![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 30%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
4,050 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 54%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Hi @Suvhana
Thanks for reaching out to Microsoft Q&A forum support
I completely understand how tricky it can be to manage users across multiple verified subdomains, especially when you're trying to get a clear overview of who’s in your tenant and how they’re distributed. In most cases, if you just want to check which users exist in your tenant, a simple and effective method is to use the Microsoft Graph API endpoint
GET https://graph.microsoft.com/v1.0/auditLogs/signIns$select=userPrincipalName,createdDateTime.
This gives you basic sign-in data, including userPrincipalName, which can help identify active users. However, this method doesn’t support filtering by ___domain directly on the server side, and with a large tenant, manually processing this data can be time-consuming and inefficient.
After doing some research, I found that if you want to list users based on specific subdomains (like @sub1.___domain.com or @sub2.___domain.com), you’ll need to use a more advanced query such as
GET https://graph.microsoft.com/v1.0/users$count=true&$filter=endsWith(mail,'@subdomain.___domain.com').
This is part of Microsoft Graph’s Advanced Query Capabilities, which allow for more powerful filtering options like startsWith, endsWith. However, there are a few important requirements: you must include the header ConsistencyLevel: eventual, and you need to append &$count=true to the query string. It’s also worth noting that these advanced filters are only supported on certain endpoints like /users, and not on /auditLogs/signIns.
At the moment, we don’t have the right environment or permissions to test this advanced query setup ourselves. That said, I’ve found some helpful resources that might guide you further.
Link Article: Advanced query capabilities on Microsoft Entra ID objects - Microsoft Graph | Microsoft Learn
Additionally, I came across a GitHub issue that discusses potential bugs and limitations when using these advanced queries with the Microsoft Graph PowerShell SDK it might be worth reviewing if you run into unexpected behavior.
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link
Hope you will solve the problem soon
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread