I am able to retrieve Security Alerts using:
https://graph.microsoft.com/beta/security/alerts?$top=1
Now I would like to retrieve the "recommendations" from an Azure tenant
We can see these recommendations in Azure portal -> Security Center -> Recommendations. We can see Recommendations blade under "RESOURCE SECURITY HYGIENE" tab.
Is it possible to retrieve Recommendations using Microsoft Graph? If so, can someone help me with correct URI to fetch them?
I did some further digging into the Azure api docs. You can’t use the Graph API as said but by the looks of things you can use the Resource Manager API to list the recommendations as Tasks from the security center. Let me know if that works for you?
Related
I'd like to administer different tenants remotely using the Connect-MicrosoftTeams -AccessTokens option. From what I read, one needs to retrieve the token for the tenant through Microsoft Graph. What I do not understand is how and which permission to request.
Is there anyone who has done this and could point me to some documentation or maybe provide an example request? Thanks!
Use Graph Explorer to determine what are the APIs you want to use. On the “Modify Permissions (Preview)” Tab you will be able to see what kind of permissions are needed for that particular API.
https://developer.microsoft.com/en-us/graph/graph-explorer
See Microsoft Graph permissions reference, Authentication and authorization basics for Microsoft Graph, Authorization and the Microsoft Graph Security API
Microsoft Graph API has support to retrieve mail rules for individual mail boxes. Is there any API to get the list of rules configured by Admin for the organization?
https://graph.microsoft.com/v1.0/users/user-id/mailFolders/inbox/messagerules
Not that i am aware of using Microsoft Graph API. At this point Graph API supports only individual mailboxes. The closest one i can see is that you can application permission to query other mailboxes as well. But it won't tell or get you the list of rules configured by admin for the organization. Being said that you can consider filing an uservoice so that it can be considered to be implemented. As an alternate you can use from Exchange PowerShell (something like Get-Trasportrule).
SharePoint Online can be accessed either using SharePoint's own native REST API, or, using Microsoft Graph API. I have briefly explored both of the APIs and see differences in terms of the capability, for example, SharePoint API has function type method calls (GetByTitle()), whereas the Graph API seems to support identity based access, or, 'site path'. My opinion is that SharePoint makes it easy to access resources through the use of 'function' in URL, however, i am not sure if it is RESTful. It would be helpful to have your views on this aspect.
Given the two options (SharePoint & Graph) which is the recommended way forward, considering below criteria's:
Future proof - in terms of enhancement, support from Microsoft
Performance
Functionality coverage - considering current version of Graph API
Also, I couldn't find any Microsoft recommendations on this, if there is one kindly share the link.
Thanks.
I recommend Microsoft Graph API. I know it is a proxy to actual Sharepoint, OneNote, Planner, and etc API, but the way they are improving graph api day by day makes me think it is going to last for a good time. Let's say if you are writing an app that wants to connect with many Microsoft apps endpoints, having one class that handles all the graph api requests is enough instead of looking for specific apps endpoints.
Performance: I have been using Microsoft graph api for most of SharePoint related work and it works good and fast. I use Graph explorer to check out the graph if it actually works before implementing it in the app.
Functionality Coverage: Obviously graph is a proxy of a real api so it won't cover all the processes you need to do in SharePoint. For example, I had to create a Sharepoint Group which I could not find a way via graph api. But I assume as more people vote on those requests, the graph api is bringing those new possible proxy endpoints too. But again if your app is only working with Sharepoint then I believe I would stick to SharePoint API. In favor of Graph API, they also have something called delta query and subscription notification to see changes in the files and documents.
I was under the impression that the Graph API was meant to centralize things, make one endpoint to connect to all Sharepoint services via API. With that in mind, I wonder if we shouldn't be asking which is the better option but rather we should be asking when the so-called native option will be end of lifed. Graph is more future proof in the sense that this is the direction MS is taking. I can't speak to performance personally. As far as functionality, I can't imagine that Graph is functionally worse than previous iterations of SP. It might be functionally different. But it should expand API functionality.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 4 years ago.
Improve this question
I have an Azure tenant and the Azure portal has partner access to all my clients. My requirement is to fetch contracts of each of my partner using the Microsoft Graph API.
I created an application inside my azure instance following the documentation guide. Am able to obtain an access token using https://login.microsoftonline.com/tenantId/oauth2/token endpoint (where tenant id will be my azure tenant id) for the GraphAPI resource and am able to use the GraphAPI rest calls to fetch the contracts as well as the subscribedSkus of my tenant.
However how can i access the subscribesSkus of my clients?. Do i need the tenant id of each of my clients and obtain the access token for each client using the endpoint mentioned above? Does that means i need to create an app on all of my clients azure active directory instance?
Several references for similar scenarios like this can be found across the internet but there is no concrete documentation available in microsoft which assists me to proceed further.
Any insights into this will be really helpful.
This isn't possible, you need to have credentials and obtain a token for each of the tenants you wish to access.
I am creating iOS application that needs to interact with RESTful API (which will be going to make).
The problem is I have no knowledge in the realm and would like to ask for some helps. (I tried to learn this for few days but as I study more, I get so confused...)
My company has a server that is running with Windows. What is the process of deploying APIs there and use it as data storage as well.
My company has Microsoft 365 license so that I have access to SharePoint. I've read there is SharePoint APIs, so it will be nice to integrate with my app. But more I study about it, I've observed AzureAD. Is it something that I must to have in order to utilize MS SharePoint APIs?
I know it is very broad question but I really appreciate for anyone who provides with helps. Thank you
Yes you will need Azure AD to interact with the sharepoint api, using the oAuth authentication by registering the app into the Azure AD and giving the Sharepoint Management online permissions that are required for you to do the operations that you want.