This article is contributed. See the original author and article here.
Matt Collins Jones and I presentedAPI’s – The most powerful tool, anyone can use!for D365 UG and Swiss Power Saturday recently and I thought it would be good to share the Cloud Flow I created to automate the onboarding of external users to a Microsoft Team.
This is usually an admin driven activity – A team owner will have to type in the email address for each guest they want to add, rather than something you can push to external users and allow them to request access.
By using the Graph API via a Custom Connector, Microsoft Forms and Power Automate, we are able to realise this quickly and save a lot of time and effort in the manual process.
Also, I have been lucky to have this solution accepted as part of the samples in theMicrosoft Patterns And Practicesinitiative, so the Flow, Custom Connector and implementation instructions are available in GitHubhere.
Getting Hands-On With Graph
The main part of this flow is numerous calls to theGraph API. The Graph API is Microsoft’s standard endpoint to expose and interact with data relevant to your tenant. It includes Microsoft 365 (such as Teams, Exchange, SharePoint, Workspace Analytics), Enterprise and Mobility and even Windows 10 activities and devices. It really should be seen as a single stop shop for anything and everything in your tenant. The only thing it doesn’t expose is D365 data.
There is aGraph connectoralready available in Power Automate, but it is very limited to Security considerations. Thankfully, the rest of the Graph API abilities are available, but you have to go via a custom connector. You could call these directly via an HTTP request action, but by wrapping the Graph API in a connector, you are enabling other members of your organisation to re-use the connector and security you establish.
Microsoft also allows you to “play” with the Graph API as well, via theGraph Explorer. This web interface shows you all the sample calls you can make and also what permissions you require to call it and allows you to set up a call without using Power Automate or configuring a connector. It really should be the starting point for any Graph Customer Connector.
If things go wrong, it is usually around the permissions. Within the Graph Explorer you can consent to these extra permissions on the fly, but more importantly, tells you what you need to configure in the permissions of your App registration to allow your connector the same access.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
Recent Comments