Office 365 – Microsoft Graph – Part 3 – Azure Access Token: to call Graph APIs from CSOM

Hi All,

In this article we will discuss most important concept “Azure Access Token”, which we require to call Graph APIs.

In last couple of articles, we started discussion about Microsoft Graph and one simple use case – to fetch Office 365 groups using Microsoft Graph APIs and using CSOM.

We have certain steps to use Graph APIs and in last following couple of articles we are discussing those steps

Office 365 – Microsoft Graph and Graph Explorer

Office 365 – Microsoft Graph beginning – Part 1

Office 365 – Microsoft Graph – Part 2 – Granting permission to Azure Apps to use Microsoft Graph APIs using CSOM

In this article we will discuss most important concept – Azure Access Token, we require Access Token to call the Graph APIs.

Let’s begin the show:

What is Access Token?

Access Token is 64-bit encoded JSON Web Token (JWT)

Example:

EwAoA8l6BAAU7p9QDpi/D7xJLwsTgCg3TskyTaQAAXu71AU9f4aS4rOK5xoO/SU5HZKSXtCsDe0Pj7uSc5Ug008qTI+a9M1tBeKoTs7tHzhJNSKgk7pm5e8d3oGWXX5shyOG3cKSqgfwuNDnmmPDNDivwmi9kmKqWIC9OQRf8InpYXH7NdUYNwN+jljffvNTewdZz42VPrvqoMH7hSxiG7A1h8leOv4F3Ek/oeJX6U8nnL9nJ5pHLVuPWD0aNnTPTJD8Y4oQTp5zLhDIIfaJCaGcQperULVF7K6yX8MhHxIBwek418rKIp11om0SWBXOYSGOM0rNNN59qNiKwLNK+MPUf7ObcRBN5I5vg8jB7IMoz66jrNmT2uiWCyI8MmYDZgAACPoaZ9REyqke+AE1/x1ZX0w7OamUexKF8YGZiw+cDpT/BP1GsONnwI4a8M7HsBtDgZPRd6/Hfqlq3HE2xLuhYX8bAc1MUr0gP9KuH6HDQNlIV4KaRZWxyRo1wmKHOF5G5wTHrtxg8tnXylMc1PKOtaXIU4JJZ1l4x/7FwhPmg9M86PBPWr5zwUj2CVXC7wWlL/6M89Mlh8yXESMO3AIuAmEMKjqauPrgi9hAdI2oqnLZWCRL9gcHBida1y0DTXQhcwMv1ORrk65VFHtVgYAegrxu3NDoJiDyVaPZxDwTYRGjPII3va8GALAMVy5xou2ikzRvJjW7Gm3XoaqJCTCExN4m5i/Dqc81Gr4uT7OaeypYTUjnwCh7aMhsOTDJehefzjXhlkn//2eik+NivKx/BTJBEdT6MR97Wh/ns/VcK7QTmbjwbU2cwLngT7Ylq+uzhx54R9JMaSLhnw+/nIrcVkG77Hi3neShKeZmnl5DC9PuwIbtNvVge3Q+V0ws2zsL3z7ndz4tTMYFdvR/XbrnbEErTDLWrV6Lc3JHQMs0bYUyTBg5dThwCiuZ1evaT6BlMMLuSCVxdBGzXTBcvGwihFzZbyNoX+52DS5x+RbIEvd6KWOpQ6Ni+1GAawHDdNUiQTQFXRxLSHfc9fh7hE4qcD7PqHGsykYj7A0XqHCjbKKgWSkcAg==

Access token contains information about

  1. our app (claim).
  2. Permission app has for the resource (Microsoft cloud service => Office 365 Groups, Users, Mail, contact etc.) – ensures that caller has proper permissions
  3. It contains information about API available through Microsoft Graph

Steps to get the Access Token in CSOM code

  1. To call Microsoft Graph, our app must acquire an access token from Azure Active Directory (AD), Microsoft cloud identity service.
  2. Our app need to be able to authenticate with Azure AD.
  3. We attach the access token as a Bearer token to the Authorization header in HTTP request as

HTTP/1.1

Authorization: Bearer EwAoA8l6BAAU … 7PqHGsykYj7A0XqHCjbKKgWSkcAg==

Host: graph.microsoft.com` GET https://graph.microsoft.com/v1.0/me/

References:

Azure Active Directory access tokens

Authorize access to Azure Active Directory web applications using the OAuth 2.0 code grant flow

AuthenticationContext Class

AuthenticationResult Class

Thanks for reading 😊

Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.

If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles

Advertisements

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.