0

We need to call the Microsoft graph API from Angular 7 application to get the users AD group details.

we have registered app in Azure AD and we have read API permission for Azure Active Directory Graph and Microsoft Graph.

now we want to verify whether we are able to access the graph api or not in post man. can any one help how to test in post man.

it would be helpful if any sample code to call the graph api from Angular 7 application

Karuna
  • 11
  • 1
  • 2

1 Answers1

0

You can refer to the following steps to test it in Postman:

Register an application with the Microsoft identity platform. I believe that you have completed this step. But you still need to do more configuration. Get group requires these permissions. I will use Delegated permission: Group.Read.All here. On Azure portal -> your Azure AD app -> API permissions -> Add a permission -> Microsoft Graph -> Delegated permissions.

enter image description here

After adding this permission, don't forget to click on "Grant admin consent for {your tenant}". (There is a delay between permissions being configured and when they appear on the consent prompt. Please wait a few minutes before granting admin consent)

enter image description here

You need to add a client secret for late use (Record it after you get it. It will be unvisable after you leave this page):

enter image description here

Next you could Get authorization. Just access this url in your broswer:

https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id={client id of your Azure AD app}
&response_type=code
&redirect_uri={redirect uri of your Azure AD app}
&response_mode=query
&scope=offline_access Group.Read.All
&state=12345

Use your account to log in and you will get a code in the response in address bar.

Now open Postman to get a token. Genarate a request like this:

enter image description here

After getting the access token, you can call GET https://graph.microsoft.com/v1.0/groups or GET https://graph.microsoft.com/v1.0/groups/{group id} to get the AD group details.

enter image description here

Please note that the value format of Authorization is: "bearer {access_token}". There is a space between "bearer" and "{access_token}".

Here are some Angular code samples for Microsoft Graph for your reference.

Allen Wu
  • 15,529
  • 1
  • 9
  • 20
  • is it possible to get the AD groups details of the particular user belongs too? – Karuna Jan 10 '20 at 01:38
  • Yes. Just call `GET https://graph.microsoft.com/v1.0/users/user id/memberOf` to get groups and directory roles that the user is a direct member of. See reference here: https://learn.microsoft.com/en-us/graph/api/user-list-memberof?view=graph-rest-1.0&tabs=http. And the required permissions are **Directory.Read.All**. – Allen Wu Jan 10 '20 at 01:45
  • what is the best approach to call the graph api ?. directly from angular application or we need to call via Web API ? – Karuna Jan 10 '20 at 01:48
  • @Karuna Directly from angular application is preferred. Microsoft Graph SDK provides convenient interaction and integration. See the samples and quick start I shared in the answer. – Allen Wu Jan 10 '20 at 01:53
  • @Karuna Is there any other concern? If my answer is helpful for you, you can accept it as answer. Thank you. – Allen Wu Jan 10 '20 at 02:06