Use POSTMan and AAD app to get data from SharePoint Online using Graph API
Published May 01 2019 04:10 PM 8,329 Views

First published on TECHNET on Feb 06, 2018
This post is a contribution from Mustaq Patel, an engineer with the SharePoint Developer Support team

If we want to do a quick check if the AAD app is working against SharePoint Online using Graph API, we can use postman to set this up quickly. This blog post will demonstrate how to use Graph API with grantType = Authorization code. The blog post will also show how to use version 2.0 OAuth2 endpoint URLs.

For using REST API with POSTMan, please follow the below steps. It also shows how to use Client Credentials grant type.

Using OAuth 2.0 AAD App to retrieve data from SPO site using Graph
Register your AAD app using or by directly browsing Azure Active Directory that is associated with SharePoint Online Tenant. My registration looks like below using

    1. Give app a name. Generate new password and copy it somewhere.


    1. Click Add platform and Select Web. Add Redirect url which needs to be unique. Please note that after .com it should be /oauth2/callback for postman to work. I normally give


    1. Give permission to the app. Give delegated permission to Microsoft Graph and select Sites.Read.All


    1. Save. The app registration is complete. Keep ApplicationId, password which you copied in #1 and redirecturl for later use in postman.

The permission you request will differ as per what you are retrieving from SPO. For now I am giving Sites.Read.All which will give read permission to the app on all sharepoint sites.

Step 2:

    1. Install latest PostMan (standalone version v5.5.2) from .


    1. Open postman click Authorization and select OAuth 2.0. Click “Get New Access Token”.


    1. Input values as below.
      Callback Url – this should be the redirect Url we copied from app registration
      Auth Url – should be
      Note the resource value is encoded and is
      Cliend Id – is the application Id we copied during app registration
      Client Secret – is the password we copied during app registration


    1. Click Request Token. This will ask you to authenticate to your SPO Site and will give you App Consent UI to trust the App. Accept the permissions. Now you can see id_token generated, scroll all the way below and click use token. You may have to cancel the popup 2, 3 times to go to main postman window.


    1. On main postman screen. Provide the Graph Request Url, Select GET operation and click Send. If successful, we should see body showing response from the server like below. For testing we are getting site details by using below Graph request (tenantname will be as per your tenant)


    1. Below are few graph requests that you can tryGet particular site details (/sites/TeamSite is the path that I am requesting) listitems for a list from root site listitems for another site
      First get that site id by below request the entire id value and replace siteid below

Using OAuth 2.0 version 2 endpoints to retrieve data from SPO site using Graph

For using oauth2 version 2.0 endpoint urls and use graph, the steps are exactly same as above, except the step where we get AccessToken, we have to use Scope and AuthUrl, TokenUrl will change.

Also, please note that 2.0 endpoint urls only support graph APIs and that means for SharePoint it is very limited.

Using same above appregistration, here is my request to get AccessToken using oauth2 version 2.0 urls

Callback Url - this should be the redirect Url we copied from app registration
Auth Url – this should be
Access Token Url – this should be
Scope – List of scopes / permissions example

Main difference between v2.0 urls and older once are below
Auth Url
V1 =

Token Url
V1 =
V2 =

V1 = not needed
V2 = (multiple permissions separated by spaces. We can only have 1 scope which is

Note - Getting access token for calling SharePoint APIs will use the same mechanism. The resource will change to "https://<tenant>". The app needs to be registered on and should have permissions on the O365 SharePoint Online.

Version history
Last update:
‎Sep 01 2020 02:28 PM
Updated by: