Microsoft Graph
Microsoft Graph is the API for Microsoft 365. Connect to Office, Windows 10, and Enterprise Mobility + Security to empower creativity and collaboration. 3Sixty has 3 Microsoft Graph based connectors which all use the same authentication connection. Their features implementations vary based on systems. For specifics of each implementation, see the following:
Connector Capability Support
| Connector | Read | Write | Discovery | Content Services |
|---|---|---|---|---|
| MS Graph SharePoint | ✓ | ✓ | ✓ | ✓ |
| MS Graph Teams | ✓ | X | X | ✓ |
| MS Graph One Drive | ✓ | X | X | ✓ |
| MS Graph Mail | ✓ | X | X | X |
Authentication Connection
3Sixty Uses the Microsoft Identity Platform to communicate via the Graph API. You will need to register the 3Sixty application with Azure active directory:
Quick-start: Register an application with the Microsoft identity platform
Set up your application for access:
Auth v2 Service - Authentication and Authorisation Steps
And finally grant Application Permissions via the App registration. Delegated permissions will not work.
Once you have set up your App in Azure, you can now configure your 3Sixty auth connector for Graph.
OAuth
-
Service URL: The login service URL. This will almost always be https://login.microsoftonline.com
-
Scope: The MSGraph permission sets for the OAuth flow. Can be resource or application specific based on which service is being contacted.
-
Tenant Id: The directory tenant the application plans to operate against, in GUID or domain-name format.
-
Client Id: The directory tenant the application plans to operate against, in GUID or domain-name format
-
Client Secret: The directory tenant the application plans to operate against, in GUID or domain-name format.
-
Callback URL: The URL for Microsoft to call back to during the OAuth Flow. (This is a Read Only Field. It can't be edited by the user)
-
Authorisation Code: The Authorization code obtained through the OAuth Flow. (This is a Read Only Field. It can't be edited by the user)
-
Access Token: The Access token obtained through the OAuth Flow. (This is a Read Only Field. It can't be edited by the user)
-
Refresh Token: The Refresh token obtained through the OAuth Flow that is used to refresh the Authorization Code when it expires. (This is a Read Only Field. It can't be edited by the user)
Client Secret
The Tenant ID, Client ID, and Client Secret, are all provided to you during your App registration from above.
-
Tenant Name: The name of your tenant. This appears as [tenant].sharepoint.com or [tenant]-my.sharepoint.com in your site url.
-
Tenant ID: The directory tenant the application plans to operate against, in GUID or domain-name format.
-
Client ID: The directory tenant the application plans to operate against, in GUID or domain-name format.
-
Client Secret: The directory tenant the application plans to operate against, in GUID or domain-name format.
-
Azure Application: The name of the azure application. Including this can help performance for enterprise applications.
-
Graph API Logging:
Need help integrating Microsoft Graph? We can help.