SlideShare une entreprise Scribd logo
1  sur  22
Unchain your app’s capabilities with Microsoft Graph
Yannick Plenevaux
yp_code
aOS Luxembourg
16 mai 2019
Yannick Plenevaux
SharePoint & Office 365 Architect
MCSD App Builder
@ yannick.plenevaux@pvx-solutions.com
@yp_code
https://ypcode.wordpress.com
Founder of PVX Solutions
https://www.pvx-solutions.com
aOS Luxembourg
16 mai 2019
Agenda
 Corporate data
 The Microsoft Graph API
 The Graph Explorer
 Security
 Permissions
 Authorization Flow
 Create your app !
 Microsoft Graph in SPFx solutions
 Q&A
aOS Luxembourg
16 mai 2019
Corporate data
Me
E-mails
Events
Documents
Tasks
Content
Groups
People
Organization
Conversations
/ Chats
Devices
Activities
aOS Luxembourg
16 mai 2019
Microsoft 365 data
Me
E-mails
Events
Documents
Tasks
Content
Groups
People
Organization
Conversations
/ Chats
Devices
Activities
aOS Luxembourg
16 mai 2019
The Microsoft Graph API
One API to access and manipulate all corporate data in your app !
V1.0 : Stable and fully supported by Microsoft for Production usage
Beta : Preview of upcoming capabilities.
 Subject to changes  Not supported by Microsoft for Production usage
aOS Luxembourg
16 mai 2019
The Microsoft Graph API
 Only on Microsoft 365 / Office 365 (Cloud)
 Will most likely never come fully on premises !
 Why ?
 It continuously evolves (release each month)
 It uses a lot of machine learning algorithms on interconnected data
from various Microsoft services
 Would be very difficult to setup and maintain…
 It is THE Microsoft Cloud “killer app”  !
 However, some hybrid scenarios are feasible
 Announced at Build 2019 : Include your local Data in Microsoft Graph
aOS Luxembourg
16 mai 2019
The Microsoft Graph API
https://graph.microsoft.com
 Implements OData syntax in most
cases
 $filter
 $select
 $skip / $top
 $expand
 $orderby
 …
 RESTful = HTTP calls
 Read  HTTP GET
 Create  HTTP POST
 Update  HTTP PUT / PATCH
 Delete  HTTP DELETE
Get my 3 next events
GET https://graph.microsoft.com/v1.0/me/events?$filter=start/dateTime gt ‘2019-05-16T00:00:00’&$orderby=start/dateTime asc&$top=3
Get the files in my OneDrive folder
GET https://graph.microsoft.com/v1.0/me/drive/root/children
aOS Luxembourg
16 mai 2019
The Microsoft Graph API
 Accepts JSON as arguments and return JSON responses
 Can be used in any technology with HTTP capabilities
 API client implementation in various technologies
https://developer.microsoft.com/en-us/graph/get-started
aOS Luxembourg
16 mai 2019
The Graph Explorer
 Test the Microsoft Graph API
 In a playground context (read-only)
 With your tenant
real data
https://developer.microsoft.com/en-us/graph/graph-explorer
aOS Luxembourg
16 mai 2019
The Graph Explorer
DEMO
aOS Luxembourg
16 mai 2019
Security: Permissions
 Permissions have to be granted to the application
 Delegated permissions
 The application performs the actions on behalf of a signed-in user.
 “Effective permission” is the least privileged permission between the delegated permission and the real
privilege of the user
 Application permissions (app-only)
 Not signed-in user (background job, automated tasks, …)
 Consent has to be given to the application
 Delegated permissions
 The current user gives consent to the requested permissions
 Administrators can give consent for all users
 Some permissions require an administrator to give consent
 Application permissions
 Only administrators can give consent
https://docs.microsoft.com/en-us/graph/permissions-reference
aOS Luxembourg
16 mai 2019
Security: Authorization flows
Azure AD protected Web API
Authorization Flow Common usage
OpenID Connect Web applications
OAuth 2.0 Implicit Grant Client-side applications (JS)
OAuth 2.0 Auth Code Native (Desktop, Mobile) applications
OAuth 2.0 on-behalf-of Web APIs
OAuth 2.0 Client Credentials App-only (Background jobs, …)
…
The authorization endpoints :
https://login.microsoftonline.com/common/oauth2/v2.0
• /authorize (Sign-in)
• /token (Get access token)
Pass the access token in each Graph
HTTP call headers
Authorization: Bearer <access token>
These authorization flows are mostly handled by the available client APIs !
If not, it can be implemented in any technology with HTTP capabilities
common can be replaced by the tenant id
to target a specific tenant
(e.g. contoso.onmicrosoft.com)
aOS Luxembourg
16 mai 2019
Authorization flow
Web app
Data from API forwarded to user
Microsoft Graph
aOS Luxembourg
16 mai 2019
Authorization flow
Mobile/Desktop app
Microsoft Graph
1 hour
Access Token expires
after 1 hour
Refresh token expires
after 14 days
renewable up to total 90 days
aOS Luxembourg
16 mai 2019
Create your app !
 In order to access graph from an application
 Setup (by Azure AD administrator)
 Need to register the app in Azure AD
 https://aad.portal.azure.com  App registrations
 For Web applications  Need Redirect URI
 Need to request the appropriate permissions for the app to work properly
 At runtime
1. The user signs in
 At first sign-in, the user must give consent to the permissions requested by the application
 Administrators can give consent for all users (can also be done from AAD portal)
 No “sign-in” in app-only context
2. Get Access Token
3. Call the Microsoft Graph endpoint with the Authorization header
set to Bearer <access_token>
aOS Luxembourg
16 mai 2019
Create your app !
DEMO
aOS Luxembourg
16 mai 2019
Microsoft Graph in SPFx solutions
 SPFx v1.6 (Aug. 2018)
 Call to AAD registered app natively supported
 Dedicated feature support for Microsoft Graph
 As in any app using MS Graph
 The appropriate permissions needs to be requested
 The permissions must be granted by a SharePoint global
administrator
 No need to access Azure AD portal
 SPFx integrated library to automatically handle the access token
internal plumbing
aOS Luxembourg
16 mai 2019
Microsoft Graph in SPFx solutions
DEMO
aOS Luxembourg
16 mai 2019
Microsoft Graph in SPFx solutions
Leverage your corporate data using Microsoft Graph
 In your SharePoint customizations
 In your custom Microsoft Teams Tabs
 Soon in your Office add-ins ! ( Word, Excel, PowerPoint, Outlook)
 Public announcements are expected at SPC this month !
Using ONE Framework and even ONE codebase
aOS Luxembourg
16 mai 2019
Unchain your app’s capabilities with
Microsoft Graph
Questions ?
Merci à notre sponsor !

Contenu connexe

Similaire à 2019 05-16 unchain your app's capabilities with microsft graph a os luxembourg

App Model For SharePoint 2013
App Model For SharePoint 2013App Model For SharePoint 2013
App Model For SharePoint 2013Toni Il Caiser
 
Building Intelligent Apps Using Microsoft Graph
Building Intelligent Apps Using Microsoft GraphBuilding Intelligent Apps Using Microsoft Graph
Building Intelligent Apps Using Microsoft GraphRoy Sheinfeld
 
2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...
2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...
2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...Patrick Guimonet
 
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint FrameworkharePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint FrameworkJenkins NS
 
2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...
2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...
2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...aOS Community
 
Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...
Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...
Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...Adis Jugo
 
Publishing & Consuming Web APIs on Azure
Publishing & Consuming Web APIs on AzurePublishing & Consuming Web APIs on Azure
Publishing & Consuming Web APIs on AzureParis Polyzos
 
Cloud technology (Mashup) + Case Study
Cloud technology (Mashup) + Case StudyCloud technology (Mashup) + Case Study
Cloud technology (Mashup) + Case StudyMustafa Salam
 
Event Calendar - Android App Development
Event Calendar -  Android App DevelopmentEvent Calendar -  Android App Development
Event Calendar - Android App DevelopmentMobilunity
 
Relearning SharePoint Development
Relearning SharePoint DevelopmentRelearning SharePoint Development
Relearning SharePoint Developmentbgerman
 
Make Good Apps great - Using IBM MobileFirst Foundation
Make Good Apps great - Using IBM MobileFirst FoundationMake Good Apps great - Using IBM MobileFirst Foundation
Make Good Apps great - Using IBM MobileFirst FoundationAjay Chebbi
 
2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...
2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...
2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...Patrick Guimonet
 
iOS & Android Application Development - Pee Dee User Group Meeting
iOS & Android Application Development - Pee Dee User Group MeetingiOS & Android Application Development - Pee Dee User Group Meeting
iOS & Android Application Development - Pee Dee User Group MeetingJim Tochterman
 
ICICT cms presentation
ICICT cms presentationICICT cms presentation
ICICT cms presentationUmer Jabbar
 
Licensing for cross-platform applications made with Python, PHP, and JavaScript
Licensing for cross-platform applications made with Python, PHP, and JavaScriptLicensing for cross-platform applications made with Python, PHP, and JavaScript
Licensing for cross-platform applications made with Python, PHP, and JavaScriptteam-WIBU
 
How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi...
 How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi... How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi...
How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi...Aimore Technologies
 
Where Do Cross-Platform App Frameworks Stand in 2020?
Where Do Cross-Platform App Frameworks Stand in 2020?Where Do Cross-Platform App Frameworks Stand in 2020?
Where Do Cross-Platform App Frameworks Stand in 2020?Marianne Harness
 
How App Indexation Works
How App Indexation WorksHow App Indexation Works
How App Indexation WorksSerenaPearson2
 

Similaire à 2019 05-16 unchain your app's capabilities with microsft graph a os luxembourg (20)

App Model For SharePoint 2013
App Model For SharePoint 2013App Model For SharePoint 2013
App Model For SharePoint 2013
 
Building Intelligent Apps Using Microsoft Graph
Building Intelligent Apps Using Microsoft GraphBuilding Intelligent Apps Using Microsoft Graph
Building Intelligent Apps Using Microsoft Graph
 
2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...
2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...
2019 11-13 MS Ignite The Tour Paris - Integrate Power Platform with SharePoin...
 
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint FrameworkharePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
 
2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...
2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...
2019-05-16 aOS Luxembourg - 3 - Applications modernes ? Le zéro code - Antoin...
 
Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...
Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...
Stronger than Chuck Norris: SharePoint in clouds, on earth, in subway and in ...
 
Publishing & Consuming Web APIs on Azure
Publishing & Consuming Web APIs on AzurePublishing & Consuming Web APIs on Azure
Publishing & Consuming Web APIs on Azure
 
Cloud technology (Mashup) + Case Study
Cloud technology (Mashup) + Case StudyCloud technology (Mashup) + Case Study
Cloud technology (Mashup) + Case Study
 
Event Calendar - Android App Development
Event Calendar -  Android App DevelopmentEvent Calendar -  Android App Development
Event Calendar - Android App Development
 
Relearning SharePoint Development
Relearning SharePoint DevelopmentRelearning SharePoint Development
Relearning SharePoint Development
 
Make Good Apps great - Using IBM MobileFirst Foundation
Make Good Apps great - Using IBM MobileFirst FoundationMake Good Apps great - Using IBM MobileFirst Foundation
Make Good Apps great - Using IBM MobileFirst Foundation
 
2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...
2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...
2020 01-27 MS Ignite The Tour Milan - Integrate Power Platform with SharePoin...
 
iOS & Android Application Development - Pee Dee User Group Meeting
iOS & Android Application Development - Pee Dee User Group MeetingiOS & Android Application Development - Pee Dee User Group Meeting
iOS & Android Application Development - Pee Dee User Group Meeting
 
ICICT cms presentation
ICICT cms presentationICICT cms presentation
ICICT cms presentation
 
Licensing for cross-platform applications made with Python, PHP, and JavaScript
Licensing for cross-platform applications made with Python, PHP, and JavaScriptLicensing for cross-platform applications made with Python, PHP, and JavaScript
Licensing for cross-platform applications made with Python, PHP, and JavaScript
 
How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi...
 How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi... How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi...
How DotNet, SharePoint, and Azure helps to build a Custom Web Application wi...
 
Firefox OS Presentation
Firefox OS PresentationFirefox OS Presentation
Firefox OS Presentation
 
Where Do Cross-Platform App Frameworks Stand in 2020?
Where Do Cross-Platform App Frameworks Stand in 2020?Where Do Cross-Platform App Frameworks Stand in 2020?
Where Do Cross-Platform App Frameworks Stand in 2020?
 
How App Indexation Works
How App Indexation WorksHow App Indexation Works
How App Indexation Works
 
Android-GDSC.pptx
Android-GDSC.pptxAndroid-GDSC.pptx
Android-GDSC.pptx
 

Dernier

WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Eraconfluent
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2
 
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypseTomasz Kowalczewski
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2
 
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...WSO2
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2
 
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...WSO2
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million PeopleWSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million PeopleWSO2
 

Dernier (20)

WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Era
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
 
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - Kanchana
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million PeopleWSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
 

2019 05-16 unchain your app's capabilities with microsft graph a os luxembourg

  • 1. Unchain your app’s capabilities with Microsoft Graph Yannick Plenevaux yp_code
  • 2. aOS Luxembourg 16 mai 2019 Yannick Plenevaux SharePoint & Office 365 Architect MCSD App Builder @ yannick.plenevaux@pvx-solutions.com @yp_code https://ypcode.wordpress.com Founder of PVX Solutions https://www.pvx-solutions.com
  • 3. aOS Luxembourg 16 mai 2019 Agenda  Corporate data  The Microsoft Graph API  The Graph Explorer  Security  Permissions  Authorization Flow  Create your app !  Microsoft Graph in SPFx solutions  Q&A
  • 4. aOS Luxembourg 16 mai 2019 Corporate data Me E-mails Events Documents Tasks Content Groups People Organization Conversations / Chats Devices Activities
  • 5. aOS Luxembourg 16 mai 2019 Microsoft 365 data Me E-mails Events Documents Tasks Content Groups People Organization Conversations / Chats Devices Activities
  • 6. aOS Luxembourg 16 mai 2019 The Microsoft Graph API One API to access and manipulate all corporate data in your app ! V1.0 : Stable and fully supported by Microsoft for Production usage Beta : Preview of upcoming capabilities.  Subject to changes  Not supported by Microsoft for Production usage
  • 7. aOS Luxembourg 16 mai 2019 The Microsoft Graph API  Only on Microsoft 365 / Office 365 (Cloud)  Will most likely never come fully on premises !  Why ?  It continuously evolves (release each month)  It uses a lot of machine learning algorithms on interconnected data from various Microsoft services  Would be very difficult to setup and maintain…  It is THE Microsoft Cloud “killer app”  !  However, some hybrid scenarios are feasible  Announced at Build 2019 : Include your local Data in Microsoft Graph
  • 8. aOS Luxembourg 16 mai 2019 The Microsoft Graph API https://graph.microsoft.com  Implements OData syntax in most cases  $filter  $select  $skip / $top  $expand  $orderby  …  RESTful = HTTP calls  Read  HTTP GET  Create  HTTP POST  Update  HTTP PUT / PATCH  Delete  HTTP DELETE Get my 3 next events GET https://graph.microsoft.com/v1.0/me/events?$filter=start/dateTime gt ‘2019-05-16T00:00:00’&$orderby=start/dateTime asc&$top=3 Get the files in my OneDrive folder GET https://graph.microsoft.com/v1.0/me/drive/root/children
  • 9. aOS Luxembourg 16 mai 2019 The Microsoft Graph API  Accepts JSON as arguments and return JSON responses  Can be used in any technology with HTTP capabilities  API client implementation in various technologies https://developer.microsoft.com/en-us/graph/get-started
  • 10. aOS Luxembourg 16 mai 2019 The Graph Explorer  Test the Microsoft Graph API  In a playground context (read-only)  With your tenant real data https://developer.microsoft.com/en-us/graph/graph-explorer
  • 11. aOS Luxembourg 16 mai 2019 The Graph Explorer DEMO
  • 12. aOS Luxembourg 16 mai 2019 Security: Permissions  Permissions have to be granted to the application  Delegated permissions  The application performs the actions on behalf of a signed-in user.  “Effective permission” is the least privileged permission between the delegated permission and the real privilege of the user  Application permissions (app-only)  Not signed-in user (background job, automated tasks, …)  Consent has to be given to the application  Delegated permissions  The current user gives consent to the requested permissions  Administrators can give consent for all users  Some permissions require an administrator to give consent  Application permissions  Only administrators can give consent https://docs.microsoft.com/en-us/graph/permissions-reference
  • 13. aOS Luxembourg 16 mai 2019 Security: Authorization flows Azure AD protected Web API Authorization Flow Common usage OpenID Connect Web applications OAuth 2.0 Implicit Grant Client-side applications (JS) OAuth 2.0 Auth Code Native (Desktop, Mobile) applications OAuth 2.0 on-behalf-of Web APIs OAuth 2.0 Client Credentials App-only (Background jobs, …) … The authorization endpoints : https://login.microsoftonline.com/common/oauth2/v2.0 • /authorize (Sign-in) • /token (Get access token) Pass the access token in each Graph HTTP call headers Authorization: Bearer <access token> These authorization flows are mostly handled by the available client APIs ! If not, it can be implemented in any technology with HTTP capabilities common can be replaced by the tenant id to target a specific tenant (e.g. contoso.onmicrosoft.com)
  • 14. aOS Luxembourg 16 mai 2019 Authorization flow Web app Data from API forwarded to user Microsoft Graph
  • 15. aOS Luxembourg 16 mai 2019 Authorization flow Mobile/Desktop app Microsoft Graph 1 hour Access Token expires after 1 hour Refresh token expires after 14 days renewable up to total 90 days
  • 16. aOS Luxembourg 16 mai 2019 Create your app !  In order to access graph from an application  Setup (by Azure AD administrator)  Need to register the app in Azure AD  https://aad.portal.azure.com  App registrations  For Web applications  Need Redirect URI  Need to request the appropriate permissions for the app to work properly  At runtime 1. The user signs in  At first sign-in, the user must give consent to the permissions requested by the application  Administrators can give consent for all users (can also be done from AAD portal)  No “sign-in” in app-only context 2. Get Access Token 3. Call the Microsoft Graph endpoint with the Authorization header set to Bearer <access_token>
  • 17. aOS Luxembourg 16 mai 2019 Create your app ! DEMO
  • 18. aOS Luxembourg 16 mai 2019 Microsoft Graph in SPFx solutions  SPFx v1.6 (Aug. 2018)  Call to AAD registered app natively supported  Dedicated feature support for Microsoft Graph  As in any app using MS Graph  The appropriate permissions needs to be requested  The permissions must be granted by a SharePoint global administrator  No need to access Azure AD portal  SPFx integrated library to automatically handle the access token internal plumbing
  • 19. aOS Luxembourg 16 mai 2019 Microsoft Graph in SPFx solutions DEMO
  • 20. aOS Luxembourg 16 mai 2019 Microsoft Graph in SPFx solutions Leverage your corporate data using Microsoft Graph  In your SharePoint customizations  In your custom Microsoft Teams Tabs  Soon in your Office add-ins ! ( Word, Excel, PowerPoint, Outlook)  Public announcements are expected at SPC this month ! Using ONE Framework and even ONE codebase
  • 21. aOS Luxembourg 16 mai 2019 Unchain your app’s capabilities with Microsoft Graph Questions ?
  • 22. Merci à notre sponsor !