en 28/12/2019
Héctor (@guanberdolfo) and me (@VanesaGC_Flow), talk about how to connect Microsoft Graph with Postman.
Create app registration
We connected to the Azure portal to create an «App registration». Once in the Azure Portal, click on «Azure Active Directory» -> «App Registrations» and select «+ New Registration».
We fill in the following form, adding a name and selecting the type of account. We have selected «Accounts in this organizational directory only».
Click on «Certificates and secrets» -> «New client secret» and fill in the requested data. When done, select «Add».
After saving the client secret, the value of the client secret is displayed. We copy this value because we aren’t able to retrieve the key later.
Next, we need to add permissions to be able to use the Graph API through the newly created «App Registrations». We click on «APP Permissions» and in the next screen we add the necessary Graph permissions. It is important, to click on the button «Grant administrator consent for …», after having added and marked the permissions, so that these are finally applied.
In the following screenshot, it is shown all the permissions that have been applied for the development of the demo
Finally, to be able to connect to Graph using Postman and Microsoft Flow custom connector (this connector will be created later in this demo). It is necessary to add the following links in the «Authentication» section of the active directory.(https://global.consent.azure-apim.net/redirect and https://www.getpostman.com/oauth2/callback)
How to Connect, Test and Prepare Api Graph Requests in Postman?
We will create a collection of HTTP requests, connected to Api Graph to later create a custom connector in Flow.
Before starting it is convenient to have the «Key» and the «ID Application» of the «Application Registration» in general information, in order to generate the authentication token through HTTP.
In addition to the token Endpoint of OAuth 2.0. which is located on the Azure portal, within the «Endpoints». That is inside the «Active Directory», the application registrations previously created (Postman) and in «General information» click on the link»Endpoints», as shown in the following screenshot.
How to get Office Authentication Token
We can extract the value of the property «Access_token», opening the Postman and making a post with the url of the connection point (https://login.microsoftonline.com/{IdTenant}/oauth2/token) and with the necessary header and body.
Header must contain the «Content-Type» property with the following value «application/x-www-form-urlencoded».
The body must contain the following properties:
client_id (this property is extracted from the «application registered» of the previously created Active directory)
client_secret (this property is extracted from the «application registered» of the previously created active directory)
resource (https://graph.microsoft.com)
grant_type (client_credentials).
When you click on the «Send» button of the Postman to make the post, you will receive an answer like the following one, which will contain the «Access_token».
Having done this, we will be able to make any request to Microsoft Graph api. Adding the «Authorization» property with the value «Bearer » + «Access_token» in the header of each graph request we make. As you can see in the following example, which is listing all tenant users.
In this example the request would be the following one:
url get: https://graph.microsoft.com/v1.0/users
Header: Authorization -> «Bearer» + Access_token
Graph explorer
Microsoft provides us with the Graph Explorer, to make HTTP requests. It can be accessed from the following url: https://developer.microsoft.com/en-us/graph/graph-explorer
Graph documentation
In the following link, you will have access to all the Graph documentation, where the different requests that can be made to Graph by means of oData are documented. In addition, it specifies which permissions must be activated to make each request. https://docs.microsoft.com/es-es/graph/api/overview?view=graph-rest-1.0
Demo collection postman
Next link contains the used postman collection: https://github.com/VanesaGC/Post-Pon-a-raya-el-monstruo-que-Teams-lleva-dentro/blob/master/Demo%20Microsoft%20Graph.postman_collection.json