General Discussion

 View Only

Tech Talks: Implementation - Microsoft Graph API Connection

  • 1.  Tech Talks: Implementation - Microsoft Graph API Connection

    Posted 05-23-2024 10:00
    Edited by Ian Chamberlain 05-24-2024 10:13

    This is going to be the first step towards a larger picture that is Microsoft. Microsoft's Graph API opens the door to many of the M365 applications that we use daily. Whether it's Teams, your calendar, or Users, the Graph API gives you the ability to access all of these different apps using a single endpoint. The purpose of this is to review how to establish a connection from TrueContext to the Microsoft Graph API using an Entra App Registration for authentication.

    Take a look at the Graph API documentation, and more specifically, look at the "Services and Features" that the API has access to. Now you can let your imagination run wild with opportunities.

    To perform all the steps in this post, you will need to be, or have access to, a Microsoft Admin so that an Entra App Registration can be made. You will also need to be an Admin in TrueContext to create new connections.

    Please note, the steps outlined here can vary depending on how your MS is set up. For example, if it makes more sense to open the app to more than just a single tenant, that should work just the same. We always like to take the "provide the bare minimum permissions to do the thing you need to do" approach, so you might find that you need to open things up more.

    1. Follow the Microsoft documentation to create an App Registration in Entra: Microsoft Documentation.

    2. Set up the app as you see fit. Here are some suggestions:

      • Keep it to a Single Tenant.
      • Redirect URL: https://live.prontoforms.com/security/oauth/connections/httpoauth (documentation found here).
      • When asked for a platform, select Single-Page Application (SPA).
      • Create the Secret (found under the Credentials and Secrets tab). Save this Secret in a safe place as you cannot see it again after you navigate away. If you misplace the secret, you can always create a new one but will need to update the connections.
      • Permissions will be added as needed. You can be selective about what services this app has access to. For this example, we are leveraging MS Graph, so you will want to add the following permissions (all under the Microsoft Graph category):
        • Files.ReadWrite.All (access to OneDrive)
        • Sites.ReadWrite.All (access to SharePoint sites and contents)
        • offline_access
        • User.Read (MS requirement)
      • On the Authentication tab, ensure that you check off the Access Tokens and ID Tokens boxes.
    3. Prepare the information required to create the connection in TrueContext:

      • Base URL: https://graph.microsoft.com/v1.0/
      • Access Token URL: Found on the Overview tab of the App Registration by clicking the "Endpoints" button. Note the URL in the OAuth 2.0 token endpoint (v2) box.
      • Client ID: Found on the Overview tab, this is the Application (client) ID in the Essentials section.
      • Client Secret: This is the Client Secret Value that you copied when you created the new Secret (NOTE: this is not the Client Secret ID, it is the Value).
      • Scopes: Since we are focusing on Graph, the scope you will need to use is https://graph.microsoft.com/.default.
    4. Create the Connection in TrueContext as an HTTP Connection:

      • Using the information from the previous step, follow the steps found here.
      • Click on the Connect button in the connection once all the details have been input, and you should see a "Connection Established" message.
    5. Connection is now ready to be used in data sources and destinations. If you receive any error messages when you hit connect, please double-check the IDs that were input into the Connection.

    Now you can use this connection to access all the different services that the Graph API gives you, just keep in mind that you might need to adjust the App Permissions for the OAuth App, and each time that you make changes to the App on the Entra side, you will need to reconnect the TrueContext Connection to retrieve the latest version of your token.

    Keep your eyes peeled for some specific examples of what you can use this connection for, hoping to cover sending Teams messages to a Channel as the next step.

    #TechTalkImplementation #Microsoft

    ------------------------------
    Ian Chamberlain
    Solutions Architect
    TrueContext
    ------------------------------



Reminder: Content posted to our Community is public content.  Please be careful not to post Intellectual Property that you do not have permission to share.  For more information please refer to our Terms Of Use