Forum Discussion

SadPython's avatar
SadPython
Copper Contributor
Jun 25, 2024

How to call microsoft graph api inside my web app?

I have a web app embedded in MS Teams. I'm trying to figure out how to call the MS Graph API in my JS code to get user information. How can I do that? 
developer
graph
teams
Nivedipa-MSFT's avatar
Nivedipa-MSFT
Icon for Microsoft rankMicrosoft
Jun 26, 2024

SadPython - Thanks for reporting your issue. 

To call the Microsoft Graph API inside your web app, you can follow these steps:

  1. You need to obtain the name of the permission scope associated with the Graph API you intend to invoke. 

  2. Create a Graph client by adding the scope related to the Graph API you want to call. Here is an example code snippet in TypeScript:

let credential: TeamsUserCredential;
credential = TeamsUserCredentialContext.getInstance().getCredential();
const graphClient: Client = createMicrosoftGraphClientWithCredential(credential, scope);
  1. Finally, call the Graph API and parse the response into a certain model. Here is an example code snippet:
try {
    const graphApiResult = await graphClient.api("<GRAPH_API_PATH>").get();
    // Parse the graphApiResult into a Model you defined, used by the front-end.
} catch (e) {
    // Handle any errors
}

Thanks, 

Nivedipa

------------------------------------------------------------------------------------------ 

If the response is helpful, please click "**Mark as Best Response**" and like it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate. 

  • SadPython's avatar
    SadPython
    Copper Contributor
    Jun 26, 2024
    How do I do step 1? This is an external facing app and the user is logged into teams. When they install or open the tab, I want to prompt them that specific permissions are required and if they accept then my app grabs user information. All of the guides I see are using SSO but I can't manage SSO on my side and the client's side.
    • Nivedipa-MSFT's avatar
      Nivedipa-MSFT
      Icon for Microsoft rankMicrosoft
      Jul 03, 2024

      SadPython -

      To register an external facing app with Azure AD for Teams without using Single Sign-On (SSO), you can follow these general steps:

      1. Register Your App in Azure AD:

        • Go to the Azure portal and navigate to the Azure Active Directory service.
        • Select "App registrations" and then "New registration."
        • Fill in the required details such as the name of your app and the redirect URI (the URL where your app will receive the authentication response).
        • Once registered, you will receive an Application (client) ID.

      2. Configure Permissions:

        • In the app registration, navigate to "API permissions."
        • Add the necessary Microsoft Graph permissions that your app requires, such as User.Read.
        • If admin consent is required for the permissions, you'll need to request that from the tenant admin.

      3. Prompt Users for Consent:

        • When users install or open the tab, you can prompt them for consent using the OAuth 2.0 authorization code flow.
        • Your app will redirect users to the Microsoft login page where they can consent to the permissions your app requires.
        • After consent, Azure AD will redirect back to your app with an authorization code, which you can exchange for an access token.

      4. Use the Access Token:

        • With the access token, your app can call Microsoft Graph API to grab user information.

      Ref Doc: Quickstart: Register an app in the Microsoft identity platform - Microsoft identity platform | Microsoft Learn

Resources