Azure AD and Microsoft Graph
Microsoft Graph is the gateway to data in Microsoft 365, Dynamics 365, Windows, and Enterprise Mobility + Security. Using Microsoft Graph’s APIs and the corresponding permissions, you can access traditional productivity data like emails and events, and security and identity information like groups, devices, app registrations, audit logs, high risk users, security alerts, etc.
Note: If you missed the previous post about Azure Active Directory for Developers, you may want to check that out first.
Getting started with Microsoft Graph is easy: With Microsoft Graph quick start you can choose your language, including NodeJS or Java, create an app registration, and download the pre-configured sample. The console app demonstrates how to list emails and to send an email.
Watch the 10-minute walkthrough video
This app is going to access your calendar, so it needs more permissions than just sign in. In this case the permissions defined in OAUTH_SCOPES are requested to the user during sign in. Another way is to provide permissions in the app registration directly: select API Permissions, Add a permission, Microsoft Graph, Delegated permissions, and there you can configure those same permissions as defined in OAUTH_SCOPES plus the regular sign-in permissions for openid, profile and offline_access. Read more about permissions and consent.
You can see the requiredResourceAccess in JSON using the command-line interface. And you can create an app registration with –required-resource-accesses and a JSON string or file.
Beyond emails and calendar events there is a lot of additional information in Microsoft Graph. The best way to find out is using the Graph Explorer, which provides sample queries to compliance, identity and access, and security, etc. It shows details of the requests, responses and required permissions for the REST APIs. The Graph API Reference docs contain more information.
Once you know what operation you need, the simpler way is to develop with the Microsoft Graph SDKs
Thanks for reading! :-)