Strategies for Landing an Oracle DBA Job as a Fresher
Change Notifications in Azure Event Hubs-April 2021
1. Microsoft identity platform
Apr 15, 2021 | 9:00AM PST
Community call
Get Change notification delivered
via Azure Event Hubs
George Juma
Microsoft
Kalyan Krishna
Microsoft
2. Introduction
• First things first
• Please note: We are recording this call so those unable to attend can benefit from the recording.
• This call is designed for developers who implement or are interested in implementing Microsoft identity platform
solutions.
• What kind of topics will we discuss?
• We will address development related topics submitted to us by the community for discussion.
• We build a pipeline of topics for the next few weeks, please submit your feedback and topic suggestions -
https://aka.ms/IDDevCommunityCallSurvey
• View recordings on the Microsoft 365 Developer YouTube channel - https://aka.ms/M365DevYouTube
• Follow us on Twitter @Microsoft365Dev and @azuread
• This is NOT a support channel. Please use Stack Overflow to ask your immediate support related questions.
• When is the next session?
• Community Calls: Monthly – 3rd Thursday of every month
• Next Identity Developer Community Call: May 20th
3. Microsoft identity platform
Apr 15, 2021 | 9:00AM PST
Community call
Get Change notification delivered
via Azure Event Hubs
George Juma
Microsoft
Kalyan Krishna
Microsoft
4. About this session
Brief introduction to Graph change notification (WebHooks)
Change notifications delivered via Azure Event hubs
5. Extend Microsoft 365 experiences Build your experience
Documents Conversations Portals Timeline Search
Web
apps
Bots &
agents
Device
& native
Daemon
apps
Workflow
automation
Analytics
apps
Microsoft Graph API
People Chats Files Devices Mail Events
Lists Security Search
Alerts
Microsoft 365
7. Webhooks
• Allows applications to be notified when data changes in the Microsoft Graph
• Subscribe to particular notifications
• Renew subscriptions for notifications as needed
• Combine notifications with track changes for robust data notifications
• Subscribe to rich change notification to get notifications with resource data
8. Webhooks
• Get notifications for messages, events, contacts, users, groups,
conversations, OneDrive files & alerts endpoints
• Stay up to date and in-sync with data in the Microsoft Graph
• No “polling” at regular intervals required
• Never miss a change
Why
Webhooks
9. The Microsoft Graph uses the webhook mechanism to
deliver change notifications to clients.
A client is a web service that configures its own URL to
receive notifications from Microsoft Graph.
Webhooks
Using
Webhooks
10. Which of the following are you most familiar with
A. Azure Event Hubs
B. Azure Event Grids
C. Azure Storage Queues
D. Web sockets e.g., Socket.io
11. Do you use changenotifications (webhooks) in your app(s) today?
A. Yes, [supported scenario]
B. No
12. Get Change notifications delivered through Azure Event Hubs
Allows Change notifications to be delivered through Azure Event Hubs.
Azure Event Hubs is a popular real-time events ingestion and distribution service built for scale.
You can use Azure Events Hubs instead of traditional webhooks to receive change notifications.
Specifically built to target:
High throughput scenarios
The receiver cannot or does not want to expose a publicly available URL
Temporizing the change notifications (in case your service needs to go offline for maintenance, for
example).
Using Azure Event Hubs to receive change notifications
13. Get Change notifications delivered through Azure Event Hubs
Examples of high throughput scenarios:
Applications subscribing to a large set of resources
Applications subscribing to resources that change with a high frequency
Multi-tenant applications that subscribe to resources across a large set of organizations
This change notifications delivery mode is available for all resources that support Microsoft Graph change
notifications.
Using Azure Event Hubs to receive change notifications
14. Get Change notifications delivered through Azure Event Hubs
Microsoft
Graph
Key Vault
Microsoft Graph
Change Tracking
Event Hub
Your application
Create subscription
Get EventHub connection string
Place notifications in event hub
Retrieve messages from event hub
15. Get Change notifications delivered through Azure Event Hubs
How it works.
You'll need to provision an Azure Event Hub and Azure Storage.
Create a shared access policy with a "Listen" permission and obtain the
connection string. Follow the steps listed in
• Configuring the Azure Event Hub and
• Send events to and receive events from Azure Event Hubs - .NET.
You'll need to provision an Azure Key Vault.
Give access to the Microsoft Graph Change Tracking to your KeyVault entry
Use the Event Hubs SDK will relay the notifications to your application.
You don't need to reply to the notification URL validation. You can ignore the validation message that you receive.
16. Why Key Vault
In order to access the Event Hub securely and to allow for key rotations, Microsoft Graph gets the
connection string to the Event Hub through Azure Key Vault.
So, you need to :
• Create an Azure Key Vault to store secret.
• Add the connection string to the Event Hub as a secret.
• Add an access policy for Microsoft Graph (Microsoft Graph Change Tracking) to access the secret.
After you create the required Azure KeyVault and Azure Event Hubs services, you can go ahead and create
your subscription and start receiving change notifications via Azure Event Hubs.
But wait, the notification URL is constructed differently too..
17. The new NotificationURL
Its set as
EventHub:https://<azurekeyvaultname>.vault.azure.net/secrets/<secretname>?tenantId=<domainname>
with the following values:
azurekeyvaultname - The name you gave to the key vault when you created it. Can be found in the DNS name.
secretname - The name you gave to the secret when you created it. Can be found on the Azure Key Vault Secrets page.
domainname - The name of your tenant; for example, consto.onmicrosoft.com or contoso.com. Because this domain will be used to
access the Azure Key Vault, it is important that it matches the domain used by the Azure subscription that holds the Azure Key Vault. To get
this information, you can go to the overview page of the Azure Key Vault you created and click the subscription. The domain name is
displayed under the Directory field.
{
"changeType": "Updated,Deleted",
"notificationUrl": "EventHub:https://<your keyvault name>.vault.azure.net/secrets/<your secret name>?tenantId=contoso.onmicrosoft.com",
"resource": "users",
"expirationDateTime": "2021-08-15T00:00:00Z",
"clientState": "suresecret1"
}
20. Resources
Use the Microsoft Graph API to get change notifications
Using Azure Event Hubs to receive change notifications
Microsoft Graph Training Module - Using Change Notifications and Track Changes with Microsoft Graph
Azure Event Hubs — A big data streaming platform and event ingestion service
22. Recording will be available soon on our
Microsoft 365 Developer YouTube channel
https://aka.ms/M365DevYouTube
(subscribe today)
Follow us on Twitter
@Microsoft365Dev and @azuread
Next call: Apr 15th at 9:00am PST
https://aka.ms/IDDevCommunityCalendar
Thank you
Notes de l'éditeur
Now, we can't talk about change notifications in Microsoft Graph without first speaking about the Microsoft Graph itself. But what is Microsoft Graph?
There are many teams that build the applications and services that make the Microsoft 365 ecosystem. In the past each of these teams exposed their own API. Well, you can imagine how difficult it was to handle with all of them at the same time to build an application, right?
The Microsoft Graph is the gateway to data and intelligence in Microsoft 365 giving developers a unified programmability model to take advantage of the tremendous amount of data in Office 365, Enterprise Mobility + Security and Windows 10 under a single consistent API which directs the calls to the right source. That way, developers don’t need to know where exactly the data lives. And now you may ask: "Ok, but what is the benefit of not knowing where the data lives?" Well, it's quite simple to answer that, you don't need multiple tokens to access multiple APIs for example.
To make this more concrete, let's give you some examples.
With Microsoft Graph, apps and services can leverage this incredibly rich data set from M365 thanks to the Microsoft Graph service, which directs the calls to the right source so developer don’t need to know where exactly the data lives. Graph also aggregates calls for efficiency and performance, and allows the developer to easily traverse the graph of data. This way, it’s easy to build an app that – for example – based on a security alert in a tenant, can traverse the graph to see which users might be affected, and for each user, which devices and documents might be affected – thus making it easy to connect data from across many services to solve for real business scenarios.
And some of these scenarios include :
building apps for identity-centric scenarios - where users, and other AAD-centric and directory data is at the center – for example, like pulling in who is someone's manager or what organization they are in.
Devs can build apps with richer content – Access deep insights generated from usage patterns, such as trending documents, best team meeting times, or who people typically work with.
Devs can also build apps with deep insights based on machine learning algorithms that power some of the Graph APIs.
And finally devs can build apps with real time updates of the data – for businesses that run in real time. Developers can respond to changes in Microsoft Graph data in real time. For example, reschedule a meeting based on responses, notify others when a file is modified, or continue a process after it's been approved.
We’re super excited to make Microsoft Graph the gateway to data and intelligence in Microsoft 365 and give developers a unified programmability model to take advantage of the tremendous amount of data in Office 365, Enterprise Mobility + Security, and Windows 10. And we’ve also recently added Dynamics 365 Business Central data in Microsoft Graph.
8
Many custom applications have a need to track and replicate changes between two systems. For example, updates to user information in the master Azure AD directory for an organization, such as office addresses, manager, and contact phone numbers need to be recorded in time reporting systems or other back-office platforms. One way developers can monitor a source system for changes is by polling the system to detect changes.
As you learned in a previous unit, an alternative to the polling pattern, developers can leverage change notifications in Microsoft Graph to be notified when entities change. While this addresses one part of the problem, what happens in the case where a the webhook notificationUrl is unreachable for some reason? In this case, your application may miss changes to entities. In addition, what happens if in cases where the application can not cope with the high number of changes especially in multi tenant scenarios due to lack of resources.
There's another option that developers can leverage for such scenarios in Microsoft Graph. Setting up an Azure event hub and creating a subscription that sends notifications to the event hub solves the problem. You can create an event hub listener related with your subscription.
Microsoft Graph will send all changes to your resource to the Azure Event hub. Your azure event hub listener can then get the change notifications.
Webhooks are HTTP requests made from Microsoft Graph to a web endpoint that you configure when creating the subscription. The endpoint uses HTTPS protocol, the endpoint must be publicly accessible (you cannot register an endpoint that is non-routable or behind a firewall such as https://localhost). During testing you can use a proxy such as ngrok.
Many custom applications have a need to track and replicate changes between two systems. For example, updates to user information in the master Azure AD directory for an organization, such as office addresses, manager, and contact phone numbers need to be recorded in time reporting systems or other back-office platforms. One way developers can monitor a source system for changes is by polling the system to detect changes.
As you learned in a previous unit, an alternative to the polling pattern, developers can leverage change notifications in Microsoft Graph to be notified when entities change. While this addresses one part of the problem, what happens in the case where a the webhook notificationUrl is unreachable for some reason? In this case, your application may miss changes to entities. In addition, what happens if in cases where the application can not cope with the high number of changes especially in multi tenant scenarios due to lack of resources.
There's another option that developers can leverage for such scenarios in Microsoft Graph. Setting up an Azure event hub and creating a subscription that sends notifications to the event hub solves the problem. You can create an event hub listener related with your subscription.
Microsoft Graph will send all changes to your resource to the Azure Event hub. Your azure event hub listener can then get the change notifications.