Leveraging the Graph API opens up access to the continually evolving Azure services as shown in the graphic below.Source graph.The key difference between using a client library and going direct is you need to register and configure an Azure Web App. Jump on over to the Office 365 App Registration Tool here.Through a number of my previous posts I’ve interacted with the Graph API using client libraries such as the library.
Alternatively, you can use the OAuth 2.0 Access Token Enforcement Using External Provider policy to secure an API in Anypoint Platform from client apps that try to access the API.
However, if you want a Mule client app to access OAuth 2.0-protected resources outside Anypoint Platform, you configure the HTTP Requester connector.
Here’s the settings I selected for access to user profiles. This is the name that you’ll see in the OAuth Authorization step later on. Don’t worry about the Sign In and Redirect URL’s other than configuring HTTPS as we’ll be using Power Shell to access the Web App.
Once you’ve registered the Web App successfully you’ll get a Client ID and Client Secret.
Sign in with an account associated with the Azure Tenant you are going to interact with.
Depending on what you’re doing you’ll need to select the appropriate access.
Then, user will have to allow your application for the usage, what will give you the access to his private data, access token is the key to that door.
Here I am going to make use of my two custom class, one is MYWeb Request, that I have discussed before while showing way of creating http request using c sharp; Another is My FB, a simple class that utilizes Facebook C# API library and meet my custom needs 🙂 You can get the code snippet of My Web Request class from the related post linked above, and here is the code sample for the My FB class, which you can also use by enhancing/extending for your custom needs: To allow access, Facebook requires that you redirect the user to the Facebook page(given of Facebook API documentation) where user is asked to allow his private information access to the application.
In this case, you do not use the OAuth 2.0 Access Token Enforcement Using External Provider policy.