How To Create Graph API With Permissions For Employee Directory API Configuration

In Employee Directory application graph API is used to exclude block users, exclude users hidden in GAL, in syncing Azure images, in syncing mobile numbers from Active Directory and in syncing AD properties.

Note: Global Admin access is required to configure Azure API

  • Register app in azure portal with below link Azure portal.
  • Select App registrations.
Appregedp1
  • Select New application registration.
Appregedp2
  • Provide any name and finally click on Register button. You have created your Azure AD application.
Appregedp3

7. Select API permissions and assign Graph User.Read.All (only read permissions are required) permission.

Appregedp4
  • Click on Add permissions.
Appregedp5
  • Click on Grant admin consent.
Appregedp6
  • Click on Authentication from side panel, then on Add a platform button, Configuration platforms opens and select the single page application. Provide employee directory application URL up to Home.aspx from browser URL box and click on configure button.

https://Contoso-5aa2f9508511c7.sharepoint.com/sites/Sitename/EDP/Pages/Home.aspx

Appregedp7
Appregedp8
  • Select the Access tokens & ID tokens and click on save icon
Appregedp9

Now click on overview from side navigation panel and copy the Application ID

Appregedp10
  • Copy ‘Application (client)ID’ and paste it in client ID field of MSAL in Employee directory settings and finally click on submit button, permission requested window opens, select the check box and click on Accept button as shown in below images

Note: In case if fails to connect please refresh the browser and try again.

Appregedp12

Recent Updates

Facebook
Twitter
LinkedIn
Email