List all Microsoft 365 Groups and Teams in the tenant

Microsoft 365 Groups are the membership backbone for Teams, SharePoint sites, Planner, Outlook distribution, and Yammer communities. Over time, tenants accumulate hundreds or thousands of groups — some created deliberately by admins, others auto-provisioned when users spin up a new Team or Planner board. Without periodic inventory, it becomes hard to answer basic governance questions: How many Teams do we have? Which groups are orphaned? Are there duplicates?

This recipe produces a complete inventory of every Microsoft 365 Group in your tenant and flags which ones are Teams-enabled (vs. Outlook-only groups or SharePoint-only groups). Run it as a starting point for lifecycle cleanup, license chargeback, security reviews, or migration planning.

After completing this recipe, you will have:

• A complete list of all Microsoft 365 Groups in the tenant, with display name, description, and group type
• A clear distinction between Teams-enabled groups and other group types (Outlook, Security, Distribution)
• Group IDs that can be fed into follow-up scripts (membership audits, archival, deletion)
• An exportable CSV suitable for sharing with governance, security, or compliance stakeholders

Things to watch for

• Permissions: You need Group.Read.All (delegated or application). Without it, the Graph call returns HTTP 403.
• Paging: Tenants with more than 100 groups will return an @odata.nextLink. You must follow it or you will miss groups. The sample script handles this automatically.
• Throttling: Very large tenants (10k+ groups) may hit Graph throttling. Add retry-with-backoff or use $top=999 to reduce round trips.
• Soft-deleted groups: This query does not return deleted groups. To include them, query /directory/deletedItems/microsoft.graph.group separately.
• Privacy: Group names and descriptions can contain sensitive project codenames. Treat the export as confidential.