Microsoft Graph an Overview Johnathan Lightfoot Owner, Techforce, LLC How to Join Poll Everywhere Questions Web
Total Page:16
File Type:pdf, Size:1020Kb
Microsoft Graph an Overview Johnathan Lightfoot Owner, TechForce, LLC How To Join Poll Everywhere Questions Web Go to PollEv.com Enter Jlightfoot158 Respond to Activity Thank You Thank You Introduction • In IT over 20 years • Worked with Microsoft Products since childhood • Co-Authored three books on SharePoint • A Microsoft Certified Trainer with various certifications • Born in Miami, Florida • Enjoys….Ooh look a squirrel! Microsoft Graph Overview • Microsoft Graph, what and why • 5 steps to your first Graph app • App patterns • 5 tips and tricks to become a Graph coder Office 365 Your tailored Windows 10 experiences or customizations Enterprise Mobility + Security 1 billion 1 million 100 billion users across work, monthly active apps using Microsoft Graph life and edu Microsoft Identity requests per month Your tailored experiences or customizations 18 trillion 90% 180 million Microsoft Graph nodes Fortune 500 monthly active users of Office 365 commercial Microsoft 365 Platform Extend Microsoft 365 experiences Build your experience Web Bots & Device Daemon Workflow Documents Conversations Portals Timeline Search Analytics apps agents & native apps automation apps Microsoft Graph REST APIs and webhooks Your local data Microsoft Graph Azure AI platform Microsoft Graph Office 365 Windows 10 Enterprise Mobility + Security Connectors data connect Microsoft Identity Microsoft Graph “a la carte” data and services Apps Web Native Bots Flows Automation Analytics Auth UX Libraries Capabilities Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect Data Microsoft 365 Your domain Microsoft Graph-powered web apps—example Apps Web Native Bots Flows Automation Analytics Auth UX Libraries Capabilities Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect Data Microsoft 365 Your domain Microsoft Graph-powered automation app— example Apps Web Native Bots Flows Automation Analytics Auth UX Libraries Capabilities Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect Data Microsoft 365 Your domain Microsoft Graph Gateway to your data in the Microsoft cloud https://graph.microsoft.com Office 365 Windows 10 Enterprise Mobility + Security Users, Groups, Organizations Activities Azure AD Outlook Device Relay Intune SharePoint Commands Identity Manager OneDrive Advanced Threat Analytics Notifications Teams Advanced Threat Protection Planner Excel Dynamics 365 OneNote Business Central Mail, Calendar, Channels, Messages Identity Management Administrative Units Alerts Contacts and Tasks Tasks and Plans Access Control Applications and Devices Policies Sites and Lists Spreadsheets Synchronization Advanced Threat Analytics and more… Drives and Files Notes, and more… Domains Advanced Threat Protection 5 simple steps 1. Try Graph Explorer (https://aka.ms/ge) 2. Browse the API reference and docs 3. Try a quickstart and training 4. Use the SDK 5. Register your app Then…. happy coding! 5 simple steps 1. Try Graph Explorer (https://aka.ms/ge) 2. Browse the API reference and docs 3. Try a quickstart and training 4. Use the SDK 5. Register your app Then…. happy coding! • Small airline, 95% US domestic • 4,500 flight crew • 60 developers, mostly Web/mobile • Mixed cloud platform • M365 E5 subscribers Scheduling app for Lost luggage helper New flight crew Flight crew analysis flight crew provisioning App patterns • Example • Auth • Challenge • Decision • Tip Web apps, device & native apps • Example: flight schedule management • Auth: interactive login • Challenge: offline sync • Decision: middle-tier or direct • Tip: use Microsoft Graph toolkit Bots and Agents • Example: lost luggage finder • Auth: OAuthPrompt • Challenge: limited or no UI • Decision: create or reuse skills • Tip: Use adaptive cards Background process & automation apps • Example: new employee provisioning • Auth: app only • Challenge: throttling • Decision: how to detect changes • Tip: use Microsoft Graph SDK Analytic apps • Example: flight crew analysis • Auth: app only • Challenge: scale and privacy • Decision: where to unify data • Tip: use Microsoft Graph data connect Scheduling app for Lost luggage helper New flight crew Flight crew analysis flight crew provisioning BRK3082 BRK4011 BRK3079 BRK4010 Example Scheduling app for Lost luggage helper New flight crew Flight crew analysis flight crew provisioning Auth Interactive user Device code App only App only Challenge Offline sync Limited real estate Throttling Security and privacy Decision Middle tier or no Bot or not How to get changes Where to unify data Ingredients Microsoft Graph toolkit Adaptive cards Azure Functions Microsoft Graph data bindings connect 5 tips and tricks 1. Know the 7 basic operations 2. Learn the 7 basic query parameters 3. Watch for server-side pagination 4. Investigate other query patterns (webhook+delta) 5. Use least privileged permissions TIP 1 | Know the 7 basic operations Intent HTTP METHOD Description Example List GET List collection GET /users Get GET Get member of the collection GET /users/{id} Create POST/PUT Create new item in the collection POST /users/ PUT /me/activities/{id} Update PATCH/PUT Update item PATCH /users/{id} PUT /me/activities/{id} Delete DELETE Delete item DELETE /users/{id} Invoke POST Invoke operations POST /domains/{id}/verify Batch POST Execute multiple requests POST /$batch POST/PATCH/PUT If your code doesn’t need Don’t send Tip to get a response, then opt unnecessary data over Use HTTP out the wire Prefer return=minimal request header Some services always return 204 No content for PATCH and PUT TIP 2 | Learn the 7 basic query parameters Value Description Example $filter Filters results (rows) /users?$filter=startsWith(givenName,’J’) $select Filters properties (columns) /users?$select=givenName,surname $orderBy Orders results /users?$orderBy=displayName desc $top Sets the page size of results /users?$top=10 $expand Retrieves related resources /groups?$expand=members $count Retrieves the total count of /me/messages?$top=2&count=true matching resources $search Returns results based on search /me/messages?$search=pizza criteria. Currently supported on messages and person collections Use projections Choose the properties your Don’t send Tip app really needs and no unnecessary data over Use $select more the wire GET https://graph.microsoft.com/v1.0/users? $select=givenName,mail Use filters Choose the records Don’t send Tip your app really needs and unnecessary data over Use $filter no more the wire GET https://graph.microsoft.com/v1.0/users? $filter=department eq ‘Sales’ & $select=givenName,mail TIP 3 | Graph uses server-side When querying Always expect an page size limits collections, Graph may @odata.nextLink return the results in property in the response many pages Contains the URL to the next page Request 1. 2. 3. 4. Always handle the Follow the Final page will not Treat the entire URL possibility that the @odata.nextLink contain an as an opaque string responses are paged to obtain the next @odata.nextLink in nature page of results property TIP 4 | Track changes | Webhooks + Delta query Scenario Tips Why Same scenarios as before, Use webhook notifications as Difficult to figure out optimal but if you need to optimize the trigger to make delta query calls polling interval further… Put notifications in a queue for later processing Discover newly created, updated, or deleted entities without a full read of the target resource Useful for synchronizing changes to a local data store Requires permission to read the requested resource @odata.nextLink Presence of nextLink indicates more data is available @odata.deltaLink Presence of deltaLink indicates no more data to be returned Contains deltaToken, save this for future queries If no changes have occurred, the same deltaToken is returned with no results Typical call pattern to track changes in a resource collection Application https://graph.microsoft.com/v1.0 /{resource}/delta?$select=id,displayName {“@odata.nextLink”:”https://graph.Microsoft.com/v1.0/{resource}/delta?$skipToken=ABC”, “value”:[{“id”:”1”,”displayName”:”foo”}, {“id”:”2”,”displayName”:”bar”}]} https://graph.Microsoft.com/v1.0/{resource}/delta?$skipToken=ABC {“@odata.deltaLink”:”https://graph.Microsoft.com/v1.0/{resource}/delta?$deltaToken=DEF”, “value”:[{“id”:”3”,”displayName”:”baz”}]} https://graph.Microsoft.com/v1.0/{resource}/delta?$deltaToken=DEF {“@odata.deltaLink”:”https://graph.Microsoft.com/v1.0/{resource}/delta?$deltaToken=XYZ”, “value”:[{“id”:”1”,”displayName”:”My data was updated”}]} TIP 5 | Use least privilege! Only request permissions which are absolutely necessary, and only when you need them Be thoughtful when configuring your app! This will directly affect end user and admin experiences, along with app adoption and security When building a multi-tenant app, expect customers to have various application and consent controls in different states Don’t use AppOnly for user interactive scenarios Permissions Types Delegated permissions Application permissions App type Mobile, web, and SPA Service and Daemon Scenario Get access on behalf of users Get access as a service Who can Users can consent Admin can consent Only admin consent for self for self or all users can consent Permissions Effective Permissions App User’s granted to + granted to Permissions Permissions App User App https://aka.ms/ConsentAndPermissions 1. Know the 7 basic operations 2. Learn the 7 basic query parameters 3. Watch for server-side pagination 4. Investigate other query patterns (webhook+delta)