Date post: | 28-Jan-2018 |
Category: |
Software |
Upload: | malin-de-silva |
View: | 25 times |
Download: | 0 times |
Malin De Silva
MCSD, SharePoint Applications
MVP, Office Servers and Services
MVP, Office Servers and Services
Speaker and blogger
What is Microsoft Graph?
■ 100 million users, 250K organizations and 65% Seats are online
– SPSNL17 -Introduction to Microsoft Graph API -Carl in 't Veld & Donald Hessing
■ Made up with resources connected by relationships
Scenarios
■ Effective communications
■ Meeting arrangements
■ Categorize photos
■ Insights and forecasts
Authentication
■ Get access token from Azure AD
– 64 encoded JWT
■ Use it in next requests
EwAoA8l6BAAU7p9QDpi/D7xJLwsTgCg3TskyTaQAAXu71AU9f4aS4rOK5xoO/SU5HZKSXtCsDe0Pj7uSc5Ug008qTI+a9M1tBeKoTs7tHzhJNSKgk7pm5e8d3oGWXX5shyOG3cKSqgfwuNDnmmPDNDivwmi9kmKqWIC9OQRf8InpYXH7NdUYNwN+jljffvNTewdZz42VPrvqoMH7hSxiG7A1h8leOv4F3Ek/oeJX6U8nnL9nJ5pHLVuPWD0aNnTPTJD8Y4oQTp5zLhDIIfaJCaGcQperULVF7K6yX8MhHxIBwek418rKIp11om0SWBXOYSGOM0rNNN59qNiKwLNK+MPUf7ObcRBN5I5vg8jB7IMoz66jrNmT2uiWCyI8MmYDZgAACPoaZ9REyqke+AE1/x1ZX0w7OamUexKF8YGZiw+cDpT/BP1GsONnwI4a8M7HsBtDgZPRd6/Hfqlq3HE2xLuhYX8bAc1MUr0gP9KuH6HDQNlIV4KaRZWxyRo1wmKHOF5G5wTHrtxg8tnXylMc1PKOtaXIU4JJZ1l4x/7FwhPmg9M86PBPWr5zwUj2CVXC7wWlL/6M89Mlh8yXESMO3AIuAmEMKjqauPrgi9hAdI2oqnLZWCRL9gcHBida1y0DTXQhcwMv1ORrk65VFHtVgYAegrxu3NDoJiDyVaPZxDwTYRGjPII3va8GALAMVy5xou2ikzRvJjW7Gm3XoaqJCTCExN4m5i/Dqc81Gr4uT7OaeypYTUjnwCh7aMhsOTDJehefzjXhlkn//2eik+NivKx/BTJBEdT6MR97Wh/ns/VcK7QTmbjwbU2cwLngT7Ylq+uzhx54R9JMaSLhnw+/nIrcVkG77Hi3neShKeZmnl5DC9PuwIbtNvVge3Q+V0ws2zsL3z7ndz4tTMYFdvR/XbrnbEErTDLWrV6Lc3JHQMs0bYUyTBg5dThwCiuZ1evaT6BlMMLuSCVxdBGzXTBcvGwihFzZbyNoX+52DS5x+RbIEvd6KWOpQ6Ni+1GAawHDdNUiQTQFXRxLSHfc9fh7hE4qcD7PqHGsykYj7A0XqHCjbKKgWSkcAg==
HTTP/1.1 Authorization: Bearer EwAoA8... KKgWSkcAg== Host: graph.microsoft.com` GET https://graph.microsoft.com/v1.0/me/
Access Token
■ Azure AD, OAuth 2.0 and OpenID Connect 1.0
– https://login.microsoftonline.com/common/oauth2/v2.0/authorize
– https://login.microsoftonline.com/common/oauth2/v2.0/token
■ Azure AD vs Azure AD 2.0
– Organizations and Consumers
App Registration
■ Microsoft App Registration Portal
– https://apps.dev.microsoft.com/
App type Platform Application ID Application Secret Redirect URI/URL Implicit Flow
Native/Mobile Native Assigned No Assigned No
Web App Web Assigned Yes Yes
Optional Open ID Connect middleware uses hybrid flow by default (Yes)
Single Page App (SPA) Web Assigned Yes YesYes SPAs use Open ID Connect implicit Flow
Service/Daemon Web Assigned Yes Yes No
Permissions
■ Delegated Permissions
– Signed-in user present
– Administrative/ non-administrative user consent
■ Application Permissions
– Apps’ presence
– Administrative user consent
■ Effective Permissions
– Delegated -> Least privileged
– Application -> Full level of privileges
■ simple pattern: resource.operation.constraint
– E.g.: User.Read.All
– Constraints■ All
■ Shared
■ AppFolder
Demonstration
https://developer.microsoft.com/en-us/graph/graph-explorerSharePoint endpoints in graph explorer.