Posey's Tips & Tricks
Microsoft Graph Primer, Part 1: What Is Microsoft Graph and Why Does It Matter?
Billed by Microsoft as an all-encompassing API, the Microsoft Graph plays a critical role in how developers access Microsoft's various cloud resources.
During a conversation a few weeks ago, someone asked me a really thought-provoking question: "What is Microsoft Graph?"
Before I could answer, they went on to explain that Microsoft proudly declares that many of its services are powered by Graph, but that almost every Microsoft presentation portrays Graph in a completely different way. Some Microsoft presenters have talked about Graph almost as if it is some sort of machine learning tool, while others have discussed Graph as though it is a data analytics solution. So what is Microsoft Graph?
The simple answer to this question is that Microsoft Graph is an API -- nothing more, nothing less. Microsoft describes Graph as "a RESTful web API that enables you to access Microsoft Cloud service resources."
So if Graph is just a Web API, then why does Microsoft make such a big deal out of it? Obviously, I'm not a Microsoft spokesperson and do not know Microsoft's official answer, but from what I have been told, the reason why Graph is so important is because it acts as a unified API.
Not all that long ago, developers used a separate API for each individual Microsoft product. I'm not a developer, but from what I understand, there were separate APIs for things like Exchange Server, SharePoint and Excel. If a developer wanted to write an application that used data from one of the Office applications, they would have to use the appropriate API as an interface to the application.
Graph changed all of that. Graph is a single API that provides access to everything from Exchange Online to Azure Active Directory. This API allows developers to retrieve data by issuing simple HTTP requests. For instance, the Microsoft Web site that I linked to earlier provides an example of a query that retrieves appointments from a user's calendar within a specified time period. Here is the example command as provided by Microsoft:
Although this particular command is used to retrieve data (specifically, appointments on a user's calendar), it is important to understand that Graph is able to do more than just read data from the Microsoft cloud. Graph can also be used to write data to the cloud. This ability to fully interact with Microsoft 365 data is the reason why so many different applications are based around the use of Graph.
This brings up an important point. Your Office 365 environment contains a lot of really sensitive data. As such, you probably don't want just any application having indiscriminate access to that data, so there needs to be a way to determine which apps are able to use Graph and which are not. Additionally, there can be different levels of access. An app might need access to a single user's Office 365 data or it might need access to the entire organization. The way that Microsoft keeps Graph from being abused is by requiring application registration.
One of the more underrated applications included in Office 365 is PowerApps. If you aren't familiar with PowerApps, it is essentially a code-less development platform that relies heavily on Graph. As you can see in Figure 1, PowerApps allows you to use a drag-and-drop interface to create applications that interface with Office 365.
PowerApps lets you create applications from scratch, but it also includes a collection of application templates that you can use to expedite the application development process. Not surprisingly, when you create an application from a template, the template explicitly tells you what type of Microsoft data the application will be able to access, as shown in Figure 2.
When you build an application from one of these templates, PowerApps automatically creates the required connectors. If you look at Figure 3, for example, you can see that there are connectors for Outlook, Office 365 users and Planner that have all been created within the last nine minutes. These connectors were automatically generated by the application template.
If you decide to build a custom application rather than use a template, then you will have to take care of registering the application yourself. Otherwise, Graph won't have access to the information that it needs. I will show you how the registration process works in Part 2.
Brien Posey is a 21-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.