Forum Discussion

chetan_sk's avatar
chetan_sk
Copper Contributor
Sep 28, 2023

Authenticate Microsoft graph API with username and password without register app

Hi Team,    We have a requirement to send the files to the team channel using python and we came accross the way of doing that using the graph API.   https://learn.microsoft.com/en-us/graph/api/c...
microsoft teams
LeonPavesic's avatar
LeonPavesic
Silver Contributor
Sep 28, 2023

Hi chetan_sk,

Yes, you can authenticate Microsoft Graph API with username and password without registering an app. This is called the Resource Owner Password Credentials (ROPC) flow.

To authenticate with ROPC, you will need to send a POST request to the following endpoint:

https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token

The request body should contain the following parameters:

If the authentication is successful, you will receive a response containing an access token. You can then use this access token to call Microsoft Graph API.

Here is a Python code example:



Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.

 

import requests

tenant_id = "YOUR_TENANT_ID"
username = "YOUR_USERNAME"
password = "YOUR_PASSWORD"

# Build the request
headers = {
    "Content-Type": "application/x-www-form-urlencoded"
}
data = {
    "grant_type": "password",
    "resource": "https://graph.microsoft.com",
    "username": username,
    "password": password
}

# Send the request
response = requests.post(
    f"https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token",
    headers=headers,
    data=data
)

# Check the response status code
if response.status_code == 200:
    # Authentication successful
    access_token = response.json()["access_token"]

    # Use the access token to call Microsoft Graph API
    # For example, to send a chat message to a team channel:
    graph_api_endpoint = "https://graph.microsoft.com/v1.0/teams/{team-id}/channels/{channel-id}/messages"
    headers = {
        "Authorization": f"Bearer {access_token}"
    }
    data = {
        "content": "This is a test message from Python."
    }
    response = requests.post(graph_api_endpoint, headers=headers, json=data)

    # Check the response status code
    if response.status_code == 201:
        # Message sent successfully
        print("Message sent successfully.")
    else:
        # Error sending message
        print("Error sending message:", response.status_code)
else:
    # Authentication failed
    print("Authentication failed:", response.status_code)​

 

It is important that the ROPC flow is not recommended for production use, as it requires users to enter their passwords into your application. Instead, you should use the OAuth 2.0 authorization code flow or the client credentials flow.


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic
(LinkedIn)

chetan_sk's avatar
chetan_sk
Copper Contributor
Sep 29, 2023
Hi Leon , Thankyou for this one I will try this out 🙂

Resources