Microsoft Graph an Overview Johnathan Lightfoot Owner, Techforce, LLC How to Join Poll Everywhere Questions Web

Microsoft Graph an Overview Johnathan Lightfoot Owner, TechForce, LLC How To Join Poll Everywhere Questions Web

Go to PollEv.com Enter Jlightfoot158 Respond to Activity Thank You Thank You Introduction

• In IT over 20 years • Worked with Microsoft Products since childhood • Co-Authored three books on SharePoint • A Microsoft Certified Trainer with various certifications • Born in Miami, Florida • Enjoys….Ooh look a squirrel!

Microsoft Graph Overview • Microsoft Graph, what and why

• 5 steps to your first Graph app • App patterns

• 5 tips and tricks to become a Graph coder Office 365 Your tailored Windows 10 experiences or customizations Enterprise Mobility + Security 1 billion 1 million 100 billion users across work, monthly active apps using Microsoft Graph life and edu Microsoft Identity requests per month

Your tailored experiences or customizations

18 trillion 90% 180 million Microsoft Graph nodes Fortune 500 monthly active users of Office 365 commercial Microsoft 365 Platform

Extend Microsoft 365 experiences Build your experience

Web Bots & Device Daemon Workflow Documents Conversations Portals Timeline Search Analytics apps agents & native apps automation apps

Microsoft Graph REST APIs and webhooks

Your local data Microsoft Graph Azure AI platform Microsoft Graph Office 365 Windows 10 Enterprise Mobility + Security Connectors data connect

Microsoft Identity Microsoft Graph “a la carte” data and services

Apps Web Native Bots Flows Automation Analytics

Auth

Libraries

Capabilities

Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect

Data Microsoft 365 Your domain Microsoft Graph-powered web apps—example

Apps Web Native Bots Flows Automation Analytics

Auth

Libraries

Capabilities

Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect

Data Microsoft 365 Your domain Microsoft Graph-powered automation app— example

Apps Web Native Bots Flows Automation Analytics

Auth

Libraries

Capabilities

Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect

Data Microsoft 365 Your domain Microsoft Graph Gateway to your data in the Microsoft cloud

https://graph.microsoft.com

Office 365 Windows 10 Enterprise Mobility + Security

Users, Groups, Organizations Activities Azure AD Outlook Device Relay Intune SharePoint Commands Identity Manager OneDrive Advanced Threat Analytics Notifications Teams Advanced Threat Protection Planner Excel Dynamics 365 OneNote Business Central

Mail, Calendar, Channels, Messages Identity Management Administrative Units Alerts

Contacts and Tasks Tasks and Plans Access Control Applications and Devices Policies Sites and Lists Spreadsheets Synchronization Advanced Threat Analytics and more…

Drives and Files Notes, and more… Domains Advanced Threat Protection 5 simple steps 1. Try Graph Explorer (https://aka.ms/ge) 2. Browse the API reference and docs 3. Try a quickstart and training 4. Use the SDK 5. Register your app

Then…. happy coding!

5 simple steps 1. Try Graph Explorer (https://aka.ms/ge) 2. Browse the API reference and docs 3. Try a quickstart and training 4. Use the SDK 5. Register your app

Then…. happy coding!

• Small airline, 95% US domestic • 4,500 flight crew • 60 developers, mostly Web/mobile • Mixed cloud platform • M365 E5 subscribers Scheduling app for Lost luggage helper New flight crew Flight crew analysis flight crew provisioning App patterns

• Example • Auth • Challenge • Decision • Tip Web apps, device & native apps

• Example: flight schedule management • Auth: interactive login • Challenge: offline sync • Decision: middle-tier or direct • Tip: use Microsoft Graph toolkit

Bots and Agents

• Example: lost luggage finder • Auth: OAuthPrompt • Challenge: limited or no UI • Decision: create or reuse skills • Tip: Use adaptive cards

Background process & automation apps

• Example: new employee provisioning • Auth: app only • Challenge: throttling • Decision: how to detect changes • Tip: use Microsoft Graph SDK

Analytic apps

• Example: flight crew analysis • Auth: app only • Challenge: scale and privacy • Decision: where to unify data • Tip: use Microsoft Graph data connect

Scheduling app for Lost luggage helper New flight crew Flight crew analysis flight crew provisioning BRK3082 BRK4011 BRK3079 BRK4010

Example Scheduling app for Lost luggage helper New flight crew Flight crew analysis flight crew provisioning Auth Interactive user Device code App only App only Challenge Offline sync Limited real estate Throttling Security and privacy Decision Middle tier or no Bot or not How to get changes Where to unify data Ingredients Microsoft Graph toolkit Adaptive cards Azure Functions Microsoft Graph data bindings connect 5 tips and tricks 1. Know the 7 basic operations

2. Learn the 7 basic query parameters

3. Watch for server-side pagination

4. Investigate other query patterns (webhook+delta)

5. Use least privileged permissions

TIP 1 | Know the 7 basic operations

Intent HTTP METHOD Description Example List GET List collection GET /users Get GET Get member of the collection GET /users/{id} Create POST/PUT Create new item in the collection POST /users/ PUT /me/activities/{id} Update PATCH/PUT Update item PATCH /users/{id} PUT /me/activities/{id} Delete DELETE Delete item DELETE /users/{id} Invoke POST Invoke operations POST /domains/{id}/verify Batch POST Execute multiple requests POST /$batch POST/PATCH/PUT

If your code doesn’t need Don’t send Tip to get a response, then opt unnecessary data over Use HTTP out the wire Prefer return=minimal request header

Some services always return 204 No content for PATCH and PUT TIP 2 | Learn the 7 basic query parameters

Value Description Example $filter Filters results (rows) /users?$filter=startsWith(givenName,’J’) $select Filters properties (columns) /users?$select=givenName,surname $orderBy Orders results /users?$orderBy=displayName desc $top Sets the page size of results /users?$top=10 $expand Retrieves related resources /groups?$expand=members $count Retrieves the total count of /me/messages?$top=2&count=true matching resources $search Returns results based on search /me/messages?$search=pizza criteria. Currently supported on messages and person collections Use projections

Choose the properties your Don’t send Tip app really needs and no unnecessary data over Use $select more the wire

GET https://graph.microsoft.com/v1.0/users? $select=givenName,mail Use filters

Choose the records Don’t send Tip your app really needs and unnecessary data over Use $filter no more the wire

GET https://graph.microsoft.com/v1.0/users? $filter=department eq ‘Sales’ & $select=givenName,mail TIP 3 |

Graph uses server-side When querying Always expect an page size limits collections, Graph may @odata.nextLink return the results in property in the response many pages Contains the URL to the next page Request

1. 2. 3. 4. Always handle the Follow the Final page will not Treat the entire URL possibility that the @odata.nextLink contain an as an opaque string responses are paged to obtain the next @odata.nextLink in nature page of results property TIP 4 | Track changes | Webhooks + Delta query

Scenario Tips Why Same scenarios as before, Use webhook notifications as Difficult to figure out optimal but if you need to optimize the trigger to make delta query calls polling interval further… Put notifications in a queue for later processing Discover newly created, updated, or deleted entities without a full read of the target resource Useful for synchronizing changes to a local data store Requires permission to read the requested resource @odata.nextLink Presence of nextLink indicates more data is available @odata.deltaLink Presence of deltaLink indicates no more data to be returned Contains deltaToken, save this for future queries If no changes have occurred, the same deltaToken is returned with no results Typical call pattern to track changes in a resource collection Application https://graph.microsoft.com/v1.0

/{resource}/delta?$select=id,displayName

{“@odata.nextLink”:”https://graph.Microsoft.com/v1.0/{resource}/delta?$skipToken=ABC”, “value”:[{“id”:”1”,”displayName”:”foo”}, {“id”:”2”,”displayName”:”bar”}]}

https://graph.Microsoft.com/v1.0/{resource}/delta?$skipToken=ABC

{“@odata.deltaLink”:”https://graph.Microsoft.com/v1.0/{resource}/delta?$deltaToken=DEF”, “value”:[{“id”:”3”,”displayName”:”baz”}]}

https://graph.Microsoft.com/v1.0/{resource}/delta?$deltaToken=DEF

{“@odata.deltaLink”:”https://graph.Microsoft.com/v1.0/{resource}/delta?$deltaToken=XYZ”, “value”:[{“id”:”1”,”displayName”:”My data was updated”}]} TIP 5 | Use least privilege! Only request permissions which are absolutely necessary, and only when you need them

Be thoughtful when configuring your app! This will directly affect end user and admin experiences, along with app adoption and security

When building a multi-tenant app, expect customers to have various application and consent controls in different states

Don’t use AppOnly for user interactive scenarios Permissions Types

Delegated permissions Application permissions

App type Mobile, web, and SPA Service and Daemon

Scenario Get access on behalf of users Get access as a service

Who can Users can consent Admin can consent Only admin consent for self for self or all users can consent

Permissions Effective Permissions App User’s granted to + granted to Permissions Permissions App User App

https://aka.ms/ConsentAndPermissions 1. Know the 7 basic operations

2. Learn the 7 basic query parameters

3. Watch for server-side pagination

4. Investigate other query patterns (webhook+delta)

5. Used least privileged permissions

Microsoft Graph at Build 2019 | Data sets

Generally available ( /v1.0 ) Preview ( /beta )

Office 365 Office 365 Exchange (get schedule) Exchange (MIME messages, MIME item attachments, raw file SharePoint (get item analytics) attachments) Teams APIs SharePoint (security events webhooks) OneDrive (follow/unfollow documents, expiring links in permissions EMS API) Security (secure score) Teams (1:1 chat messages, shifts management) AAD (audit and sign in logs, identity providers, groups naming Connectors private preview policy, group based licensing APIs, nested membership expansion on groups, export personal data) EMS Security (Logic App/Flow/Power Apps connectors, Power BI connector, Microsoft Graph data connect Jupyter Notebooks, threat indicators, security actions) AAD (application sign-in reports, custom sign-up and sign-in policies in Azure AD B2C, risky user and history)

Dynamics Business Central (Financials) Microsoft Graph at Build 2019 | DevX Tooling

Generally available Preview

SDK releases Updated SDKs for Beta API .NET – Version 1.15 .NET Java – Version 1.3 Android Support PHP Java – Version 1.X lightweight core library (*new*) Typescript JavaScript – Version 1.6.0 Objective C – Version 1.0 (*new*) New SDK features (across languages) Microsoft Graph Authentication Providers for MSAL New SDK features (across languages) Retry and Redirect Support Microsoft Graph Toolkit Download decompression support Page iterator Task Postman collections Large File Upload Task Client Factory Docs Embedded try experience (coming soon) Docs SDK Getting started docs Code snippets in reference documentation (.NET, Java)

SDKs and Toolkit are all OSS on https://github.com/microsoftgraph https://aka.ms/o365devprogram

Benefits Free renewable Office 365 E3 subscription Be your own admin Dev sandbox creation tools Preload sample users and data for Microsoft Graph, and more Access to Microsoft 365 experts Join bootcamps and monthly community calls Tools, training and documentation Learn, discover and explore about Office 365 development Blogs, newsletters and social Stay up to date with the community Prize Giveaway Thank You Microsoft Graph: An Overview Johnathan Lightfoot