Reputation: 3
Which Microsoft API to use?
We have an ASP.NET MVC project, where I want to access our company users in Office 365. I want our employees to login with their Microsoft-Account that is placed in Office 365.
The last project I did was an ECMA for FIM accessing Azure AD, and with that O could get informations from Office 365, if I recall correctly. That was the Azure AD Graph Client or Azure AD Graph REST API.
I think I could achieve the result I want, with that, but i'm not sure it will be able to authenticate against Office 365, and then there is the Office 365 API, which has alot of features and i'm a little bit overwhelmed by the amount, so I'm not really certain if this would be the right one either.
TL;DR
I want to login to an ASP.NET MVC website, using Microsoft Office 365 credentials, rather than creating a database on our servers and check login data, I want the login checked by Microsoft and just recieve the result (should work with normal web response).
Which API from Microsoft is the right one for me?
Upvotes: 0
Views: 129
Answers (2)
Reputation: 14356
For the specific need you're mentioning, you can use either the Microsoft Graph API, or Azure AD Graph API.
In fact, in both cases, you will be using Azure AD for authentication and signing in. The only difference is which API you will be also be requesting an Access Token for as part of that sign in. (In the OAuth 2.0/OpenID Connect flow, this is the resource.)
Access to one of these APIs is important because you might want additional details about the user that are not present in the ID Token which you get during sign-in. (E.g. group memberships, additional properties on the user, etc.)
In terms of capabilities, Microsoft Graph API is the superset. In addition to all the capabilities exposed by the Azure AD Graph API, the Microsoft Graph API will give you larger selection of options, including interactions with user's mailboxes (Exchange Online), files (OneDrive for Business), etc., which you might want to expose in your application later.
And remember: Least privilege always. When you configure your application in Azure AD, do not give it permissions to Microsoft Graph API features that your application doesn't need.
Upvotes: 0
Reputation: 715
You will find usefuls demos on http://www.github.com/officedev
By the way, here is a great sample based on it : https://github.com/OfficeDev/O365-AspNetMVC-Microsoft-Graph-Connect
And finally, for your new MVC website, I think that using the Microsoft Graph Api is the most powerful way. More informations here : http://graph.microsoft.io
Sebastien
Upvotes: 0
Related Questions
- How to get the Department field from the Office profile using Microsoft Graph?
- If I have multiple Office 365 subscriptions in my Azure AD, for which subscription Microsoft Graph API will return results for
- Is there a Microsoft Graph MS Word API?
- Insert recurring event on office 365 api returns incorrect start and end date
- Microsoft Graph API - Get photo
- Difference between Office 365 REST Api and Microsoft Graph
- Which API can we use for integration of MS Office 365 API with different application? MS office365 or MS graph?
- Is it possible to edit an Office document stored in the cloud using the Office 365 API?
- Silently log onto Microsoft Graph?
- Microsoft Graph accessing through custom login