
Get the properties and relationships of a group object. Returns
the default set of properties unless $select is specified.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/GroupId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Expand'
responses:
'200':
description: Group object
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
patch:
operationId: updateGroup
summary: Microsoft Entra Update Group
description: >-
Update the properties of a group object. Not all properties can be
updated depending on the group type.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/GroupId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
responses:
'204':
description: Group updated successfully
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
delete:
operationId: deleteGroup
summary: Microsoft Entra Delete Group
description: >-
Delete a group. Deleting a Microsoft 365 group moves it to the
deletedItems container where it can be restored within 30 days.
Security groups are permanently deleted immediately.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/GroupId'
responses:
'204':
description: Group deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/groups/{group-id}/members:
get:
operationId: listGroupMembers
summary: Microsoft Entra List Group Members
description: >-
Get the direct members of a group. A group can have users, devices,
other groups, organizational contacts, and service principals as
members.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/GroupId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Filter'
- $ref: '#/components/parameters/Top'
- $ref: '#/components/parameters/Count'
- $ref: '#/components/parameters/ConsistencyLevel'
responses:
'200':
description: Collection of directory objects that are members of the group
content:
application/json:
schema:
$ref: '#/components/schemas/DirectoryObjectCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/groups/{group-id}/members/$ref:
post:
operationId: addGroupMember
summary: Microsoft Entra Add Group Member
description: >-
Add a member to a Microsoft 365 group or a security group by
posting a reference to the directory object to add.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/GroupId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ODataReference'
responses:
'204':
description: Member added successfully
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/groups/{group-id}/members/{directoryObject-id}/$ref:
delete:
operationId: removeGroupMember
summary: Microsoft Entra Remove Group Member
description: >-
Remove a member from a group via the members navigation property.
Specify the member to remove by its directory object id.
tags:
- Groups
parameters:
- $ref: '#/components/parameters/GroupId'
- name: directoryObject-id
in: path
required: true
description: Unique identifier of the directory object to remove
schema:
type: string
responses:
'204':
description: Member removed successfully
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/applications:
get:
operationId: listApplications
summary: Microsoft Entra List Applications
description: >-
Get the list of application registrations in the directory. Returns
the application objects with their configuration properties including
credentials, permissions, and sign-in settings.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Filter'
- $ref: '#/components/parameters/OrderBy'
- $ref: '#/components/parameters/Top'
- $ref: '#/components/parameters/Skip'
- $ref: '#/components/parameters/Count'
- $ref: '#/components/parameters/Search'
- $ref: '#/components/parameters/ConsistencyLevel'
responses:
'200':
description: Collection of application objects
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
operationId: createApplication
summary: Microsoft Entra Create Application
description: >-
Create a new application registration in the directory. The
application object represents the global definition of the app
including its identity, access configuration, and settings.
tags:
- Applications
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
responses:
'201':
description: Application created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/applications/{application-id}:
get:
operationId: getApplication
summary: Microsoft Entra Get Application
description: >-
Get the properties and relationships of an application object by
its id (object id, not appId).
tags:
- Applications
parameters:
- $ref: '#/components/parameters/ApplicationId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Expand'
responses:
'200':
description: Application object
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
patch:
operationId: updateApplication
summary: Microsoft Entra Update Application
description: >-
Update the properties of an application object.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/ApplicationId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
responses:
'204':
description: Application updated successfully
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
delete:
operationId: deleteApplication
summary: Microsoft Entra Delete Application
description: >-
Delete an application object. The application is moved to the
deletedItems container and can be restored within 30 days.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/ApplicationId'
responses:
'204':
description: Application deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/applications/{application-id}/addPassword:
post:
operationId: addApplicationPassword
summary: Microsoft Entra Add Password Credential
description: >-
Add a strong password or secret to an application. The response
includes the generated secretText which is only returned at
creation time and cannot be retrieved later.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/ApplicationId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordCredential'
responses:
'200':
description: Password credential created with secretText
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordCredential'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/applications/{application-id}/removePassword:
post:
operationId: removeApplicationPassword
summary: Microsoft Entra Remove Password Credential
description: >-
Remove a password credential from an application by specifying
the keyId of the password to remove.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/ApplicationId'
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- keyId
properties:
keyId:
type: string
format: uuid
description: The unique identifier for the password to remove
responses:
'204':
description: Password credential removed successfully
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/servicePrincipals:
get:
operationId: listServicePrincipals
summary: Microsoft Entra List Service Principals
description: >-
Retrieve a list of service principal objects in the directory.
A service principal represents an instance of an application in
a tenant and is the identity used for authentication and
authorization.
tags:
- ServicePrincipals
parameters:
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Filter'
- $ref: '#/components/parameters/OrderBy'
- $ref: '#/components/parameters/Top'
- $ref: '#/components/parameters/Skip'
- $ref: '#/components/parameters/Count'
- $ref: '#/components/parameters/Search'
- $ref: '#/components/parameters/ConsistencyLevel'
responses:
'200':
description: Collection of service principal objects
content:
application/json:
schema:
$ref: '#/components/schemas/ServicePrincipalCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
operationId: createServicePrincipal
summary: Microsoft Entra Create Service Principal
description: >-
Create a new service principal in the directory. The appId property
in the request body is required and must reference an existing
application registration.
tags:
- ServicePrincipals
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ServicePrincipal'
responses:
'201':
description: Service principal created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ServicePrincipal'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/servicePrincipals/{servicePrincipal-id}:
get:
operationId: getServicePrincipal
summary: Microsoft Entra Get Service Principal
description: >-
Retrieve the properties and relationships of a service principal
object.
tags:
- ServicePrincipals
parameters:
- $ref: '#/components/parameters/ServicePrincipalId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Expand'
responses:
'200':
description: Service principal object
content:
application/json:
schema:
$ref: '#/components/schemas/ServicePrincipal'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
patch:
operationId: updateServicePrincipal
summary: Microsoft Entra Update Service Principal
description: >-
Update the properties of a service principal object.
tags:
- ServicePrincipals
parameters:
- $ref: '#/components/parameters/ServicePrincipalId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ServicePrincipal'
responses:
'204':
description: Service principal updated successfully
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
delete:
operationId: deleteServicePrincipal
summary: Microsoft Entra Delete Service Principal
description: >-
Delete a service principal object. This removes the application
instance from the tenant but does not delete the application
registration.
tags:
- ServicePrincipals
parameters:
- $ref: '#/components/parameters/ServicePrincipalId'
responses:
'204':
description: Service principal deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/servicePrincipals/{servicePrincipal-id}/appRoleAssignments:
get:
operationId: listServicePrincipalAppRoleAssignments
summary: Microsoft Entra List App Role Assignments
description: >-
Get the app role assignments granted to this service principal.
App role assignments represent permissions granted to the service
principal to call another application's API.
tags:
- ServicePrincipals
parameters:
- $ref: '#/components/parameters/ServicePrincipalId'
- $ref: '#/components/parameters/Select'
- $ref: '#/components/parameters/Top'
responses:
'200':
description: Collection of app role assignments
content:
application/json:
schema:
$ref: '#/components/schemas/AppRoleAssignmentCollectionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
operationId: grantServicePrincipalAppRoleAssignment
summary: Microsoft Entra Grant App Role Assignment
description: >-
Grant an app role assignment to a service principal. App roles
assigned to service principals are also known as application
permissions.
tags:
- ServicePrincipals
parameters:
- $ref: '#/components/parameters/ServicePrincipalId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/AppRoleAssignment'
responses:
'201':
description: App role assignment created
content:
application/json:
schema:
$ref: '#/components/schemas/AppRoleAssignment'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
components:
securitySchemes:
oauth2:
type: oauth2
description: >-
OAuth 2.0 authorization using Microsoft identity platform.
Supports authorization code flow for delegated permissions
and client credentials flow for application permissions.
flows:
authorizationCode:
authorizationUrl: https://login.microsoftonline.com/common/oauth2/v2.0/authorize
tokenUrl: https://login.microsoftonline.com/common/oauth2/v2.0/token
scopes:
User.Read: Read the signed-in user's profile
User.ReadWrite: Read and update the signed-in user's profile
User.Read.All: Read all users' profiles
User.ReadWrite.All: Read and write all users' profiles
Group.Read.All: Read all groups
Group.ReadWrite.All: Read and write all groups
GroupMember.Read.All: Read all group memberships
GroupMember.ReadWrite.All: Read and write all group memberships
Application.Read.All: Read all applications
Application.ReadWrite.All: Read and write all applications
Directory.Read.All: Read directory data
Directory.ReadWrite.All: Read and write directory data
clientCredentials:
tokenUrl: https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
scopes:
https://graph.microsoft.com/.default: Default scope for application permissions
parameters:
UserId:
name: user-id
in: path
required: true
description: >-
Unique identifier of the user (object ID) or the
userPrincipalName (e.g., [email protected])
schema:
type: string
GroupId:
name: group-id
in: path
required: true
description: Unique identifier of the group (object ID)
schema:
type: string
ApplicationId:
name: application-id
in: path
required: true
description: Unique identifier of the application (object ID, not appId)
schema:
type: string
ServicePrincipalId:
name: servicePrincipal-id
in: path
required: true
description: Unique identifier of the service principal (object ID)
schema:
type: string
Select:
name: $select
in: query
required: false
description: >-
Comma-separated list of properties to include in the response.
If unspecified, a default set of properties is returned.
schema:
type: string
example: id,displayName,mail
Filter:
name: $filter
in: query
required: false
description: OData filter expression to restrict the returned collection
schema:
type: string
example: startswith(displayName,'J')
OrderBy:
name: $orderby
in: query
# --- truncated at 32 KB (71 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/microsoft-entra/refs/heads/main/openapi/microsoft-entra-graph-identity-openapi.yml