ms_graph {AzureGraph}R Documentation

Microsoft Graph

Description

Base class for interacting with Microsoft Graph API.

Format

An R6 object of class ms_graph.

Methods

Authentication

The recommended way to authenticate with Microsoft Graph is via the create_graph_login function, which creates a new instance of this class.

To authenticate with the ms_graph class directly, provide the following arguments to the new method:

App creation

The create_app method creates a new app registration. By default, a new app will have a randomly generated strong password with duration of 2 years. To skip assigning a password, set the add_password argument to FALSE.

The certificate argument allows authenticating via a certificate instead of a password. This should be a character string containing the certificate public key (aka the CER file). Alternatively it can be an list, or an object of class AzureKeyVault::stored_cert representing a certificate stored in an Azure Key Vault. See the examples below.

A new app will also have a service principal created for it by default. To disable this, set create_service_principal=FALSE.

List methods

All ⁠list_*⁠ methods have filter and n arguments to limit the number of results. The former should be an OData expression as a string to filter the result set on. The latter should be a number setting the maximum number of (filtered) results to return. The default values are filter=NULL and n=Inf. If n=NULL, the ms_graph_pager iterator object is returned instead to allow manual iteration over the results.

Support in the underlying Graph API for OData queries is patchy. Not all endpoints that return lists of objects support filtering, and if they do, they may not allow all of the defined operators. If your filtering expression results in an error, you can carry out the operation without filtering and then filter the results on the client side.

See Also

create_graph_login, get_graph_login

Microsoft Graph overview, REST API reference

Examples

## Not run: 

# start a new Graph session
gr <- ms_graph$new(tenant="myaadtenant.onmicrosoft.com")

# authenticate with credentials in a file
gr <- ms_graph$new(config_file="creds.json")

# authenticate with device code
gr <- ms_graph$new(tenant="myaadtenant.onmicrosoft.com", app="app_id", auth_type="device_code")

# retrieve an app registration
gr$get_app(app_id="myappid")

# create a new app and associated service principal, set password duration to 10 years
app <- gr$create_app("mynewapp", password_duration=10)

# delete the app
gr$delete_app(app_id=app$properties$appId)
# ... but better to call the object's delete method directly
app$delete()

# create an app with authentication via a certificate
cert <- readLines("mycert.cer")
gr$create_app("mycertapp", password=FALSE, certificate=cert)

# retrieving your own user details (assuming interactive authentication)
gr$get_user()

# retrieving another user's details
gr$get_user("username@myaadtenant.onmicrosoft.com")
gr$get_user(email="firstname.lastname@mycompany.com")
gr$get_user(name="Hong Ooi")

# get an AAD object (a group)
id <- gr$get_user()$list_group_memberships()[1]
gr$get_aad_object(id)

# list the users in the tenant
gr$list_users()

# list (guest) users with a 'gmail.com' email address
gr$list_users(filter="endsWith(mail,'gmail.com')")

# list Microsoft 365 groups
gr$list_groups(filter="groupTypes/any(c:c eq 'Unified')")


## End(Not run)

[Package AzureGraph version 1.3.4 Index]