I have worked a bunch with integrating many third party applications using the ‘App’ model and oAUTH. These include the big names such as Instagram and Facebook. Recently, here at Akumina we needed to integrate with the Office Graph for a couple of our
Intranet 365 controls, specifically the Calendar and People Directory and this post is designed to share with some of the things I learned along the way.
I’ve summarized my efforts below and hopefully will help you with getting up and running
with Microsoft Graph a little faster.
Please feel free to email me firstname.lastname@example.org for more information, I would be happy to help answer any questions based on my findings / implementations.
Understand the different types of ‘apps’ to talk to the Graph API
Of the three below, I found that option 2 was the most complete and provided the best UI experience for configuring Scopes and setting up Reply URLS for Implicit flow.
- Office 365 app registration tool – http://dev.office.com/app-registration
- Azure Management Portal – https://manage.windowsazure.com
- The New oAUTH 2 app registration tool – https://apps.dev.microsoft.com/Disambiguation?ru=https%3a%2f%2fapps.dev.microsoft.com%2f (this actually adds a dummy record in the Azure Management Portal)
Setting up pattern matching Reply URLs for Implicit flow (The app seemed to be limiting to 10 reply URLs)
For applications that may need to call the Graph API on 10+ URLs and also act as a landing / entry point for your application, you need to enable the following setting in your appmanifest in the Azure Management Portal. See oauth2AllowUrlPathMatching. If you set the value of your Reply URL to be something like https://mytenant.sharepoint.com/sites/mysitecollection you do not need to specify each and every aspx page you may have as an entry point. Please be aware that this can be a security risk depending on who you talk to…
Be sure to start building your application with Mock Data coming from the Microsoft Graph Explorer
From here, you can login and execute queries against a dummy instance allowing you to take the output and use in your JS application to get up and running faster, before you have the data retrival or data layer completed. This actually sped up our time to market quite a bit. Simply execute your query, copy and paste the output in your application, and build your UI / application using the mock data.
The adal.js library stores the tokens in localStorage, I found executing this call in the console was great for troubleshooting purposes.
Quick Sample to get you going with Microsoft Graph API
The ADAL library is by far the most complete library you can use for doing client side integration with Graph.
Other Helpful Links
ADAL source (in case you want to see how it works / make changes)
Oauth2 permission scopes
The best source that explains the oAuth2 flow in regards to graph and to someone new to oAuth.