Search code examples
.netmicrosoft-graph-apiasp.net-core-webapimicrosoft-graph-sdksmicrosoft-entra-id

How can I initialize GraphServiceClient by providing an acessToken using Microsoft.Graph v5 sdk

I'm facing problem in initializing GraphServiceClient with the accessToken in my request in Microsoft.Graph v5 SDK

This is Microsoft.Graph v4 implementation. Here I'm trying to invite a user to my Entra ID through an ASP.NET Core Web API (.NET 8). I'm creating GraphServiceClient with the accessToken O received in my request. This is working fine but the problem is now we have Microsoft.Graph v5 which is latest and v4 is outdated and in v5 we don't have DelegateAuthenticationProvider.

var authorizationHeader = HttpContext.Request.Headers["Authorization"].FirstOrDefault();
var accessToken = authorizationHeader.Substring("Bearer ".Length);
var _graphServiceClient = new GraphServiceClient(
                new DelegateAuthenticationProvider(
                    requestMessage =>
                    {
                        requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", accessToken);
                        return Task.FromResult(0);
                    }));
var invitation = new Invitation
{
    InvitedUserEmailAddress = userEmail,
    SendInvitationMessage = true,
    InviteRedirectUrl = "https://loremipsum.app",
    InvitedUserType = "guest" // default is guest,member
};
var invite = await _graphServiceClient.Invitations
    .Request()
    .AddAsync(invitation);
return Ok(invite);
Solution

  • In your case, I would implement IAccessTokenProvider

    public class TokenProvider : IAccessTokenProvider
{
    private readonly string _token;

    public TokenProvider(string token)
    {
        _token = token;
    }

    public Task<string> GetAuthorizationTokenAsync(Uri uri, Dictionary<string, object> additionalAuthenticationContext = default,
        CancellationToken cancellationToken = default)
    {
        // get the token and return it in your own way
        return Task.FromResult(_token);
    }
}

    When creating a new instance of GraphServiceClient, use BaseBearerTokenAuthenticationProvider with your TokenProvider

    var authProvider = new BaseBearerTokenAuthenticationProvider(new TokenProvider(token));
var client = new GraphServiceClient(authProvider);

    Code

    var authorizationHeader = HttpContext.Request.Headers["Authorization"].FirstOrDefault();
var accessToken = authorizationHeader.Substring("Bearer ".Length);
var authProvider = new BaseBearerTokenAuthenticationProvider(new TokenProvider(accessToken));
var _graphServiceClient = new GraphServiceClient(authProvider);
var invitation = new Invitation
{
    InvitedUserEmailAddress = userEmail,
    SendInvitationMessage = true,
    InviteRedirectUrl = "https://loremipsum.app",
    InvitedUserType = "guest" // default is guest,member
};
var invite = await _graphServiceClient.Invitations.PostAsync(body);
return Ok(invite);

    Assume you are using Azure.Identity and Microsoft.Graph NuGet packages.