To put it simply, Microsoft Graph is a REST-API and acts as gateway to numerous services Microsoft365 offers [1].
Using Microsoft Graph in your environment
To begin with, you need an active subscription for Microsoft 365. The actual plan does not matter, as even the Basic tier is sufficient. If you want to get a first look at the API’s capabilities, check out Microsoft Graph Explorer. (https://developer.microsoft.com/en-us/graph/graph-explorer).
Writing our own application
If you want to create your own application, let’s get started. Let’s consider an application that monitors inventory stock. As soon as the stock falls below a certain number, an email should be sent to the orders team.
AzureAD Registration
- Delegated permissons
- Application permissions
- Go to portal.azure.com and login with your credentials
- Click on Azure Active Directory
- From the left side select App Registrations
- Click on New Registration and copy the configuration from below image
The supported account types can be adjusted to your needs.
- Click on the newly created app registration
- Select Authentication from the menu on the right
- Add a new Authentication of type Mobile and desktop application
For our example to work enter below configuration:
- Switch the slider for Allow Public Client Flows to the “on” position and save
- From the menu select Certificates & Secrets
- Add a new client secret and remember to save it as it is only shown once
- Go to API permissions and select permissions like shown below
- Client id
- Client secret
- Tenant id
Implementation
Conclusion
The Graph API is a powerful gateway to the services offered by Microsoft. There are numerous applications imaginable, such as status updates on pipeline runs through Teams, email notifications like in the example, or user management within Azure AD.
Sources
0 Comments