Microsoft Graph

Microsoft Graph is the gateway to data and intelligence in Microsoft 365. Microsoft Graph provides a unified programmability model that you can use to take advantage of the tremendous amount of data in Office 365, Enterprise Mobility + Security, and Windows 10.

Integration with LogicHub

Connecting with Microsoft Graph

To connect to Microsoft Graph following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • Tenant ID: Tenant ID of the app created in Azure Active Directory.
  • Client ID: Client ID of the app created in Azure Active Directory.
  • Client Secret: Client secret of the app created in Azure Active Directory.

Permission Notes

  • For Some actions (Example: Get managed device by MAC address), An admin user needs to grant admin consent to the 'DeviceManagementManagedDevices.Read.All' and 'DeviceManagementManagedDevices. ReadWrite.All' permissions. Applications are authorized to call managed device data when they are granted permissions by an admin user as part of the consent process ("Grant Admin consent for Active_Directory").
  • Some actions need work or school account.
  • Application Permissions (if available) will be applied as LogicHub uses OAuth 2.0 client credentials grant method. For more information click here. Reference image:

Actions with Microsoft Graph

List Users

Users are the representation of an Azure Active Directory (Azure AD) user account. This action retrieves a list of user objects.

Inputs to this Action

  • Connection: Choose a connection that you have created.

Output of Action
Return a list of JSON where each JSON representing the user.

Fig 1Fig 1

Fig 1

Get User

Users are the representation of an Azure Active Directory (Azure AD) user account. This action retrieves the properties and relationships of the user object.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).

Output of Action
Return the user object in JSON format corresponding to a given user's principal name or user's unique identifier (ID).

Fig 2Fig 2

Fig 2

Delete User

Users are the representation of an Azure Active Directory (Azure AD) user account. This action deletes the user.

Inputs to this Action

  • Connection: Choose a connection that you have created
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).

Output of Action
Return a JSON with no error on successful deletion as shown in Fig 3.

Fig 3Fig 3

Fig 3

Get User's Manager

Returns the user or contact assigned as the user's manager.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).

Output of Action
Return the user or contract if the manager exists as shown in Fig 4 else error with the message as shown in Fig 5.

Fig 4Fig 4

Fig 4

Fig 5Fig 5

Fig 5

Get User's Direct Reports

Returns the users and contacts for whom this user is assigned as manager.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).

Output of Action
Return a JSON object whose value field contains the list of users and contacts for whom the given user is assigned as manager.

Fig 6Fig 6

Fig 6

List messages

Get the messages in the signed-in user's mailbox (including the Deleted Items and Clutter folders).

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).
  • Custom OData query (Optional): Jinja templated custom OData query to retrieve a list of messages. Refer https://docs.microsoft.com/en-us/graph/query-parameters to construct a valid OData query. Example: $filter=subject eq '{{subject_column}}' and from/emailAddress/address eq '{{sender_email_column}}'&$top=5. (Default is no filter)
  • Number of messages to be fetched (Optional): Number of messages to be fetched (Default 10).

Output of Action
Return a list of message objects. The value field in JSON will contain a list of messages. In the below screenshot, there are zero messages corresponding to a given user's principal name or user's unique identifier (ID).

Fig 7Fig 7

Fig 7

Get Message

Retrieve the properties and relationships of a message object.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Message's unique identifier (ID): Message's unique identifier (ID).
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).

Output of Action
Return a message object in JSON format corresponding to the given message ID and user's principal name or user's unique identifier (ID).

Delete Message

This action deletes a message.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Message's unique identifier (ID): Message's unique identifier (ID).
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).

Output of Action
Return a JSON with no error on successful deletion.

Block Messages

Blocks Messages/Mails received from specified email addresses. Sends them to the "Junk Email" folder.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • User's principal name or user's unique identifier (ID) Column name: Column name from parent table containing the user's principal name or user's unique identifier (ID).
  • Email addresses to block: Jinja-templated comma-separated email addresses to block receiving an email from.
  • Rule Name: Jinja-templated rule name to assign to the configured rule that blocks messages/emails from specified email addresses.

Output of Action
Return a JSON with details of the Rule that'll block messages.

List Security Alerts

This action lists security alerts.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Jinja Template for Custom OData query :Jinja template for custom OData query to retrieve a list of alerts (Default is no filter). Example: $filter={{property_column}} eq '{{property_value_column}}'&$top=5 . For more OData query parameters click here.

Output of Action
Return a list of security alerts.

Get Security Alert

This action gets a security alert.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Microsoft Graph AlertId Column name: Column name from parent table containing Microsoft Graph Alert ID.

Output of Action
Return a security alert object in a JSON format corresponding to the given alert ID.

Update Security Alert

This action updates the security alert.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Microsoft Graph AlertId Column name: Column name from parent table containing Microsoft Graph Alert ID.
  • Query Template: Query Template in JSON format referencing the inputs table columns by {{column_name}}.

Output of Action
Return an updated security alert object in JSON format, if the update is successful.

List Directory Audit Logs

Gets the list of audit logs generated by Azure Active Directory.

Inputs to this Action

  • Connection: Choose a connection that you have created
  • Optional: Query Filter Template: Jinja-templated query parameter to retrieve just a subset of a collection. Example {{query_column}}.
  • Optional: Top: Sets the number of items in each result. It is used in the pagination of results.

Output of Action
Return a list of JSON where each JSON representing the audit log generated by Azure Active Directory.

Fig 8Fig 8

Fig 8

Get Directory Audit Log

Get a specific Azure Active Directory audit log item.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Microsoft Graph Directory Audit Column name: Column name from parent table containing directory audit log ID.

Output of Action
Return an audit log object in JSON format corresponding to the given directory audit log ID.

Fig 9Fig 9

Fig 9

Get Managed Device by MAC Address

Get a managed device (properties and relationships) by MAC address.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • MAC Address Column name: Column name from parent table containing the MAC address of the managed device.

Output of Action
Return a managed device object in JSON format corresponding to the given MAC Address.

List Managed Devices

List properties and relationships of the managed devices and supports custom OData query.

Inputs to this Action

  • Connection: Choose a connection that you have created.
  • Jinja Template for Custom OData query :Jinja template for custom OData query to retrieve a list of devices (Default is no filter). Example: $filter={{property_column}} eq '{{property_value_column}}'&$top=5. For more OData query parameters click here.

Output of Action
Return a list of devices.


Did this page help you?