{"id":2056,"date":"2018-11-13T11:00:04","date_gmt":"2018-11-13T11:00:04","guid":{"rendered":"https:\/\/developer.microsoft.com\/en-us\/office\/blogs\/?p=2056"},"modified":"2018-11-13T11:00:04","modified_gmt":"2018-11-13T11:00:04","slug":"30daysmsgraph-day-13-postman-to-make-microsoft-graph-calls","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/30daysmsgraph-day-13-postman-to-make-microsoft-graph-calls\/","title":{"rendered":"30DaysMSGraph \u2013 Day 13 \u2013 Postman to make Microsoft Graph calls"},"content":{"rendered":"<p><a href=\"https:\/\/aka.ms\/30DaysMSGraph\">List of all posts in the #30DaysMSGraph series<\/a><\/p>\n<p>-Today&#8217;s post written by <a href=\"https:\/\/twitter.com\/svarukala\">Srinivas Varukala<\/a><\/p>\n<p>In <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/blogs\/30daysmsgraph-day-12-authentication-and-authorization-scenarios\">Day 12<\/a> we reviewed authentication flows for Microsoft Graph requests.\u00a0 Today we&#8217;ll look at using the Postman tool to make Microsoft Graph queries.\nFor more details, read our documentation at <a href=\"https:\/\/nam06.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fuse-postman&amp;data=04%7C01%7Cv-dawik%40microsoft.com%7Cae3babfaf75d43ba589908d8e94e491e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637515869765719690%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=k%2FCRfXS9rlxFuzWBAEdQlSdGxFJABOdvVcc6COB0T4Y%3D&amp;reserved=0\">Use Postman with the Microsoft Graph API<\/a>.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-2099\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/30DaysMSGraph_Day13_Source-1024x742.jpg\" alt=\"\" width=\"800\" height=\"580\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/30DaysMSGraph_Day13_Source-1024x742.jpg 1024w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/30DaysMSGraph_Day13_Source-300x218.jpg 300w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/30DaysMSGraph_Day13_Source-768x557.jpg 768w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/30DaysMSGraph_Day13_Source.jpg 1280w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<h3>Postman<\/h3>\n<p><a href=\"https:\/\/www.getpostman.com\/\">Postman<\/a> is a popular tool used to quickly test API calls including REST\/JSON based endpoints.\u00a0 Postman can also be used to support every stage of the API lifecycle and it has extensive features that aid in quick prototyping. In this post, we will show you how to make Microsoft Graph API calls using Postman while using the OAuth 2.0 <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/v2-oauth2-client-creds-grant-flow\">client-credentials (app-only) flow<\/a>.<\/p>\n<p>For this article we are going to use Azure AD V2.0 endpoint. From a high level it involves the following steps:<\/p>\n<ul>\n<li>Registering the Azure AD App<\/li>\n<li>Get admin consent for the app<\/li>\n<li>Get access token using the app<\/li>\n<li>Make Microsoft Graph API call using the access token as bearer token<\/li>\n<\/ul>\n<h3>Registering the Azure AD App<\/h3>\n<p>Please refer to <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/blogs\/30daysmsgraph-day-9-azure-ad-applications-on-v2-endpoint\">Day 9<\/a> for the detailed instructions on creating an Azure AD V2 app. Once that is complete, you can continue with the next steps.<\/p>\n<h3>Get Admin Consent for your Application<\/h3>\n<p>In the Azure AD App that we created we selected \u201cUser.Read.All\u201d permission scope which requires Admin consent. Azure AD admins can use the Azure AD Portal to grant the consent for the application, however, a better option is to provide a sign-up experience for administrators by using the\u00a0Azure AD v2.0 &#8220;\/adminconsent&#8221; endpoint.<\/p>\n<p>We need to build a Admin consent URL that\u2019s formatted as shown below:<\/p>\n<p>https:\/\/login.microsoftonline.com\/<strong>{tenant-id}<\/strong>\/adminconsent?client_id=<strong>{client-id}<\/strong>&amp;state=<strong>{random-string}<\/strong>&amp;redirect_uri=<strong>{redirect-url}<\/strong><\/p>\n<p>Here is a sample admin consent URL for the app that was created earlier:<\/p>\n<p><a href=\"https:\/\/login.microsoftonline.com\/2111948a-1ace-49fa-a2e2-111a233ed614\/adminconsent?client_id=83edff0c-36aa-4922-afae-09ebf9c19bdf&amp;state=12345&amp;redirect_uri=https:\/\/www.getpostman.com\/oauth2\/callback\">https:\/\/login.microsoftonline.com\/2111948a-1ace-49fa-a2e2-111a233ed614\/adminconsent?client_id=83edff0c-36aa-4922-afae-09ebf9c19bdf&amp;state=12345&amp;redirect_uri=https:\/\/www.getpostman.com\/oauth2\/callback<\/a><\/p>\n<p>Navigate to the above URL in the browser of your choice. Azure AD enforces that only a tenant administrator can sign in to complete the request. The administrator will be asked to approve all the application permissions that you have requested for your app in the app registration portal.<\/p>\n<p>The following is an example of the consent dialog that Azure AD presents to the administrator:<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-2100 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman1.png\" alt=\"\" width=\"434\" height=\"544\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman1.png 434w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman1-239x300.png 239w\" sizes=\"(max-width: 434px) 100vw, 434px\" \/><\/p>\n<p>Once it is \u201cAccepted\u201d the page will redirect to the redirect_uri along with certain parameters that implies that the consent was successful. Here is an example:<\/p>\n<p><a href=\"https:\/\/app.getpostman.com\/oauth2\/callback?admin_consent=True&amp;tenant=2111948a-1ace-49fa-a2e2-111a233ed614&amp;state=12345\">https:\/\/app.getpostman.com\/oauth2\/callback?<strong>admin_consent=True<\/strong>&amp;tenant=2111948a-1ace-49fa-a2e2-111a233ed614&amp;state=12345<\/a><\/p>\n<h3>Get Access Token using Postman<\/h3>\n<p>Getting access token and further calls to Microsoft Graph will require values like the Tenant ID, Client ID, Secret and Token strings. Postman can be configured to store these values in variables and reuse them across multiple requests. This is a great feature that will save you time.<\/p>\n<p>To create variables in Postman, click on the <strong>eye icon<\/strong> (also known as the &#8220;Environment quick look&#8221;)\u00a0 located top right corner of the application. This opens a popup window with an option to add new environments and variables.<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-2101 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman2.png\" alt=\"\" width=\"624\" height=\"330\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman2.png 624w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman2-300x159.png 300w\" sizes=\"(max-width: 624px) 100vw, 624px\" \/><\/p>\n<p>Create a new environment using the Add link button with below details.<\/p>\n<p><strong>Environment name<\/strong>:<\/p>\n<ul>\n<li>Contoso (pick any name)<\/li>\n<\/ul>\n<p><strong>Variables<\/strong>:<\/p>\n<ul>\n<li>ClientID = [Client ID value that we saved from Azure AD App]<\/li>\n<li>ClientSecret = [Client Secret value that we saved from Azure AD App]<\/li>\n<li>TenantID = [Tenant ID value that we saved from Azure AD App]<\/li>\n<li>AccessToken = [Leave this blank]<\/li>\n<\/ul>\n<p>Use the syntax <strong>{{variable-name}}<\/strong> to refer to a variable value in the requests. Example: {{ClientID}}<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-2102 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman3.png\" alt=\"\" width=\"624\" height=\"560\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman3.png 624w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman3-300x269.png 300w\" sizes=\"(max-width: 624px) 100vw, 624px\" \/><\/p>\n<p>Select the above created environment in the environment dropdown. Then create a New request in Postman with below details.<\/p>\n<ul>\n<li>Request Type: POST<\/li>\n<li>Request URL: <a href=\"https:\/\/login.microsoftonline.com\/%7b%7bTenantID%7d%7d\/oauth2\/v2.0\/token\">https:\/\/login.microsoftonline.com\/{{TenantID}}\/oauth2\/v2.0\/token<\/a><\/li>\n<li>Body Type: x-www-form-urlencoded<\/li>\n<li>Body Key\/Value Pairs:\n<ul>\n<li>grant_type = client_credentials<\/li>\n<li>client_id = {{ClientID}}<\/li>\n<li>client_secret = {{ClientSecret}}<\/li>\n<li>scope = <a href=\"https:\/\/graph.microsoft.com\/.default\">https:\/\/graph.microsoft.com\/.default<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><em><strong>Note<\/strong>: The scope &#8220;https:\/\/graph.microsoft.com\/.default&#8221; tells the Microsoft Graph to return a token with the application permissions already configured for the Azure AD app.<\/em><\/p>\n<p>Click Send button to make a request to get an Access Token. In the below screen you can see the request that was built, along with the response showing the access token (truncated for brevity).<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-2103 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman4.png\" alt=\"\" width=\"624\" height=\"420\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman4.png 624w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman4-300x202.png 300w\" sizes=\"(max-width: 624px) 100vw, 624px\" \/><\/p>\n<p>If you are seeing errors, chances are you did not complete the Admin Consent step.<\/p>\n<p>Here is another quick tip to copy the <strong>access_token<\/strong> value to the variable <strong>AccessToken<\/strong> that was created earlier. This avoids the manual step to copy the access_token value to make Microsoft Graph request. Postman supports writing JavaScript Test cases that can execute soon after the request is complete. You can find the Tests tab in the same line of tabs along with Body and Headers. Here is a quick snippet that takes care of copying the value to AccessToken variable:<\/p>\n<p>var json = JSON.parse(responseBody);<\/p>\n<p>pm.environment.set(&#8220;AccessToken&#8221;, json.access_token);<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-2493\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman5b-1024x396.png\" alt=\"\" width=\"800\" height=\"310\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman5b-1024x396.png 1024w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman5b-300x116.png 300w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman5b-768x297.png 768w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman5b-1536x595.png 1536w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman5b-2048x793.png 2048w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>Execute the above request again by clicking <strong>Send<\/strong> button. Once the request is complete, you can verify the variable values by clicking the <strong>eye<\/strong> icon.<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-2105 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman6.png\" alt=\"\" width=\"624\" height=\"309\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman6.png 624w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman6-300x149.png 300w\" sizes=\"(max-width: 624px) 100vw, 624px\" \/><\/p>\n<h3>Make Microsoft Graph API call using the access token<\/h3>\n<p>We will now use the Access Token to make Microsoft Graph API call to get a list of users in the organization.<\/p>\n<p>Build a New request with below details.<\/p>\n<ul>\n<li>Request Type: GET<\/li>\n<li>Request URL: <a href=\"https:\/\/graph.microsoft.com\/v1.0\/users\">https:\/\/graph.microsoft.com\/v1.0\/users<\/a><\/li>\n<li>Headers:\n<ul>\n<li>Key: Authorization, Value: Bearer {{AccessToken}}<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Note the {{AccessToken}} is reused in this request as a Bearer token in the Headers for Authorization.<\/p>\n<p>Send this request to get back a list of users in the organization.<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-2106 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman7.png\" alt=\"\" width=\"624\" height=\"478\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman7.png 624w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2018\/11\/Day-13-Postman7-300x230.png 300w\" sizes=\"(max-width: 624px) 100vw, 624px\" \/><\/p>\n<h2>Try It Out<\/h2>\n<p>Using Postman try below Microsoft Graph API calls:<\/p>\n<p><a href=\"https:\/\/github.com\/microsoftgraph\/30DaysMSGraph-TryItOut\/blob\/master\/Day13-Postman.md\">Day 13 repo link<\/a><\/p>\n<ol>\n<li>Use Paging and NextLink discussed on <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/blogs\/30daysmsgraph-day-7-paging-and-nextlink\">Day 7<\/a> to get all users.<\/li>\n<li>Use filter query parameters to filter the users by JobTitle.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p>Join us tomorrow as we show you how to batch requests to Microsoft Graph in <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/blogs\/30daysmsgraph-day-14-batch-processing\">Day 14<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In Day 12 we reviewed authentication flows for Microsoft Graph requests.\u00a0 Today we&#8217;ll look at using the Postman tool to make Microsoft Graph queries.<\/p>\n","protected":false},"author":73055,"featured_media":25159,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3],"tags":[84],"class_list":["post-2056","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-graph","tag-30daysmsgraph"],"acf":[],"blog_post_summary":"<p>In Day 12 we reviewed authentication flows for Microsoft Graph requests.\u00a0 Today we&#8217;ll look at using the Postman tool to make Microsoft Graph queries.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/2056","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/users\/73055"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/comments?post=2056"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/2056\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media\/25159"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media?parent=2056"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/categories?post=2056"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/tags?post=2056"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}