Using Microsoft Graph to develop Microsoft's Exchange Calendar conference and Team

Microsoft   What is Graph?

Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmable model for accessing massive data in Microsoft 365, Windows 10 and enterprise mobility + security.  

This sentence comes from the introduction of Microsoft's official website. It sounds very awkward. In short, it is Microsoft's API.

Understanding Microsoft   Before Graph, you need to know what Microsoft 365 can do? The answer is to be able to do all the online services provided by Microsoft.

Here, in addition to common Web development, it also includes Network, Office, AD domain, security, Internet of things, AI, domain name and so on.




The whole system is like a "Graph" in computer "Graph theory"   People, machines, calendars, tasks, meetings, documents   And so on.

This may be called Microsoft   Graph instead of Microsoft   API reasons.




2. Register your own App

Microsoft   The first step in Graph development is to register your own App. After registering the App in the Microsoft cloud background, you can obtain two important parameters:

Application (client   ID and Directory (tenant)   id) ID.

Application ID is the identification of each application by the system, and Directory ID is the identification of the tenant. (these two parameters are very important. It will be said later that you want to obtain a Token.)


3. Add key

When obtaining the Token, you also need to pass the key. The key can be considered as the password of the ApplicationID, because the ApplicationID is fixed, and the key can be modified regularly by the administrator.

Click "New"   Client   "Secret" is OK. Let the system randomly generate the key.




4. Get Token

Token token is like "employee ID card" in the company. After you have a token, you can read Microsoft   The interface provided by Graph (wait a minute and authorize it),

  The following is a POST URL used to generate a Token,{tenant_id}/oauth2/v2.0/authorize?


Simply break down the above website,

First, the POST URL to{tenant}/oauth2/v2.0/authorize , and then bring the client_id parameter,

The following is the return diagram:


    "token_type": "Bearer",
    "scope": "",
    "expires_in": 3600,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
    "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4..."


When successful, the system will return a JSON string. In fact, the string contains the desired Access   Token token.

Other parameters, expires_in   Indicates that the valid period of a token is 3600 seconds. Each time a token is called, the system will return a different token.

However, if it is called frequently, Microsoft may limit the number of times. Therefore, after obtaining the token, it is usually stored locally and read directly from the local machine each time,

Instead of getting it from the server every time.


5. Generate   Bearer token

The token obtained above has a token_type may change later, but the possibility of feeling change is very low. What is bear token? Bearer's Chinese translation is the holder. In fact, what the hell is Bearer token,

You don't have to care so much. Anyway, it's "Bear + space + Token"   It was produced. In the program, you can piece it up directly.

For example:

Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...

This is the Authorization value of the Request Header.

For example, if you want to Get the list of the top 5 people in the company and directly Get the following web address, Microsoft   Graph will first extract Authorization from the Header, judge your permissions, and then return the results.$top=5  

If using. NET, the basic code is as follows:

string token="Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q..."; 
string url="$top=5";
WebRequest request = (WebRequest)HttpWebRequest.Create(url);
request.Method = "Get";
request.Headers.Set("Authorization", token);


6. Application authorization

By default, the permission of Token is very low. It can only read personal information. Next, it is necessary to authorize API and give App more permissions.

stay   API   permissions   Inside, click   Add   a   Permission, then select the corresponding permission, and then click "Grant"   "Admin consent" authorization



7. Read the user calendar or conference room calendar in Windows 365

At Microsoft   In the Graph, a large number of interfaces are listed, such as   List calendars - Microsoft Graph v1.0 | Microsoft Docs

In each interface, it simply represents the way and website address. GET means that this request needs to be obtained by GET. POST   Indicates that this request needs to be obtained by post.

/me/calendars   The address of the request is


  After the request is sent, the system will return the content in JSON format. These JSON strings can be parsed by using a third-party plug-in

HTTP/1.1 200 OK
Content-type: application/json

    "@odata.context": "$metadata#me/calendars",
    "value": [
            "": "'ddfcd489-628b-40d7-b48b-57002df800e5@1717622f-1d94-4d0c-9d74-709fad664b77')/calendars('AAMkAGI2TGuLAAA=')",
            "id": "AAMkAGI2TGuLAAA=",
            "name": "Calendar",
            "color": "auto",
            "changeKey": "nfZyf7VcrEKLNoU37KWlkQAAA0x0+w==",
            "hexColor": "",
            "allowedOnlineMeetingProviders": [


  8. Use Microsoft's SDK Microsoft graph. Net client library

  Microsoft provides skds in various languages such as Java/ For. NET,   SDK for. NET

  These SDK s encapsulate various verifications and directly provide simple class library calls. Get Microsoft   Driver only needs one sentence of code.

var drive = await graphClient.Me.Drive.Request().GetAsync();




After you are familiar with the above operations, read Microsoft 365   Exchange calendar, meeting information,   establish   Microsoft   Team video conferencing,   Getting user mail in the AD domain becomes very simple.


Posted on Fri, 29 Oct 2021 20:12:44 -0400 by