Forum Discussion

Michael Shalev's avatar
Michael Shalev
Former Employee
Apr 18, 2018

Authorization and Microsoft Graph Security API

Understanding authorization when calling the Microsoft Graph Security API High-level summary: Security data accessible via the Microsoft Graph Security API is very sensitive and is protected using ...
Michael Shalev's avatar
Michael Shalev
Former Employee
Dec 07, 2018

Hi Brandon,

Yes, App-only AuthNZ is also supported - and covered in the documentation - please note that this approach assumes that Role Based Access Control (RBAC) will be implemented by the calling application.

The Graph Security API GitHub code samples include a https://github.com/microsoftgraph/Graph-Security-API-Auth-Samplethat will let you test and see the contents of the Auth token - both for User/Delegated or for App-only (different tabs).

Also make sure you specify the required scopes for App-Only during app registration 

 

Hope this helps

Michael

Brendon Stempniak's avatar
Brendon Stempniak
Copper Contributor
Dec 08, 2018

Michael,

 

I appreciate your reply! I was still not able to find a code example of app authenticate. All of the listed example only contain code for user it seems unless I keep over looking something. I might just be misunderstanding something due to inexperience but I appreciate your help thus far

  • Michael Shalev's avatar
    Michael Shalev
    Former Employee
    Dec 10, 2018

    Hi Brendon,

    You can download the Auth Helper sample code here:
    https://github.com/microsoftgraph/Graph-Security-API-Auth-Sample

    When you compile and run the application, you'll see three tabs in the app's UI:

    •  User delegated authorization
    • Application-only authorization
    • Help

    Select the second, and provide the AppId and AppKey (Secret) - after verifying that you defined App-Only permissions in the app registration (http://apps.dev.microsoft.com) 

     

    I hope this solves the issue for you

    Michael

Resources