We have been trying to use the O365 Discovery Service to find the endpoint for OneDrive For Business so that our application can store data on the cloud.
We authenticate with Azure successfully and receive the code back.
We redeem the code for an access token successfully.
When we use the access token to access the discovery service, we get "App blocked calling O365 Discovery Service".
This only seems to be an issue when we register new applications (for about a month) while existing applications still work.
Now the discovery service is being depreciated and will be discontinued at the end of next year but it should still work until then.
Does anyone know if Microsoft has done something to the discovery service to prevent newly registered apps from being able to access the discovery service?
As you know, discovery service are being deprecated beginning January 10, 2018, so the new registered app is not supported is normal behavior.
The Office 365 discovery service and SDK for .NET are being
deprecated beginning January 10, 2018, and will be fully
decommissioned on November 1, 2019. Start using Microsoft Graph to
access Office 365 data in a single endpoint. For more details, see our
announcement.
https://learn.microsoft.com/en-us/previous-versions/office/office-365-api/api/discovery-service-rest-operations
Related
We have a working outlook app using version 1_1 on O365. We are testing this with an exchange on prem only setup but with azure AD hybrid. The graph API functions we need work within this environment thanks to testing on graph api exporer.
When we push the manifest to exchange either via the exchange admin portal or via powershell we receive an error relating to webapplicationinfo being invalid. We have this within versionoverride 1.1 and that within versionoverride 1.0
If I remove the webapplicationinfo section which includes the scope, this will import ok, but when the app performs the function to get the auth token it fails, for which I am sure because the scope wasnt authorised.
No where i can find that says on prem is not supported. I find a lot of reference to 2016 CU3 but nothing specific to on prem. Can someone assist?
Exchange 2016 Cumulative Update 3 (CU3), released in September 2016 for Exchange on-premises servers, adds support for REST API integration with Microsoft 365. If your app uses v1.0 of the Mail, Calendar, or Contacts API, you will now also find a seamless authentication and application experience in hybrid deployments, regardless of whether the mailbox is on-premises or in the cloud, provided that the deployment meets specific requirements.
See Use REST APIs to access mailboxes in Exchange hybrid deployments (preview) for more information.
I'm trying to get change notifications for users to work with my application connected to Azure AD B2C.
I followed the following tutorial and the subscription is created successfully but I never get any change notification:
https://learn.microsoft.com/en-us/learn/modules/msgraph-changenotifications-trackchanges/1-introduction
After a bit of research I found some statements mentioning that B2C is not supported by Graph API:
https://learn.microsoft.com/en-us/graph/webhooks#azure-ad-resource-limitations
Azure AD B2C tenants are not supported.
Blog entry from 2016
https://learn.microsoft.com/en-us/archive/blogs/aadgraphteam/microsoft-graph-or-azure-ad-graph
Manage users in a B2C tenant (set local accounts, sign in names), Coming soon (preview)
Do not receive notifications about user profile updates
I wonder whether this still holds true especially because Microsoft announced that Azure AD Graph API should not be used anymore:
https://techcommunity.microsoft.com/t5/azure-active-directory-identity/update-your-applications-to-use-microsoft-authentication-library/ba-p/1257363
I ask this question here because Microsoft support redirected me to SO to ask questions about Graph API.
TLDR;
Does Microsoft Graph API support change notifications with Azure AD B2C in 2020?
Microsoft Graph API does not support change notifications with Azure AD B2C as of August 2020. Nor does AAD Graph support change notifications with Azure AD B2C as of August 2020.
You could use Azure Monitor and Event hubs to harvest events from the Audit Logs, such as a Sign Up event.
https://learn.microsoft.com/en-us/azure/active-directory-b2c/azure-monitor
Does anybody know if there is a rest API to the office 365 Security and Compliance center that can give me back any alerts raised by the Alert Policy?
It seems that there are some PowerShell cmdlets that allow the creation of new Alert Policies, but I would like to pull down the alerts generated by these policies (preferably without using PowerShell).
Maybe this is on the road-map for a future Microsoft Graph API?
Office365 security alerts are not yet supported, but this should be possible for Microsoft security products using the Public Preview of Graph Security API - aka.ms/graphsecurityapi.
Microsoft Graph Security API only has access to the following(now GA).
Microsoft Graph Security API to easily access alerts from the following security solutions:
Azure Active Directory Identity Protection,
Azure Information Protection,
Azure Security Center,
Microsoft Cloud App Security,
Microsoft Intune,
Windows Defender ATP, and
Office 365 ATP and Azure ATP (coming soon)
This question already has an answer here:
Does "Outlook Mail REST API" include access to corporate MS exchange server email?
(1 answer)
Closed 5 years ago.
Can the MicrosoftGraph API, specifically the WebHooks, be used for accounts on an enterprise / on-premise Exchange server as opposed to Office 365.
All the documentation I have seen for setting up the app required for OAuth authentication use Azure.
There is a "hybrid deployment" model currently in preview that allows you to traverse both on-prem and online mailboxes using Microsoft Graph. You can read about the infrastructure requirements at On-Premises Architectural Requirements for the REST API.
One note on authentication, Microsoft Graph uses OAUTH tokens to handle authentication. These tokens are issued by Azure AD but this does not mean that your entire infrastructure needs to be hosted on Azure, only that your AD be synced with an Azure AD instance using Azure AD Connect. Depending on the size of the organization you may even be able to use the Free trier of Azure AD. I highly recommend taking a look into this configuration as Azure AD is quickly becoming an assumed prerequisite for new APIs and services.
I am trying to test an existing OAuth client using the OAuth AS now available in Windows Server 2012 R2. Microsoft has been very vocal in advertising its availability in many venues now over the past month or two. The trouble is that the documentation is severely lagging the implementation. I can't find any documentation telling me how to configure the AS or even what the authorization endpoint URL is or the token endpoint URL (they claim to support to code grant flow of OAuth 2.0).