# Microsoft Graph There is an included Graph client with two authorization models built right in. Most of the prebuilt functionality is around the drive, site, lists and teams workloads. However, you can easily extend the functionality if you need something specific! ## Authorization To use either, go to and create an app registration. ### Client\_Credentials This authorization type is used when supplying direct application ID/Secrets from a registered application. The registered permissions are usually administratively granted and there is no delegation ("as a user") required. ```csharp PerigeeApplication.ApplicationNoInit("Graph", (c) => { var Graph = new GraphClient("tenant", "appID", "appSecret", c.GetLogger()); }); ``` That's it! Once you have the client, call other methods: ```csharp var site = Graph.GetSiteByPath(new Uri(@"https://company.sharepoint.com/sites/dev1")); var drive = Graph.GetSiteDrive(site.id); ``` ### Authorization\_Code + Refresh\_Code This authorization type is best used when you're authorizing a user and your application permissions are assigned as delegated. A good example of this is a service account authorized to pull a DataVerse table, or read teams messages. ```csharp PerigeeApplication.ApplicationNoInit("Graph", (c) => { //Define client var Graph = new GraphClient("tenant", "appID", "appSecret", "offline_access user.read Team.ReadBasic.All", "https://localhost:7201/api/token", "", //Optional domain, leave blank unless talking to dataverse c.GetLogger()); //Give it the initial code, so it can refresh and retrieve the authorization_code and refresh_code CredentialStore.RefreshAuthorizationCode(Graph.credentialName, "CODEHERE"); }); ``` And there you have it, once the initial code is supplied the client is automatically maintained from there on out. If a new token is required the refresh token is automatically supplied and you don't have to think about it again! ```csharp var teams = Graph.GetJoinedTeams(); ``` #### Full Demo To see a full demo including receiving a token from the the response, and awaiting the credentials on load: {% content-ref url="/pages/CZz3yhy4iDuNhnlhfFge" %} [Graph Delegated Authorization + DataVerse](/examples-and-demos/graph-delegated-authorization-+-dataverse.md) {% endcontent-ref %} ## SDK The SDK methods closely match what's defined in the [Graph 1.0 documentation](https://learn.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0). ### Custom Graph Call If a method is missing or you need to override functionality, feel free to use the built in call to submit your own call with authorization, credential management, and retries built in. Use **`RestGraphCall`**, as shown below: ```csharp var response = Graph.RestGraphCall( $"/sites/{sync.siteID}/lists/{sync.ListName}", Method.Get); ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.perigee.software/core-modules/third-party/microsoft-graph.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.