Embed Size (px)
Citation preview
Microsoft GraphBecky Bertram
April 13, 2017
SharePoint User Group
About Me
• Owner of Savvy Technical Solutions• 8x SharePoint MVP• Co-author of Wrox’s SharePont Six-in-One• Authored several Microsoft professional
exams• Microsoft Certified Trainer alum• Instructor of online Office 365 courseware at
Opsgility• Wife and mother of 3 kids, aged 5, 3, and 1
http://www.savvytechnicalsolutions.com@beckybertram
What is Microsoft Graph?
No Really, What is Microsoft Graph?
• Microsoft Graph exposes multiple APIs from Office 365 and other Microsoft cloud services through a single endpoint: https://graph.microsoft.com. Microsoft Graph simplifies queries that would otherwise be more complex.
• Bottom line: unified REST API for Office 365
DelveDebut of the Office Graph in action:
• Combines data from Outlook, SharePoint, OneDrive, etc.
• Takes into account social proximity
Microsoft Development Stack
Source: https://developer.microsoft.com/en-us/graph/docs/overview/overview
Note the bottom says “Insights and relationships from Office graph”. Not just retrieving objects, but retrieving more detailed reports and analysis.
Data
Graph API Endpoint ExamplesOperation Service endpoint
GET my profile https://graph.microsoft.com/v1.0/me
GET my files https://graph.microsoft.com/v1.0/me/drive/root/children
GET my high importance email https://graph.microsoft.com/v1.0/me/messages?$filter=importance%20eq%20'high'
GET my calendar https://graph.microsoft.com/v1.0/me/calendar
GET my manager https://graph.microsoft.com/v1.0/me/manager
GET last user to modify file foo.txt
https://graph.microsoft.com/v1.0/me/drive/root/children/foo.txt/lastModifiedByUser
GET unified groups I’m member of
https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.group?$filter=groupTypes/any(a:a%20eq%20'unified')
GET group conversations https://graph.microsoft.com/v1.0/groups/{id}/conversations
GET people related to me https://graph.microsoft.com/beta/me/people
GET items trending around me https://graph.microsoft.com/beta/me/insights/trending
GET my tasks https://graph.microsoft.com/beta/me/tasks
GET my notes https://graph.microsoft.com/beta/me/notes/notebooks
Source: https://developer.microsoft.com/en-us/graph/docs/overview/overview
Graph Relationships
Similar to OOP, objects can be related to other objects• access “drives/{drive-id}” to access files in a particular
location
• access “me/drive” to access the current user’s OneDrive
• access “/sharePoint/sites/{site-id}/drives” enumerate the document libraries inside a SharePoint site.
Graph Domains v1.0V1.0 Lets You Interact With…
Users Profile information including photo and org chart, Outlook calendar and contact information, OneDrive, Group membership, AD group membership and devices
OneDrive OneDrive document library or files in OneDrive, get or create sharing info including sharing links
Excel Workbooks in Excel
Attachment Attachments related to a calendar, message, or thread post
Outlook Mail Work with mail folders, messages, and focused inbox
Outlook Calendar Events, calendars, calendar views
Personal Contact Contacts and contact folders
Groups An Azure AD group which can also be an Office 365 group, dynamic group, or security group. Can also access group photo, calendar, posts, conversations, and files related to that group.
Directory Base type for any Azure AD object. Includes information about company SKU and ability to configure invitations to external users.
Graph Domains (beta)Beta Additionally interact with
Users Planner tasks, OneNote notebooks, “People” (combining information about people across your contact list, Azure AD, social networking, etc.), Insights (“trending” documents around a user)
People and Social Aggregates people information, ordered by frequency and relationship around user. Lets you manage mentions (@) and insights (what’s trending around a user and users with whom someone has been working.)
Planner Tasks Manage tasks, task board (including format), buckets, plans, plan details.
OneNote Manage OneNote files including sections, pages, etc.
SharePoint Access to SharePoint sites, lists, and libraries (“drives”), and items.
Privileged Identity Management
List users and roles for “Privileged Identity Management”, an Azure AD service that allows the ability to report on admin activities and grant temporary admin access.
Identity Protection Get and list reports about risks and breaches such as malware, leaked credentials, unfamiliar location, etc.
Reports Retrieve various reports such as activity and usage for SharePoint, OneDrive, Yammer, E-mail, S4B, Office 365 groups, as well as Office 365 activations, active users, and group activity.
Intune Manage apps, devices, enrollment, onboarding, role-based access control, and more.
Graph Explorerhttps://developer.microsoft.com/en-us/graph/graph-explorer/
Webhooks
Graph uses webhooks to deliver notifications to clients.
An app can subscribe to changes on the following resources:
• Messages
• Events
• Contacts
• Group conversations
• Drive root items
After Microsoft Graph accepts the subscription request, it pushes notifications to the URL specified in the subscription.
Source: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/resources/webhooks
Paging
Possible to enable paging using $skiptoken to retrieve next page of results.
When used with “previous-page=true”, it’s possible to page backwards.
https://graph.microsoft.com/v1.0/users?$top=5$skiptoken=X'4453707.....00000'&previous-page=true
Extensions
Open Extensions
• Possible to perform CRUD operations on untyped data not already included in Graph.
• Use your own (reverse) namespace.
POST https://graph.microsoft.com/beta/me/messages
{"subject": "Annual review","body": {
"contentType": "HTML","content": "You should be proud!"
},"toRecipients": [
{"emailAddress": {
"address": "[email protected]"}
}],"extensions": [
{"@odata.type": "Microsoft.Graph.OpenTypeExtension","extensionName": "Com.Contoso.Referral","companyName": "Wingtip Toys","expirationDate": "2015-12-30T11:00:00.000Z","dealValue": 10000
}]
}
Schema Extensions (preview)
Create strongly typed extensions to the Graph which can be used in CRUD operations
1. Check to see if your extension namespace is already being used. (If so, perhaps you can reuse it.)
2. Register a schema extension definition.
3. Create your new resource using your new schema.
4. Retrieve and/or update resource with extension data.
POST https://graph.microsoft.com/beta/schemaExtensionsContent-type: application/json{
"id":"graphlearn_courses","description": "Graph Learn training courses extensions","targetTypes": [
"Group"],"properties": [
{"name": "courseId","type": "Integer"
},{
"name": "courseName","type": "String"
},{
"name": "courseType","type": "String"
}]
}
POST https://graph.microsoft.com/beta/groupsContent-type: application/json{
"displayName": "New Managers March 2017","description": "New Managers training course
for March 2017","groupTypes": ["Unified"],"mailEnabled": true,"mailNickname": "newMan201703","securityEnabled": false,"graphlearn_courses": {
"courseId":"123","courseName":"New Managers","courseType":"Online"
}}
Delta query (preview)
• Ability to perform multiple queries and retrieve only what has changed.
• Works for:• Calendar events in primary calendar• Groups• Mail folders• Messages in a folder• Personal contact folders• Personal contacts in a folder• Users• Drive items
Authorization
Authorization TypesTo access a user's Microsoft data, your application must enable users to authenticate their identity and give their consent for the app to perform actions on their behalf.
The Microsoft Graph supports two authentication providers:
Note: Your app might not work if your enterprise customer turns on enterprise mobility security features like conditional device access.
Azure AD 2.0 endpoint Azure AD
Works with Organizational and personal accounts Orgnizational accounts
Register App Using Microsoft Application Registration Portalhttps://apps.dev.microsoft.com
Azure Portal
Source: https://developer.microsoft.com/en-us/graph/docs/authorization/auth_overview
DevelopmentEnvironment
Available Toolsets
• ASP.NET MVC
• Universal Windows App
• iOS
• Android
• Angular
• Node.js
• PHP
• Python
• Ruby
• REST
• Xamarin
Visual Studio and ASP.NET MVC
• Get Microsoft.Graph API via NuGet Manager
• Use Microsoft.Identity.Client –Pre • Not available when browsing nuget but can be manually
installed using Nuget Package Manager Console
PM > Install-Package Microsoft.Identity.Client -Pre
https://www.nuget.org/packages/Microsoft.Identity.Client
Solution
Sample Apps
• Documentation very good for implementation
• ASP.NET MVC provides a download solution (browsablein GitHub) and gives detailed instructions how to modify the project to add authentication and app code)
ASP.NET MVC Example
Graph and SharePoint
Endpoints for SharePoint
/sharePoint/site
/sharePoint/sites
/sharePoint/sites/{site-id}
/sharePoint/sites/{site-id}/sites
/sharePoint/sites/{site-id}/lists
/sharePoint/sites/{site-id}/lists/{list-id}/items
/sharePoint/sites/{site-id}/drives
SharePoint Endpoints Using Paths
/sharePoint:/teams/hr
/sharePoint:/teams/hr/Lists/Employees
/sharePoint:/teams/hr:/lists/{list-id}
/sharePoint:/teams/hr/Documents/NewHireGuide.docx
SPFx and Graph
Problematic at best but still possible
Things to consider
• OAuth implicit flow and page registrations
• Multiple web parts per page
• SPFx web parts are highly trusted
• The web parts using OAuth and the Auzre AD login (https://login.microsoftonline.com) page must be in the same zone
• Short authentication window means frequent log-ins
Source: https://dev.office.com/sharepoint/docs/spfx/web-parts/guidance/call-microsoft-graph-from-your-web-part
Questions?
