How to Use Microsoft Graph APIs in Postman | Application Permission

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Hello friends welcome back to our YouTube channel DS Tech mirror topic for today video is how we can use Microsoft graph API using Postman let's get started at a high level these are the steps which are involved in the entire process so just I wanted to let you know that Microsoft graph API are Azure protected API so if you are thinking we can directly use the API in Postman so it won't work you will immediately get access denied to overcome that what we have to do we have to register an application as you ready because our graph API Microsoft graph API is azure protected so we have to register an application as UDD that particular application once we will register it will have it will have its own client ID client secret we can generate then what we have to do we have to give API permissions to that particular application so if I'm using one particular graph API so that need certain kind of permission so I have to give that permission to my application and then once all this process is done using this URL and these headers I will get the access token and then using that access token I will use the API in Postman so don't get confused we will see the entire process in detail today entirely in the form of Hands-On so let's get started first what I will do I will directly use one API en Postman and show you the error and then I will show you how we can overcome that I'm inside my graph Explorer over there there are you know multiple apis you can use any of the apis certain apis needs application permission and others needs delegated permissions what is this application permission means uh without the the user sign in and delegated permission means current user has to sign in on behalf of the current user we will get the access token this we will also see when we will register the application as you're ready so all the apis where hyphen me over here if you will see for example if I'll go to the mail section mail see wherever you will see this mini will work for delegated permission they will not work with application permission and if you have noticed the first slide I have mentioned application permission so today I will cover only application permission and in my next video I will cover the delegated permission and with the help of these two videos complete authentication and authorization of graph API will be covered okay so I'll move back to my API I'm planning to use this planner all the planner tasks for a plan so if you see here we need this plan ID to work over here this is a planner if you are not aware planner is one of the app in our M365 you can open here so what I have done I have already created uh some plan over here spfx and graph API and inside the plan I have created some tasks so I am going to use this SP effects I can use any of the plan but I'm using this spfx and from the URL I can get the plan ID this is my plan ID I'll replace this plan ID over here now if you refused if I permission tab over here it is mentioned one of the following permission is required to run the query so one of the least privilege information over here which is mentioned is required that we will also see when we will register so when we will register an application in azurity right now what I'll do I'll try to run this query so you could see the response is 200 it worked fine and we can see over here it will give us the list of the task you could see this title crud operation so one of the title is current operation so basically it runs successfully now I'll use this same API in my Postman over here in inside this Postman I have this collection so over here I'll create a new request and I'll say get all task I will rename it first let me copy this API now I will rename it get all tasks for a plan this is done now if I run this API directly I'll get an error unauthorized access denied 401 error now we'll see how we can overcome this so as I said we have to register an application as how we can do that go to this portal as your portal you can go by typing this your portal.asure.com then under Azure Services you will see this as your active directory click on this as your active directory because these apis are Azure 80 protected API so we have to use Azure ready now from the left side you could see app registration click on this app registration new registration at the top I will register a new application what is the name of this application I will say Microsoft graph apis this is the name then it is asking for the supported account type I will choose account in this organizational directory only it makes sense I do not have any multi-tenant or personal account so whatever my account is in the current tenant it will use three directional redirect URI it is saying where it will return the access token for now I will leave it as blank otherwise for example if you are using this web Postman you can select that particular URL or you are using any application for example any SharePoint application you can enter that particular URL over here for now I will leave it as blank and I will click on register now guys the moment I register I got this client ID I got this tenant ID and over here you could see client credentials add a client certificate or secret so what I'll do first I'll generate the certificate because for the authentication we need the certificate also or secret so I'll use the secret new client Secret description I will leave blank expire in six months it will expire there are other options as well I'll click on ADD and immediately I will get the client secret and I will save the moment you generated just copy and keep it safe with you because after some time it will get encrypted and then you won't be able to use the same secret maybe you can generate a new one this is done I'll go to overview next what we have client ID as I said over here in my PPT we need the client ID so this is the client ID we need the tenant ID this is the tenant ID so everything else now we have now first what we'll do now to get the authentication how the authentication will work first of all we have to give access to this particular application which we have created what is the permission we need over here from this tab I can get it I will say task dot read one of the permission it is saying but I will give task dot read okay so now this is important over here I'll go to API permission from here add a permission Microsoft graph so guys over here the thing I was talking about delegated permission of the application permissions you could see the explanation your application need to access the API as the signed in user that means the moment I'll run an uh you know run the API I need to first sign in and the nuclei I can use it or your application not as a background service or diamond without assigning user so today I am covering application permission so I will select this I don't need the current user do not need to sign in over here it was related to task I will type task and you could see task.redol select this permission add permission not granted we I have to give the admin consent also only it you know uh admin can do this so make sure you have the correct privileges to do all this activity in Azure reality now this particular application Microsoft graph API has access has this permission and then that particular application can use this API now that means I will using this application credential I can get the access token and using the access token I can you know authenticate this because if you go to the authorization tab over here there is an option called Bearer token and I will remove this and I need token over here so I will get the access token using all these credentials of my application which I have registered in my Azure I'll go back over here and I'll go to the postman and I'll create another request I'll say add request I'll rename it get access token 10. what is the end point to get the access token I have kept it over here you can find all this detail in the description box below as well so you can copy paste from there one thing to note over here you need to replace this with your tenant ID this is my tenant ID so and from where you can get the tenant ID go to your Azure ad and this directory tenant ID is your tenant ID so I have already pasted it over there so make sure this is your tenant ID I will repeat this is the highlighted part I've already highlighted it so I'll copy this and I'll go to the postman I'll paste this URL over here this is done so guys now after having this end point over here next step is how we will do the authentication because if I run this endpoint directly again I will get the error called bad request it is saying the request body must contain the following parameter which we already have Grant underscore type so what I'll do I'll go to the body I'll select this form data and what I can do I can I have to enter all this grant type client ID client secret scope over here one by one or I can do bulk edit I have already copy and I can paste it over here and now if I go to key value edit I will get it over here but I'll tell you what I have done so what you can do type over here Grant underscore type value would be client credential make sure you do not make any type of mistake because this is very important next is this client ID by now you must know that you will get the client ID from the application which you have registered in as your ID this is your client TD application ID client ID just hover over it you will get this icon click on copy then if I go back next is this client secret client secret you will get it from client credential just click on it you will get it from here so as I said it will get encrypted now it got encrypted so make sure you copy it immediately the moment it gets generated otherwise you have to generate it again so this is client secret and then last is the scope scope is which I have mentioned in my slide https graph.microsoft.com dot default so if you will notice only client ident client secret we are getting from this Azure ad application rest other two parameters are fixed their value will remain fixed now I will click on send and you could see status 200 okay we got the access token Now using this access token I can do my authentication guys I got the authentic access token for my application and which is what is my application Microsoft graph API this client ID and we have authorized this particular application that it will be having access on this particular API now I'll go back to my API that planar AP copies this access token between the course value this is your access token go to this get all task for a plan which got failed earlier and now under this Bearer token paste your token you under authorization tab you have to select Wireless token and paste it save I'll say both of both of them and what I'll do I'll click on send now now it should work click on send and you could see the 200 okay we got the response and we were able to authenticate using Postman or graph API if you see the value I am getting the title current operation all the tasks related to the planner I'm getting so guys this is how you can set up the authentication let's see one or more examples so that you can understand it much better so for another API again I will go back to my graph Explorer and let's create this API create a planner task this would be a post request I want to create a new task in my planner so this is the API which I have this is the permission let's check the request body I will say my uh graph API Explorer task I will name it as Explorer task okay and then this is my header permission access token I'll run this query and I got bad request let's see what is the issue okay if I check this response to you here we have the error schema validation has failed validation for field planned ID okay I have to provide a planned ID it makes sense I'll copy the plan ID from here and I'll paste it here now it should create a new task and I'll run the query it got successful Explorer tasks I'll refresh over here and you could see this Explorer task is created automatically now we'll try the same API in my post point so what I'll do I'll immediately copy this API I'll go to the postman I'll say add request in my collection or new request yes I'll paste the end point over here this type is post done rename your API so that even you you can use it at a later Point as a reference so this is create task fine now I have saved it next what I want is yes there are certain headers over here request body so this I have to put it in my body of my email so I will copy this this is because this is the plan ID and this is the title of my task so this will go as a with mine this will go along with my request so I'll go to the body and in raw under raw this time I'll paste it created by Postman this is done and next is if I go to the graph Explorer request header so this is my header content type application slice Json I'll again go to the headers over here and you will search for content type I will get it values application slash Json so this is also done and the only thing is the authorization for authorization what I have to do again I will check the modify permission tab and if you will see over here allow the app to create read update and delete your tasks so this permission is required to read update and delete my task task dot read write again I'll go back to my application in Azure AED no need to register a new application it's the same application Microsoft graph API under the API permission add a permission Microsoft graph application permission and here I will select task task dot rewrite all add permission and now Grant admin consent also so everything is done over here I'll just refresh and again I'll come back to my Postman so now what I have done I have given the access to my application but now the old access token will not work because this access token has the permission only to read the task node to create so what I have to do I have to again generate the new token now this is the latest token this token would be having that particular access go to create task authorization header be a token paste this token over here save and now if you will run it got created status 201 immediate success go to planner task created by Postman so guys we have created the task using our Postman so this is how you can use Postman to use your graph API Now using this you can integrate your graph API in your any application like Java application or Android application you can integrate it this is the way so just to reiterate for you what you have to do first you have to register an application as your ad give your application the required permissions then for application permission you have to use this particular end point to get the access token with all these details if you are using delegated permissions that I will cover in my next video I hope you find this information useful if you like this video please like and share the video and subscribe to the channel to get notification for our upcoming videos till our next video much love keep learning thank
Info
Channel: DS TechMirror
Views: 12,825
Rating: undefined out of 5
Keywords: postman, sharepoint rest api, test restapi, Microsoft Graph API, graph api, dstechmirror, dstech mirror
Id: pgNMjc034j0
Channel Id: undefined
Length: 18min 41sec (1121 seconds)
Published: Sat Jul 29 2023
Related Videos
Graph API SharePoint CRUD + Upload File Guided Steps using Postman (2022)
Voon Technology
26K
From zero to hero with Microsoft Graph API – July 2021
Microsoft Community Learning
53K
Microsoft Graph API Tutorial: Creating Azure AD App, Access Token, and Calling APIs (App Permission)
Dewiride Technologies
25K
How to use Microsoft Graph API in Power Automate - Beginner Tutorial
Deepak Shrivastava
34K
Getting started with Microsoft Graph Postman workspace
Jeremy Thake
59K
Managing with Microsoft Graph (and PowerShell)
John Savill's Technical Training
44K
Copilot for Microsoft 365 How it ACTUALLY Works!
Andy Malone MVP
170K
How You Can Use The Microsoft Graph API in C#
Blue Hippo
14K
Detailed Video - Microsoft Azure REST API Tutorial | Postman | Oauth2.0 Authorization Code Flow
Concepts Work
17K
Master the Graph for Exchange PowerShell
MSExchangeTeam
2.8K
Getting Started with the Microsoft Graph SDK from your JavaScript apps
Microsoft DevRadio
6.7K
How to authenticate as an application with Microsoft Graph API
Elaiza Benitez
58K
How to Register your app with Azure AD | Microsoft Graph API OAuth 2.0 | Authentication | POSTMAN
BEENUM LEARNING
16K
How To Test SharePoint Online REST API Using Postman
DS TechMirror
60K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.