How to authenticate Microsoft Graph without a user in Dialogue Studio
Some resources of Microsoft Graph requires an access token. This guide will tell you how to achieve this. In this example we will be searching a user.
Prerequisites
-
Register your app with Microsoft Entra ID Formerly known as Azure Active Directory (or Azure AD, or AAD):
Register an application with the Microsoft identity platform - Microsoft Graph
-
Make sure your app has the right API permissions. In this scenario we will be listing users:
Get an access token
Now that we have setup the Azure App we can start using it in Dialogue Studio. First step is generating access. We start with a function node.
Steps:
-
Drag and drop a Function node.
-
Open Function node.
-
Enter the following function:
Note: Replace the following:-
[ClientID] = Application (Client ID) can be found in your App overview.
-
[ClientSecret] = Client secret can be generated in "Certificates & Secrets"
CopyFunctionsmsg.credentials = {client_id: "[ClientID]",scope: "https%3A%2F%2Fgraph.microsoft.com%2F.default",client_secret: "[ClientSecret]"};msg.headers = {"Content-Type": "application/x-www-form-urlencoded","Host": "login.microsoftonline.com"};msg.payload = "client_id=" + msg.credentials.client_id + "&scope=" + msg.credentials.scope + "&client_secret= " + msg.credentials.client_secret + "&grant_type=client_credentials"return msg;
-
Now that we prepared our message we can send the request. This is done using a HTTP Request node.
Steps:
-
Drag and drop a http request node.
-
Open Node:
-
Method = Post
-
URL = https://login.microsoftonline.com/[TenantID]/oauth2/v2.0/token
Note: Replace [TenantID], Directory (Tenant) ID can be found in your App overview -
Return = a parsed JSON object
-
-
Connect the end of the Function node to the begin of the HTTP request node.
Next we want to check if our output was successful. This can be done with a Switch node.
Steps:
-
Drag and drop a Switch Node.
-
Open Node:
-
Change Property to msg.statusCode.
-
Add an option for a OK response.
== 200
-
Add the option otherwise for any other response.
-
-
Connect end of the HTTP request node to begin of the Switch Node.
If the response was 200 OK then we can store the tokens. Note that an access token is only valid for one hour, for that reason we also store the expiration time. This can be done with a Function node.
Steps:
-
Drag and drop a Function node.
-
Open Function node.
-
Enter the following function:
CopyFunctionvar access_token = msg.payload.access_token
flow.set('at', access_token);
var date = new Date();
msg.date = new Date();
flow.set('expire', new Date(date.setHours(date.getHours()+1)));
return msg; -
Connect "== 200" of the Switch node to begin of the Function node.
Now we have our token and we can start using it.
Call Microsoft Graph with the access token
With our tokens in memory we can call Microsoft Graph. Before we start we need to check if the token is still active. We will do this with a Function node.
Steps:
-
Drag and drop a Function node.
-
Open Function node.
-
Enter the following function:
Next we need to check if our expire time is not past the current time. This is done with a Switch node.
Steps:
-
Drag and drop a Switch Node.
-
Open Node:
-
Change Property to flow.expire
-
Add an option for if not expired
>= msg.date
-
Add the option otherwise for expired
-
-
Connect end of the Function node to begin of the Switch Node.
We are going to continue on the not expired flow. The expired flow can go back to begin of chapter Get an access token.
Our next step is to prepare the request, this is done using a Function node.
Steps:
-
Drag and drop a Function node.
-
Open Function node.
-
Enter the following function:
Note: The payload can be different based on the resource you are using. In this case we are creating a meeting.CopyFunctionmsg.headers = {
"Authorization": "Bearer " + flow.get('at'),
"Host": "graph.microsoft.com"
};
return msg; -
Connect ">= msg.date" of the Switch node to begin of the Function node.
Now that we prepared our message we can send the request. This is done using a HTTP Request node.
Steps:
-
Drag and drop a http request node.
-
Open Node:
-
Method = Post
-
URL = https://graph.microsoft.com/v1.0/users/?$filter=startswith(givenName, '{{{q}}}') OR startswith(surname, '{{{q}}}')
Note: {{{q}}} is an example on how to filter the list, more examples. -
Return = a parsed JSON object
-
-
Connect the end of the Function node to the begin of the HTTP request node.
The output is stored in msg.payload and can be used in the rest of your flow.