How to Use the ADAL .NET library to Call the Microsoft Graph API in a Console Application (Using Authorization Code Flow)

Introduction This post is to show how to use the ADAL .NET library to acquire a token interactively in a console application. It will go through setting up an Azure Active Directory Application, setting up the .net console application, acquiring an access token, and then make a HTTP request using the token acquired from the ADAL .net library to get 5 users using the Microsoft Graph API.   Setting up your…

Read More

Unable to Modify User Email, Phone Number, Password or Other Personal Information for Azure Active Directory Users

Introduction This post is in regards to the issues in regards to users having issues modifying Azure Active Directory User attributes such as mail, phone number, resetting passwords, or other personal attributes in user accounts. This will review the reason behind these changes and how to resolve the issue. For many users this was something that was working before and only recently stopped working properly.   Reason Behind Change There…

Read More

How to Add an Azure AD Role to a Enterprise Application (Service Principal)

Introduction This post is to help users be able to assign administrative roles to Enterprise Applications/Service Principals so that they can perform duties that would otherwise require a user with elevated permissions to accomplish. This is convenient when a user wishes to use a service principal in order to reset a password, or to perform some activity that requires admin privileges programmatically without an interactive sign in (using client credentials…

Read More

How to Create a New Schema Extension Using the Microsoft Graph Explorer

Introduction This post is to provide a tutorial on how to create a schema extension utilizing the Microsoft Graph Explorer. In this post we will, login to Microsoft Graph Explorer, create the V1 AAD Application, and make the Microsoft Graph Schema Extension call.   Getting the Access Token Please navigate to the Microsoft Graph Explorer at : https://developer.microsoft.com/en-us/graph/graph-explorer Once the page loads, on the left, below authentication you will see…

Read More

GUID Table for Windows Azure Active Directory Permissions

Introduction This blog is meant to help users who need to get the Windows Azure Active Directory Permissions (WAAD) Globally Unique Identifiers (GUIDs) in order to create AAD Applications using the Microsoft Graph API, or for other reasons where they just need to get the GUID for a certain WAAD permission. For further information regarding AAD permissions please refer to the blog post : https://blogs.msdn.microsoft.com/aaddevsup/2018/05/21/finding-the-correct-permissions-for-a-microsoft-or-azure-active-directory-graph-call/   Note: That these GUIDs…

Read More

Using Postman to call the Microsoft Graph API using Authorization Code Flow

Introduction This article will help guide you through utilizing Postman to call a Microsoft Graph Call using the authorization code flow. This is part of a 5 part blog on accessing the Microsoft Graph API utilizing grant types : authorization code, implicit flow, client credentials, password, and refresh token flow. We will be utilizing the same Microsoft Graph call to reduce extraneous details on having to include setting up and…

Read More

Using Postman to Call the Microsoft Graph API Using Client Credentials

Introduction This blog post is to help users stand up an Azure Active Directory Application Registration, explain what permissions will be needed to added to the AAD Application Registration, how to make rest calls to get an access token, and then finally call the Microsoft Graph API to do whatever call you would like to do.   Please note, that not all permissions are going to be within Azure. i.e.…

Read More

Granting Tenant Admin Consent for Microsoft Graph Explorer

Introduction This post is meant for users who are trying to utilize the Microsoft Graph Explorer but are getting an error regarding admin consent. This error is described in the picture below :   Giving Consent for All Users for Microsoft Graph Explorer This error is occurring because the user trying to use the graph explorer is trying to utilize a v2 permission that requires admin consent. The permissions/scopes regarding…

Read More

Changing an existing Native Application to a Web App/API to get existing keys

Introduction   This article is meant to help get the keys from your native application. We used to show the keys in native applications however we took out that feature because the native application is not meant to have keys/secrets. As a result some people have had keys/secrets with their native applications however they currently still use those keys/secrets. This article is to help those people in order to get…

Read More

Tracing All Network Machine Traffic Using MITMProxy for Mac OSX

Introduction This article is meant to help you configure your Mac OS X to be able to track all your network traffic using MITMProxy. This is a free and open source alternative to Fiddler, Charles, and other network tracing alternatives for Linux/mac OS X systems. Also in addition MITMProxy is a more robust system that gives the user more configurability and programmability as there is a Python API for MITMProxy…

Read More