Microsoft Graph is the gateway to Office 365 data. Users, emails, calendars, files—it’s all accessible through one unified API. Here’s how to get started.
What is Microsoft Graph?
Graph is a REST API that provides access to Microsoft 365 services. Instead of separate APIs for SharePoint, Exchange, Teams, etc., you use one endpoint: https://graph.microsoft.com
Authentication
Graph uses OAuth 2.0. You need to register an app in Azure AD:
- Go to Azure Portal → Azure Active Directory → App registrations
- Create new registration
- Add API permissions (e.g., User.Read, Mail.Read)
- Get your Client ID and create a Client Secret
Making Your First Call
// Using Microsoft.Graph NuGet package
var scopes = new[] { "User.Read" };
var clientId = "your-client-id";
var tenantId = "your-tenant-id";
var credential = new InteractiveBrowserCredential(tenantId, clientId);
var graphClient = new GraphServiceClient(credential, scopes);
// Get current user
var me = await graphClient.Me.Request().GetAsync();
Console.WriteLine($"Hello, {me.DisplayName}!");Common Operations
// Get user's emails
var messages = await graphClient.Me.Messages
.Request()
.Top(10)
.Select("subject,from,receivedDateTime")
.GetAsync();
// Get user's calendar events
var events = await graphClient.Me.Events
.Request()
.Filter("start/dateTime ge '2019-03-01'")
.GetAsync();
// Get files from OneDrive
var files = await graphClient.Me.Drive.Root.Children
.Request()
.GetAsync();Graph Explorer
Before writing code, test queries in the Graph Explorer: https://developer.microsoft.com/graph/graph-explorer
It’s invaluable for understanding response shapes and testing permissions.
Permissions
Graph uses granular permissions:
- Delegated: User signs in, app acts on their behalf
- Application: App acts as itself (daemon/service)
Always request the minimum permissions needed.
References
Discover more from C4: Container, Code, Cloud & Context
Subscribe to get the latest posts sent to your email.