diff --git a/services/graph/pkg/identity/odata.go b/services/graph/pkg/identity/odata.go
index 556cdcfed08..ef102cd7eb4 100644
--- a/services/graph/pkg/identity/odata.go
+++ b/services/graph/pkg/identity/odata.go
@@ -41,9 +41,6 @@ func GetSearchValues(req *godata.GoDataQuery) (string, error) {
 		return "", godata.NotImplementedError("complex search queries are not supported")
 	}
 
-	searchValue := req.Search.Tree.Token.Value
-	if strings.HasPrefix(searchValue, "\"") && strings.HasSuffix(searchValue, "\"") {
-		searchValue = strings.Trim(searchValue, "\"")
-	}
+	searchValue := strings.Trim(req.Search.Tree.Token.Value, "\"")
 	return searchValue, nil
 }
diff --git a/services/graph/pkg/service/v0/users.go b/services/graph/pkg/service/v0/users.go
index d048b7d9fb2..99ec31f9f7d 100644
--- a/services/graph/pkg/service/v0/users.go
+++ b/services/graph/pkg/service/v0/users.go
@@ -223,7 +223,13 @@ func (g Graph) GetUsers(w http.ResponseWriter, r *http.Request) {
 	}
 
 	ctxHasFullPerms := g.contextUserHasFullAccountPerms(r.Context())
-	if !ctxHasFullPerms && (odataReq.Query == nil || odataReq.Query.Search == nil || len(odataReq.Query.Search.RawValue) < g.config.API.IdentitySearchMinLength) {
+	minSearchLength := g.config.API.IdentitySearchMinLength
+	if strings.HasPrefix(odataReq.Query.Search.RawValue, "\"") {
+		// if search starts with double quotes then it must finish with double quotes
+		// add +2 to the minimum search length in this case
+		minSearchLength += 2
+	}
+	if !ctxHasFullPerms && (odataReq.Query == nil || odataReq.Query.Search == nil || len(odataReq.Query.Search.RawValue) < minSearchLength) {
 		// for regular user the search term must have a minimum length
 		logger.Debug().Interface("query", r.URL.Query()).Msgf("search with less than %d chars for a regular user", g.config.API.IdentitySearchMinLength)
 		errorcode.AccessDenied.Render(w, r, http.StatusForbidden, "search term too short")