calling microsoft graph api via postman

3
votes

Good day SO people.

I am trying to create a REST web service to access MS Graph Calendar API. I would like to test this via postman first before I start to code. After some researching below is what I've reached so far.

  1. Created a Microsoft account with @outlook.com as domain and accessed the outlook utility. I went to the calendar display and plotted some events on the calendar.
  2. Used the account to enter Azure portal and created an Azure Active Directory and a new user in this tenant. I shared the calendar of my Microsoft account to this newly created AAD user.
  3. Used the newly created Azure active directory user to login into Microsoft App Registration Portal. I used this user because I saw in a blog that I need to register an application under "Converged Application". When I use my Microsoft account, there is no Converged Application section in the Application Registration Portal. Below is a screen capture.

  1. I added a "Converged Application" and got the necessary details like the Application ID and Application Secret Key. The platform that I chose is "Web" and I supplied this as redirect URL: https://www.getpostman.com/oauth2/callback. Although, I think I won't be using this because what I need is a seamless login. I don't want to spawn a browser for me to supply my Microsoft account for authorization and authentication.

Upon reading, there are many grant types for you to be authorized and authenticated to use MS Graph APIs. One is Authorization Code Grant Flow which spawns an interface for you to sign-in your Microsoft or AAD account. As mentioned above I need the seamless login so I've tried Client Credentials Grant Type and Resource Owner Grant Type.

  1. Upon creating the application, there are privileges that should be granted to it to control what it can access. I've given the required Delegated and Application permissions to the application in line with the specific MS Graph API that I need to use. Below is a screen capture.

  1. Assuming that I'm all set, I tried to get an access token using this URL:

    https://login.microsoftonline.com/substitute-with-tenant-directory-id/oauth2/v2.0/token

I was able to get an access token using the resource owner grant type. Below is the screen capture.

  1. Next, I tried to access the specific API that I need. Here is the URL:

    https://graph.microsoft.com/v1.0/me/calendar/calendarView?startDateTime=2018-08-01T00:00:00.0000000&endDateTime=2018-08-31T23:59:59.0000000

I've also tried to replace the "me" part in the URL with "users/substitute-with-user-id" but unfortunately I'm getting an error. Below is the screen capture.

I'm stuck because the response says "Unknown Error". Does anybody know what I am missing here?

3
azureazure-active-directorymicrosoft-graph-apiazure-ad-graph-api

3 Answers

0
votes

It is delegated permission token, you can only get current login user's calendar event. If you want to load other user's event, you can use app-only token. Refer to https://developer.microsoft.com/en-us/graph/docs/concepts/auth_v2_service to know how to get app-only token.

0
votes

I have recently called Graph API via postman by following the steps given on This Blog and I think the issue is you are not passing Resource in body. Try to pass the Resource in a body with value https://graph.microsoft.com hope this will solve your issue.

0
votes

Below things worked for me:

https://blogs.msdn.microsoft.com/softwaresimian/2017/10/05/using-postman-to-call-the-graph-api-using-azure-active-directory-aad/

1) Create a access token from Authorization tab, select the type as OAuth 2.0 and click on GET NEW ACCESS TOKEN.

2) Enter the details like below:

Auth URL : https://login.windows.net/common/oauth2/authorize?resource=https://outlook.office.com

Access Token URL : https://login.microsoftonline.com/common/oauth2/token

Client ID: your application id

Secret: secret set while app registration.

3) It will authenticate and token will be created.

4) Select Add token to Header and click on Use Token button.

5) In Body tab select x-www-form.

6) In Header tab it should look like below:

Content-Type : application/x-www-form-urlencoded

Authorization : Bearer (your token generated automatically).

7) Perform POST Operation.