Azure Graph Booking API for public application

Question

I would like to use MS Graph Booking API for publicly available application.

Users are going to login with identity providers but obviously are not in our Azure AD. Per my understanding, it's possible to access this API only with delegated AD user permissions. Also as I see Azure B2C AD users seem to not have access to MS Graph API.

Question: Is there a way to expose and use MS Graph Booking API by users who are in our database or in Azure B2C AD?

score 1 · Accepted Answer · answered Apr 15 '20 at 01:27

1

I am afraid there is no such way. To use Microsoft Graph API, we need to provide the appropriate access tokens for the corresponding operations, and we must get the access token from the Microsoft identity platform(formerly Azure Active Directory for developers).

The steps are:

Register your app with Azure AD.
Get authorization.
Get an access token.
Call Microsoft Graph with the access token.

answered Apr 15 '20 at 01:27

Tony Ju

14,891
3
17
31

Thanks @Tony Ju, what if ob backend we use some user credentials to get token with AcquireTokenByUsernamePassword method an will use that token for MS Graph API access? All operations will be protected with our custom authorization logic – petro.sidlovskyy Apr 16 '20 at 16:36
1

@petro.sidlovskyy If the user you provided has permissions to the API, of course you can use that token for MS Graph API. But Microsoft recommends you do not use the ROPC flow, this flow requires a very high degree of trust in the application. – Tony Ju Apr 17 '20 at 01:32

Azure Graph Booking API for public application

1 Answers1