First published on TECHNET on Feb 06, 2018 This post is a contribution from Mustaq Patel, an engineer with the SharePoint Developer Support team
If we want to do a quick check if the AAD app is working against SharePoint Online using Graph API, we can use postman to set this up quickly. This blog post will demonstrate how to use Graph API with grantType = Authorization code. The blog post will also show how to use version 2.0 OAuth2 endpoint URLs.
For using REST API with POSTMan, please follow the below steps. It also shows how to use Client Credentials grant type.
Using OAuth 2.0 AAD App to retrieve data from SPO site using Graph Step1: Register your AAD app using apps.dev.microsoft.com or by directly browsing Azure Active Directory that is associated with SharePoint Online Tenant. My registration looks like below using https://apps.dev.microsoft.com
Give app a name. Generate new password and copy it somewhere.
Click Request Token. This will ask you to authenticate to your SPO Site and will give you App Consent UI to trust the App. Accept the permissions. Now you can see id_token generated, scroll all the way below and click use token. You may have to cancel the popup 2, 3 times to go to main postman window.
On main postman screen. Provide the Graph Request Url, Select GET operation and click Send. If successful, we should see body showing response from the server like below. For testing we are getting site details by using below Graph request (tenantname will be as per your tenant)https://graph.microsoft.com/v1.0/sites/tenantname.sharepoint.com:/
Note - Getting access token for calling SharePoint APIs will use the same mechanism. The resource will change to "https://<tenant>.sharepoint.com". The app needs to be registered on https://portal.azure.com and should have permissions on the O365 SharePoint Online.