azure active directory – users deleted from tenant not in delta api response

I use graph.microsoft.com/v1.0/groups/delta?$filter=id eq ‘[group-id]’ for reading members of a group. I save the users from the group in a cache.

On running @odata.deltaLink API, I get incremental changes of the group and update members of the group in cache.

The issue I see is that @odata.deltaLink API does not return users deleted from a tenant (and are no longer a member of the group)

Because of this, members stored in cache is not uptodate. It includes users that don’t exist in tenant.

If I run graph.microsoft.com/v1.0/users/delta, I can get users deleted from the tenant and update cache to remove users deleted from the tenant.

Is there a better approach to handle this?
Is there a way to verify that the members stored in cache actually matches users in the actual group?

Read more here: Source link