Context
I have a working ASP.NET Core Web App, which uses Entra ID authentication:
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddInMemoryTokenCaches();
For this authentication to work I've created an Azure App registration and the configuration of the authentication contains the respective Client ID, Client secret and Tenant Id. I've added the necessary graph permissions for the Azure App registration.
I would like to call the Graph API in this web applicationfor example:
var meeting = new OnlineMeeting() { Subject = "demo meeting" };
var result = await graphClient.Me.OnlineMeetings.PostAsync(meeting);
All sample code I found is either uses device flow to get the graphClient
, or uses depreciated or breaking changed authentication to create the graphClient
Question
How can I create a graphClient
?
Your appsettings.json should contain something like this:
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"ClientId": "<client_app_id>",
"TenantId": "common",
// To call an API
"ClientCredentials": [
{
"SourceType": "ClientSecret",
"ClientSecret":"<client_secret>"
}
]
},
"GraphV1": {
"BaseUrl": "https://graph.microsoft.com/v1.0",
"Scopes": ["<scope>"]
}
}
Add NuGet packages Microsoft.Identity.Web
and Microsoft.Identity.Web.GraphServiceClient
.
To initialize Graph service client:
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Identity.Web;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration, "AzureAd")
.EnableTokenAcquisitionToCallDownstreamApi()
.AddMicrosoftGraph(builder.Configuration.GetSection("GraphV1"))
.AddInMemoryTokenCaches();
Now in your controller, add GraphServiceClient
into the constructor, it should be automatically resolved.
public HomeController(ILogger<HomeController> logger, GraphServiceClient graphClient)
{
_logger = logger;
_client = graphClient;
}
Be aware that with client secret, you can't call me
endpoint, you need to call users/{user_id}
.
var meeting = new OnlineMeeting() { Subject = "demo meeting" };
var result = await graphClient.Users["{user_id}"].OnlineMeetings.PostAsync(meeting);