Thank you Sponsors...Excel OneNote Activities Device Relay Commands Notifications Azure AD Intune...
Transcript of Thank you Sponsors...Excel OneNote Activities Device Relay Commands Notifications Azure AD Intune...
Thank you Sponsors#ThriveITconf
Silver
Evening event sponsor
Material
Media
Microsoft Graph - The Toolkit
for Building Modern Solutions
Eur Ing Dr Bill AyersMCM/MCSM Charter SharePoint
MVP, MCT, MSc, MCTS, MCITP, MCSD, MCAD, MCSA, MCDBA, Professional Scrum Master, PhD, C.Eng, etc. etc.
Flow Simulation Ltd.
www.SPDoctor.net
@SPDoctor
Consultant specialising in SharePoint and
Office 365 Development and Architecture
for Collaboration and Mobile Development
• What is a Graph?
• The Microsoft Graph
• Raw REST API
• Client Libraries
• The Power of AI and ML
• Where will it end?
• Conclusions
Agenda
What is a Graph?
Groups
PeopleConversations
Files
Insights
Microsoft Graph
Groups
PeopleConversations
Files
Insights
Microsoft Graph
Office 365 Platform
Standalone web, device,
and service apps
Extensions
Embedded canvases
Microsoft GraphGroups
PeopleConversations
Files
Insights
Users Groups Outlook OneNoteInsights
and more…SharePoint IntuneTeams Azure ADPlanner Excel
https://graph.microsoft.com
Your appOne endpoint
One token
All users
Microsoft Graph
Access user, group and organizational data
Microsoft Graph API vs. Service APIs
• Simplest way to access data in Office 365 and other Microsoft cloud services
• Wraps service APIs
• Unified auth for work and personal
• Available and supported
• Require resource specific endpoints and access tokens
• Inconsistent implementation of REST and OData
https://graph.microsoft.com
Your app Your app
Outlook Azure ADSharePoint …
The core data that drives business is accessible through the Microsoft Graph –expect more…
Is this person out of the office?
Who is their manager?
Where do they need to be next?
What documents have they been
working on recently?
Context
Insights
Updates
…
Opportunity
1B+Meetings scheduled each
month with Office 365
181Countries with Knowledge
Workers using Office 365
65M+Enterprise Mobility seat
install base (+55% YoY)
90%Fortune 500 companies
have data in
Microsoft Graph
135M+Monthly active users in
Office 365
1.1BIdentities authenticated
each month
Microsoft GraphGateway to your data in the Microsoft cloud
Users, Groups, Organizations
Outlook
SharePoint
OneDrive
Teams
Planner
Excel
OneNote
Activities
Device Relay
Commands
Notifications
Azure AD
Intune
Identity Manager
Advanced Threat Analytics
Advanced Threat Protection
Mail, Calendar,
Contacts and Tasks
Sites and Lists
Drives and Files
Channels, Messages
Tasks and Plans
Spreadsheets
Notes, and more…
Identity Management
Access Control
Synchronization
Domains
Administrative Units
Applications and Devices
Advanced Threat Analytics
Advanced Threat Protection
Alerts
Policies
and more…
Office 365 Windows 10 Enterprise Mobility + Security
https://graph.microsoft.com
Dynamics 365
Financials
Calling the API
• HTTP verbs dictate the request intent: GET | POST | PATCH | PUT | DELETE
• Version: /v1.0 or /beta
• Resource: /users, /groups, /sites, /drives, /devices, more…
• Member from collection: /users/bill
• Property: /users/bill/department
• Traverse graph to related resources: /users/bill/events
• Query parameters: /users/bill/events?$top=5
o Format results: $select | $orderby
o Control results: $filter | $expand
o Paging: $top | $skip | $skiptoken
/{version} ?{query-parameters}/{resource}/{id}/{property}
OData
Using REST with (e.g.) JavaScript
var xhr = new XMLHttpRequest();xhr.open('GET', "https://graph.microsoft.com/v1.0/me/");xhr.setRequestHeader("Accept", "application/json;odata=verbose ");xhr.onload = function () {var data = JSON.parse(xhr.responseText);document.getElementById(“output”).innerText = "Site title: " + data.d.Title};
xhr.send();
jQuery.ajax({url: encodeURI("https://graph.microsoft.com/v1.0/me/"),headers: { accept: "application/json;odata=verbose" }
}).done(function (data) {$("#output").text("Site title: " + data.d.Title);
}).fail(function (msg) {$("#output").text("Request Failed: " + msg);
});
Note: an access token is usually required in the authorization header – outside the scope of this talk
Explore REST Endpoint
https://developer.microsoft.com/office (follow link to
Microsoft Graph then link to Graph Explorer)
It keeps getting better and better!
Azure AD
“v2” endpoint“v1” endpoint
• “Old” Office 365 endpoints
• Microsoft Graph
• Azure AD (Work/School)
accounts only and ADFS
• ADAL v1, v2 or v3
• Microsoft Graph
• Microsoft Accounts, Azure AD
accounts and Azure AD B2C
• MSAL (Microsoft Authentication
Library)
• Supports incremental consent
App types and permissions
Users can consent for their data or admin can consent for all users Only admin can consent
Delegated
permissions
User
privilegesApp
permissions
Permission type: applicationPermission type: delegated
https://developer.microsoft.com/en-us/graph/docs/concepts/permissions_reference
Get access on behalf of users Get access as a service
Effective permissionEffective permission
specific: .All, .Shared, etc
inferred
Read,
ReadWrite, etc.
target entity
files, mail, groups,
calendars, etc…
Microsoft Graph permission names:
Resource . Action . Scope
ExamplesUser.Read
Notes.ReadWrite
Directory.ReadWrite.All
Wrapper SDKs
•Language-specific bindings
•Easier to use
•Varying degrees of ‘strong typing’
Code-genned Wrapper APIs
https://github.com/microsoftgraph/msgraph-sdk-javascript
$metadata/
OpenAPI
Code generation
ManualFine-tuning
API
Demo: Traversing the Microsoft Graph using Client Libraries
https://github.com/microsoftgraph/msgraph-sdk-javascript
OfficeDev PnP Initiative
• PnP-JS-Core
• Still under development
• JavaScript wrapper for SharePoint REST APIs (+ more)
• Good fit for SPFx development
• Github.com/PnP/PnPJS
• “Home” of SPFx guidance, documentation, samples, etc.
• http://developer.microsoft.com/SharePoint is starting point
• Code hosted on GitHub
Looking at Graph SDKs and OfficeDev PnPJS library
Don't Get Throttled!
• Microsoft Graph endpoint is normally performant (dynamic scaling/throttling)
• HTTP 429 (too many requests) response code
• “10,000 requests in a 10-minute period per user”
• App-only perms. count as single user
• Can be throttled on per tenant basis
• Plan for graceful degradation on 429 response
• Respect the Retry-After header
• Check for Rate-Limit-Reason header
• Use webhooks rather than polling
• Retrieve multiple items/request instead of multiple requests
• Use caching and JSON batching where possible
• Use $top, $select etc. to manage payload size
https://www.spdoctor.com/articles/Microsoft_Graph_-_Don't_Get_Throttled!.html
Customer’s boundary in the Microsoft Cloud
Office 365 Azure
Securely extend
Office 365 data to
Azure
Apply defined
data controls
Data at scale
Granular consent
Security & Governance
Customer
data
Product data
Industry data
Enable big data
and machine
learning
Microsoft Graph data connect
Users Messages Calendar Events Mailbox Settings
….starting with critical Office 365 datasets
Contacts
M365 Data
Application Developer
Customer’s M365 subscription
Customer O365 Admin
Data Factory Blob Storage Databricks Cosmos DB Web Apps
Cognitive
Ser.
App Customer
Customer’s Azure
Subscription
Help me connect - How it’s built
Which to use?
•Legacy APIs: CSOM, EWS, etc.
•REST APIs: Outlook, SharePoint, etc.
•Language-specific wrappers, e.g. PnPJS (open source, community driven)
•Microsoft Graph REST API
•Microsoft Graph language-specific wrappers
What if we want more?
Sign up for the Office 365 Developer Program
Start at http://dev.office.com
Download Sample Code
Build samples using Visual Studio
or modern web development tools
like NodeJS, Yeoman and Visual
Studio Code:
https://graph.Microsoft.com/get-
started
Think about your business challenges
Solve real business problems with Microsoft Graph and SharePoint Framework
Call to Action
THANK YOU