The reading I'm doing here seems to indicate that Microsoft Graph is for exposing Office 365 as an API.
The same link indicates its Office 365 and Azure AD. But you have to have an O365 account to interact with the graph.
That eliminates the use case of people who use only Azure AD, say for authentication and authorization in SaaS apps.
So, I've been asking about using Micrsoft Graph vs using Azure AD. Is it that as long as I'm not interested in the 0365 side of things that I should stick to the AD graph?
Update: Here's a blog from Microsoft on the matter. They said, "We strongly recommend that developers start using Microsoft Graph over Azure AD Graph, unless specific gaps prevent you from using Microsoft Graph right now."
Even if all you want to use are directory features, I would encourage you strongly to use Microsoft Graph. We are adding new directory features to Microsoft Graph that may not show up in AAD Graph and we are busy working to make sure that Microsoft Graph provides all the directory features that AAD Graph provides (and more).
You don't have to have an O365 subscription to use Microsoft Graph (just an AAD tenant) - it's just that Microsoft Graph exposes a lot of rich data that comes from Office 365, including calculated insights.
Please let me know if you are having any challenges with this.
Hope this helps,
Related
I cannot find a document on the MS Graph support pages for Microsoft 365 Defender.
I would like to configure the following policies using MS Graph
Anti-phishing
Anti-spam
Anti-malware
Is this possible?
Microsoft does offer security API which touches on defender, but I don't think it's possible to set configure polices at present:
https://learn.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-1.0
This seems to be still under development as you are encouraged to file issues to fill in feature gaps.
There is Microsoft Graph Security API which a unified interface and schema to integrate with security solutions from Microsoft and ecosystem partners.
Unfortunately I do not see any possibility how to configure the mentioned policies.
Reference:
Security API
I'd like to administer different tenants remotely using the Connect-MicrosoftTeams -AccessTokens option. From what I read, one needs to retrieve the token for the tenant through Microsoft Graph. What I do not understand is how and which permission to request.
Is there anyone who has done this and could point me to some documentation or maybe provide an example request? Thanks!
Use Graph Explorer to determine what are the APIs you want to use. On the “Modify Permissions (Preview)” Tab you will be able to see what kind of permissions are needed for that particular API.
https://developer.microsoft.com/en-us/graph/graph-explorer
See Microsoft Graph permissions reference, Authentication and authorization basics for Microsoft Graph, Authorization and the Microsoft Graph Security API
I am building a web application that needs to fetch all tasks from an organization that uses Outlook Task. Can this be done with Microsoft Graph or Office 365 REST API?
I haven't found any calls in the documentation of either services that would do something similar to that: https://outlook.office.com/api/v2.0/tenant/tasks
Should I find another approach or is it something that is doable?
Outlook Tasks is available in Preview on Microsoft Graph today:
GET /users/{id|userPrincipalName}/outlook/tasks (Graph Explorer example)
I'm afraid I don't have an ETA for when this will be generally available at the moment. According to the Change Log this functionality was added in April so it is still a somewhat recent addition.
This functionality is also available as part of the Office 365 REST API.
If you're looking for something production ready today, you may need to use this API instead. If possible, I would suggest waiting for Graph. Graph is where all future engineering energy will be focused and is the best long-term integration play.
I am working on Onenote integration for our application. I am new to onenote and microsoft graph. I don't understand the advantage of using graph api over rest api's provided by Onenote. Only authentication will be done through a common point for work/business and personal account that's the only difference.
Please help me in advantages of using graph api over individual application rest services.
check this - https://developer.microsoft.com/en-us/graph/docs
Microsoft Graph exposes multiple APIs from Office 365 and other Microsoft cloud services through a single endpoint: https://graph.microsoft.com. Microsoft Graph simplifies queries that would otherwise be more complex.
You can use Microsoft Graph to:
Access data from multiple Microsoft cloud services, including Azure Active Directory, Exchange Online as part of Office 365, SharePoint, OneDrive, OneNote, Planner and Microsoft Teams.
Navigate between entities and relationships.
Access intelligence and insights from the Microsoft cloud (for commercial users).
Is there any difference between what one can get from
https://graph.windows.net vs https://graph.microsoft.com?
It seems that there's different versions for one, .net is under version 1.6 and .com under 1.0.
They both seem to work with the v2.0 auth scopes, but do they work the same way?
Thanks to anyone that can shed some light!
Using Microsoft Graph (https://graph.microsoft.com) you can access the data that is exposed in the Azure AD graph API (https://graph.windows.net) and, in addition to that, access data from services like Outlook/Exchange, OneDrive, SharePoint, OneNote, Planner and more (for both consumer and commercial).
The recommendation is to use Microsoft Graph API. That said, there is still a small percentage of functionality that is only available in the Azure AD Graph and we are working hard to close the gap.