Microsoft Graph

Version: 1.5.6

Microsoft Graph is the gateway to data and intelligence in Microsoft 365. Microsoft Graph provides a unified programmability model that you can use to take advantage of the tremendous amount of data in Office 365, Enterprise Mobility + Security, and Windows 10.

Connect Microsoft Graph with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for Microsoft Graph.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • Tenant ID: Tenant ID of the app created in Azure Active Directory.
    • Client ID: Client ID of the app created in Azure Active Directory.
    • Client Secret: Client secret of the app created in Azure Active Directory.
  4. After you've entered all the details, click Connect.

Permission Notes

  • For Some actions (Example: Get managed device by MAC address), An admin user needs to grant admin consent to the 'DeviceManagementManagedDevices.Read.All' and 'DeviceManagementManagedDevices. ReadWrite.All' permissions. Applications are authorized to call managed device data when they are granted permissions by an admin user as part of the consent process ("Grant Admin consent for Active_Directory").
  • Some actions need work or school account.
  • Application Permissions (if available) will be applied as LogicHub uses OAuth 2.0 client credentials grant method. For more information click here. Reference image:

Actions for Microsoft Graph

List Users

Users are the representation of an Azure Active Directory (Azure AD) user account. This action retrieves a list of user objects.

Input Field

Choose a connection that you have previously created to complete the connection.

Output

Return a list of JSON objects, each of which represents a user.

Figure 1

Fig 1Fig 1

Fig 1

Get User

Users are the representation of an Azure Active Directory (Azure AD) user account. This action retrieves the properties and relationships of the user object.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Output

Return the user object in JSON format corresponding to a given user's principal name or user's unique identifier (ID).

Figure 2

Fig 2Fig 2

Fig 2

Delete User

Users are the representation of an Azure Active Directory (Azure AD) user account. This action deletes the user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Output

Return a JSON with no error on successful deletion as shown in Fig 3.

Figure 3

Fig 3Fig 3

Fig 3

Get User's Manager

Returns the user or contact assigned as the user's manager.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Output

Return the user or contract if the manager exists as shown in Fig 4 else error with the message as shown in Fig 5.

Figure 4

Fig 4Fig 4

Fig 4

Figure 5

Fig 5Fig 5

Fig 5

Get User's Direct Reports

Returns the users and contacts for whom this user is assigned as manager.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Output

Return a JSON object whose value field contains the list of users and contacts for whom the given user is assigned as manager.

Figure 6

Fig 6Fig 6

Fig 6

List messages (Deprecated)

Get the messages in the signed-in user's mailbox (including the Deleted Items and Clutter folders).

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Custom OData query

Jinja templated custom OData query to retrieve a list of messages.
Refer https://docs.microsoft.com/en-us/graph/query-parameters to construct a valid OData query.
Example: $filter=subject eq '{{subject_column}}' and from/emailAddress/address eq '{{sender_email_column}}'&$top=5. (Default is no filter).

Optional

Number of messages to be fetched

Number of messages to be fetched (Default 10).

Optional

Output

Return a list of message objects. The value field in JSON will contain a list of messages. In the below screenshot, there are zero messages corresponding to a given user's principal name or user's unique identifier (ID).

Figure 7

Fig 7Fig 7

Fig 7

Get Message

Retrieve the properties and relationships of a message object.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Message's unique identifier (ID)

Message's unique identifier (ID).

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Output

Return a message object in JSON format corresponding to the given message ID and user's principal name or user's unique identifier (ID).

Delete Message

This action deletes a message.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Message's unique identifier (ID)

Message's unique identifier (ID).

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Output

Return a JSON with no error on successful deletion.

Block Messages

Blocks Messages/Mails received from specified email addresses. Sends them to the "Junk Email" folder.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier (ID) Column name

Column name from parent table containing the user's principal name or user's unique identifier (ID).

Required

Email addresses to block

Jinja-templated comma-separated email addresses to block receiving an email from.

Required

Rule Name

Jinja-templated rule name to assign to the configured rule that blocks messages/emails from specified email addresses.

Required

Output

Return a JSON with details of the Rule that'll block messages.

List Security Alerts

This action lists security alerts.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Jinja Template for Custom OData query

Jinja template for custom OData query to retrieve a list of alerts (Default is no filter).
Example: $filter={{property_column}} eq '{{property_value_column}}'&$top=5 .
For more OData query parameters click here.

Required

Output

Return a list of security alerts.

Get Security Alert

This action gets a security alert.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Microsoft Graph AlertId Column name

Column name from parent table containing Microsoft Graph Alert ID.

Required

Output

Return a security alert object in a JSON format corresponding to the given alert ID.

Update Security Alert

This action updates the security alert.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Microsoft Graph AlertId Column name

Column name from parent table containing Microsoft Graph Alert ID.

Required

Query Template

Query Template in JSON format referencing the inputs table columns by {{column_name}}.

Required

Output

Return an updated security alert object in JSON format, if the update is successful.

List Directory Audit Logs

Gets the list of audit logs generated by Azure Active Directory.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Query Filter Template

Jinja-templated query parameter to retrieve just a subset of a collection.
Example {{query_column}}.

Optional

Top

Sets the number of items in each result. It is used in the pagination of results.

Optional

Output

Return a list of JSON where each JSON representing the audit log generated by Azure Active Directory.

Fig 8Fig 8

Fig 8

Get Directory Audit Log

Get a specific Azure Active Directory audit log item.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Microsoft Graph Directory Audit Column name

Column name from parent table containing directory audit log ID.

Required

Output

Return an audit log object in JSON format corresponding to the given directory audit log ID.

Fig 9Fig 9

Fig 9

Get Managed Device by MAC Address

Get a managed device (properties and relationships) by MAC address.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

MAC Address Column name

Column name from parent table containing the MAC address of the managed device.

Required

Output

Return a managed device object in JSON format corresponding to the given MAC Address.

List Managed Devices

List properties and relationships of the managed devices and supports custom OData query.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Jinja Template for Custom OData query

Jinja template for custom OData query to retrieve a list of devices (Default is no filter). Example: $filter={{property_column}} eq '{{property_value_column}}'&$top=5. For more OData query parameters click here.

Required

Output

Return a list of devices.

Send Message

Send message.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier(id)

Jinja-templated text containing user's principal name or user's unique identifier(id).

Required

Mail Recipients

Jinja-templated text containing comma separated email ids.

Required

Mail Subject

Jinja-templated text string containing the mail subject.

Required

Type

Select type of email body (Default is Plain Text) [Plain Text/HTML]

Optional

Mail Body

Jinja-templated string containing the mail body.

Required

CC on outbound e-mail

Jinja-templated comma separated email ids, which would be added to cc of the email

Optional

Attachment

Jinja-templated string containing one or more file IDs to attachment. (Can be a comma separated string of lhub_file_id values or a json dict in the format of {"<lhub_id>":"<file_name>"})

Optional

Attachment file extension

Jinja-templated text. If no file name is provided, add this extension to attached files.

Optional

Output

JSON containing following items:

{
  "recipients": [
    "[email protected]"
  ],
  "date_sent": "2022-05-16 13:19:01 UTC",
  "has_error": false,
  "error": null,
  "msg": "E-mail sent successfully",
  "cc": "",
  "attachments": []
}

Move Message

Move a message to another folder within the specified user's mailbox. This creates a new copy of the message in the destination folder and removes the original message.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier(id)

Jinja-templated text containing user's principal name or user's unique identifier(id).

Required

Email message ID

Jinja-templated text containing the ID of the message. Example: {{id}}

Required

Destination Folder Name

Jinja-templated text containing the name of the destination folder.

Required

Output

JSON containing following items:

{
  "has_error": false,
  "result": "Successfully moved e-mails to folder: upper folder",
  "error": null
}

List Messages

Get the messages of a user via User ID or Principal Name (including the Deleted Items and Clutter folders).

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

User's principal name or user's unique identifier(id)

Jinja-templated text containing user's principal name or user's unique identifier(id).

Required

Mailbox Folder

Jinja-templated Path & name of the folder from which to pull email messages (typically Inbox)

Optional

Query Filter Template

Jinja-templated query parameter to retrieve just a subset of a collection. Example {{query_column}}

Optional

Mark Read

Automatically mark messages read when they are pulled by LogicHub (Default is False)

Optional

Unread Only

Pull only unread messages (Default is False)

Optional

Download attachments

Automatically download all attachments with the mail. (Default False)

Optional

Number of messages to be fetched

Jinja-templated text containing the number of messages to be fetched. It'll override $top provided in "Custom OData query" (Default is 10 messages if it is not provided in "Custom OData query" also)

Optional

Output

JSON containing following items:

{
  "attachment_count": 2,
  "attachments": [
    {
      "content_type": "image/png",
      "file_name": "Screenshot 2022-05-09 at 10.59.01 AM.png",
      "hash_md5": "e0932a256500bdea71195548f00b",
      "hash_sha1": "faadf45b94385e11e7bdc507d3d8943575f8",
      "hash_sha256": "5458062b29b094fb16d728c482ca1b8b588674783f2b5c35cb33b6b807",
      "lhub_file_id": "7ffa875650414b8d8fd2de0abe4",
      "size": 23544
    },
    {
      "content_type": "image/png",
      "file_name": "Screenshot 2022-05-09 at 11.26.27 AM.png",
      "hash_md5": "aca46825dff6181cda18b82c9b",
      "hash_sha1": "6a6ec705baa5c0edcca2e4cc5d43cdb9b39",
      "hash_sha256": "035be23d50c1c15245687f62a4ffa197c345ff3afb59d167a9a782bc73d",
      "lhub_file_id": "9c2fdbc81e2d4745a7d067b31f1",
      "size": 21893
    }
  ],
  "body": "<html><head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"></head><body><div dir=\"ltr\">Hi,<div><br></div><div>PFA.<br clear=\"all\"><div><br></div>-- <br><div dir=\"ltr\" class=\"gmail_signature\"><div dir=\"ltr\"><div><div dir=\"ltr\">Thanks,<div>Indrajeet</div></div></div></div></div></div></div></body></html>",
  "body_html": "<html><head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"></head><body><div dir=\"ltr\">Hi,<div><br></div><div>PFA.<br clear=\"all\"><div><br></div>-- <br><div dir=\"ltr\" class=\"gmail_signature\"><div dir=\"ltr\"><div><div dir=\"ltr\">Thanks,<div>Indrajeet</div></div></div></div></div></div></div></body></html>",
  "body_text": "Hi,\n\n  \n\nPFA.  \n\n  \n\n\\--  \n\nThanks,\n\nIndrajeet\n\n",
  "body_type": "HTML",
  "categories": [],
  "changekey": "CQAAABYAAACJG/25+WUFRIgXSi/IudxUAAOCU5iA",
  "date_received": "2022-05-16T12:18:44Z",
  "date_sent": "2022-05-16T12:18:28Z",
  "error": null,
  "from": [
    {
      "email": "[email protected]",
      "name": "Indrajeet Sah"
    }
  ],
  "has_error": false,
  "headers": [
    "Received: from MWHPR0401MB3548.namprd04.prod.outlook.com (2603:10b6:301:79::11) by PH0PR04MB7849.namprd04.prod.outlook.com with HTTPS; Mon, 16 May 2022 12:18:44 +0000",
    "Received: from BN8PR16CA0033.namprd16.prod.outlook.com (2603:10b6:408:4c::46) by MWHPR0401MB3548.namprd04.prod.outlook.com (2603:10b6:301:79::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.14; Mon, 16 May 2022 12:18:43 +0000",
    "X-MS-Exchange-CrossTenant-Id: 09b6e7dd-02b9-4034-84f4-c71214e59109",
    "X-MS-Exchange-CrossTenant-AuthSource: BN1NAM02FT029.eop-nam02.prod.protection.outlook.com",
    "X-MS-Exchange-CrossTenant-AuthAs: Anonymous",
    "X-MS-Exchange-CrossTenant-FromEntityHeader: Internet",
    "X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR0401MB3548",
    "X-MS-Exchange-Transport-EndToEndLatency: 00:00:02.3478748",
    "X-MS-Exchange-Processed-By-BccFoldering: 15.20.5250.018",
    "X-Microsoft-Antispam-Mailbox-Delivery: ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506458)(944626604)(920097)(930097);",
    "X-Microsoft-Antispam-Message-Info: Y+1Ac3uC5hCQDyj1K65/59C9mQmbT/vnPa5GLtAXeEsaaGrRPu0qJxsMw2TCG/sC3v70O39ngeWP7dt5JgCVQMfsNlr9/Ujgg22YZxy0MA4qQXZjvfNrKOdNJ9tZFgLb105Duc30UpmBUSQ9m+3uwSO5Othrt2MkzR6xpCuRIvbqCfhRCGbnIS0VFQDAZXbi4FjMy6rTlclSSVuYLnMgFmQ0wXMhuxLOZeo6lzwvfJLi9MlmfjTnofMFCR+jKYC+hoN0+EsyZ1BG9i57qJ03Q1nYtpnVN1Qsgfuigw66e9AYtrot5Fn1or42np0ZX+wI5fVx+WXzr6EsMmw+D8sM6BpIAqqNw5FsXkjhWJdWsRQqEqWufNcYBe6kiH9WKtvH32+Co4SgC66c4EAq82miS8udaxUVmLMmO8Eo6q7YM5i8J8btzSvInCgA7PVQEbQx57dXsKzZE8kyyj/Nw9tseZuoT91cV3mzgaxplzjMMuTG/fNfzLqhTfG+5eeIJdsLVlk1H9CEQj70T/13Ey48uJ3AjUG4E89DoN9VQ1cAOha6Jg2BJndbvbeI7HTAOSOY6j8GcTw7ms4/mTNz8HZeNuQMW2sbNf7fONxYWyFuDizIWf6B+18nTpchZHdJC+Ki0LKEMq9EiAoMwZH/dTpM/Y224bjgKG7qCHuYLzGLq95ifmZw/s+RoRMIRPtRshoYK8ZmUbNi3trD5c4Jxn9qSh4ResAfQRG8gjYAtiT7q5zXXA/+dKPvCZlje6+v4VFzLHf0/qI9bWeaFjy/IgpHEODm4b0iK+DTAiuCK2XqpniOfKiM/ckECUjWYzG9nSRYxHGcq/nBBPQ+2d0575J+fBzl80idPPYAVaCHqFv765XhuuE9lZjTmPolK0mi3Fh8O4UYpQsY4QRr7Li9URyl7YXXXM89iHftuWG+dsM/kIlOdktAhmPw3MgonbmDunzgtkOUgtbYFlzlrowaPTbA9zXiIHoJWi4mbzIChdGUNsKVRk9smmwaI7XwVMmo+3hxXim4sl320Xk+ZNFGef3PlRmojTF0Oeyarz1n/hD4IDRO/vKGGfPlCbZTbd5QIf713whBUidi7AL8W7Oa5VuItbXOKEfNKtEBez+sdUXtgTARn6pPaCGHwvF+GOVQtB44WYwsMchI2T55U+OHMsyAYKwD+GRfIu6rHgJVJNY9y2CTMaS/+Yqf6aA073NcNctU7H6rNoFGemgvk1llbT/3ZSY1ZRCAiYboV0H4fXMfSj2q6/K/qWQLv+/MxXfwBQ7qRPIQJ1LFhdaNfcv569i9DMJUdLDWeUMKPWFnzplIjSj4T+Prm+hTIDuOWaezTJ6JB66R/1M6gXDD+d26W83+mAPDQzSI8LaseaHJYPMGff3HQL2rOrs9hDLh5bMYfUIT9pC1Lg2ApoKwex8wSv0lYhb/luLRJpvNCsaM+kjkx3NWZl2NOoz7o7VZI3oC+qeaVSup1dY6imTPjfzZDDZmtinlfpN5GXP67DeL/gBgbWUOAMUfFSQqBZ8VhSVKJVE7Kps+rX9qmpNFu8ZJg/tTWv8KtGy716z8dX/tV5dJ3NNciPF43GyR7Qxzk+YShzlADQqYiG8Rg8Oop8j64L/5yYIsemxi/wSMWjUfSbNY6xTL/HxhTIFThxXQ3sMMTjPWc1ynFGY/1x3O8L2KLaM4lBhVpcLRY4vU9Q5oV+R7SIZeRb2OyseEMRMArtj17ZDZl0QMbLNYQ8J2cET0QO4l+j1sKMCtFOwHnHtteTN9u0eGnJynM11BxaHNUW7/rbledmMhxtCb/xJ98fO2al+LtZK0nsu8XcAgpSOfMAhvq3ZHdGwK6J8fIhwbIj9JMwqX"
  ],
  "headers_dict": {
    "Authentication-Results": "spf=pass (sender IP is 209.85.208.178) smtp.mailfrom=logichub.com; dkim=pass (signature was verified) header.d=logichub-com.20210112.gappssmtp.com;dmarc=bestguesspass action=none header.from=logichub.com;compauth=pass reason=109",
    "Content-Type": "multipart/mixed",
    "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;        d=logichub-com.20210112.gappssmtp.com; s=20210112;        h=mime-version:from:date:message-id:subject:to;        bh=IBztBsEpR3QApNW6piOosLTQhZjOMG7WYJIqqcmVG0M=;        b=rpKk50J28MpaBzgZTp4kkBFhv6p1BFbHEc02xufkvM/JS+dX0mzRfS0ozdPcFOI6n7         x/ZaQ0WHlPNN9WG/OveWuVyPaqE94VTtcxnquJZMNohJnk7L01hjsE3bHOFgJCAKxYUG         DgMBmKyE7vq9TCTGSJzk5CjDoSH0OyEDy2/LHBWlt7sb/t9YlJpyb9PDCSYvqgYrhKV8         bDvA0JKu4MEIQuC4ylBgd20TsJVPFFxRvWHaCHa+l2vM8/2N8bzy/+gb0AQ9tQdjHo4h         BZdcfVBE719UucftBRAfYzYRDWJWeE8ranS1Js1PYauod+wXUpUeVp5DQqK86tlaRXQe         3c+A==",
    "Date": "Mon, 16 May 2022 17:48:28 +0530",
    "From": "\"Indrajeet Sah\" <[email protected]>",
    "MIME-Version": "1.0",
    "X-Received": "by 2002:a2e:b5d4:0:b0:250:82fd:129f with SMTP id g20-20020a2eb5d4000000b0025082fd129fmr11004768ljn.467.1652703520262; Mon, 16 May 2022 05:18:40 -0700 (PDT)"
  },
  "id": "AAMkAGNjYTNlNWYhNzliNQBGAAAAAABa8sc5ukLMTKUiPJlQGwspBwCJG-25_WUFRIgXSi-IudxUAAAAAAEMAACJG-25_WUFRIgXSi-IudxUAAOCWh6CAAA=",
  "is_read": false,
  "lhub_ts": "1652706734000",
  "msgid": "<[email protected]>",
  "recipients": [
    "[email protected]"
  ],
  "sender": "[email protected]",
  "subject": "Test Email with multiple attachments",
  "urls": [],
  "urls_all": [],
  "urls_probable": []
}

Release Notes

  • v1.5.6 - Bug fix - encoding issue in mail's header.
  • v1.5.5 - Bug fix - handled case for not returning file id for some type of attachments.
  • v1.5.4 - Added 3 actions: Send Message, List Messages and Move Message, deprecated old List Messages action.

Did this page help you?