How to Add users to Azure Active Directory with Graph API

Question

I am trying to understand how Azure Active Directory Graph API works for adding users to the directory. According to this:

http://msdn.microsoft.com/en-us/library/azure/dn130117.aspx

I need to acces the graph API URL and pass in something called a "bearer token" in the "Authorization" header so that it will allow me to add the user specified in the request's body. However, I have no idea where I can get one of these tokens. All my research points to the user having to be already authenticated to get a token, which kind of beats the point, since I want to add the user so he can authenticate.

I have configured my app in the Azure Management Portal, and thought the bearer token was the "Client ID" that I get when I go to my added applications in the Directory. But when I pass this number to the Graph API, I get "Access Token Missing or malformed". I am testing this using the Fiddler Web Debugger app.

Answer 1

These 2 posts describe very thoroughly the steps to get the required token in 2 different scenarios:

Authorization Code Grant flow: http://msdn.microsoft.com/en-us/library/azure/dn645542.aspx

Client Credentials Grant flow: http://msdn.microsoft.com/en-us/library/azure/dn645543.aspx

If you want to use the Client Id and Client Key to authenticate your client to Azure Active Directory, then you should read the 2nd article. The first one is to authenticate an already existing user.

If you want to programmatically get the OAuth2 token, then you could use the AAD authentication libraries: http://msdn.microsoft.com/en-us/library/azure/dn151135.aspx