Microsoft Graph

This is a continuation of a series of articles on Azure services from an operational engineering perspective with the most recent introduction of this topic with the link here. This article continues to elaborate on the connectors used with the Microsoft Graph. Microsoft Graph enables integration with the best of Microsoft 365, Windows 10 and Enterprise mobility and security services in Microsoft 365, using REST APIs and client libraries.

It uses the concepts of users and groups to elaborate on these functionalities.  A user is an individual who uses Microsoft 365 cloud services and for Microsoft Graph, it is the focus for which the identity is protected, and access is well managed. The data associated with this entity and the opportunities to enrich the context, provide real-time information, and deep insights are what makes Microsoft Graph so popular. A group is the fundamental entity that lets users collaborate and integrate with other services which enable scenarios for task planning, teamwork, education and more.

Since Microsoft Graph is the data fabric that empowers intelligent experiences, it needs mechanisms to bring content from external services to Microsoft Graph which enables external data to power Microsoft 365 experiences.

Connectors offer a simple and intuitive way to do just that. For example, the data brought in from the organization can appear in Microsoft Search results. This expands the type of content sources that are searchable in Microsoft 365 productivity applications and the broader ecosystem.

There are over a hundred connectors that are currently available from Microsoft and partners which include Azure Services, Box, ServiceNow, Salesforce, Google services, MediaWiki, and more. An example of writing a custom connector will explain the details of its working.

There is a set of connector REST APIs available from Microsoft Graph. These are used to 1. Create and manage external data connections, 2. Define and register the schema of the external data type(s), 3. Ingest external data items into Microsoft Graph and 4. Sync external groups.

A connection is a logical unit for the external data that can be managed as a single unit. It can be used to create, update, and delete connections in Microsoft Graph. The Connection API provides the connection resource. The connection schema determines how the content will be used in various Microsoft 365 experiences. Schema is a flat list of all properties that can be added to the connection along with the attributes, labels, and aliases. The schema must be registered before ingesting items into the Microsoft Graph. Items that can be added to the Microsoft Search service are represented by the externalItem resource in Microsoft Graph. Items in the external service can be granted or denied access via ACL to different types of non-Azure Active Directory groups. When the items are ingested into Microsoft Graph, they must honor these ACLs. The External Groups API sets permission on external items ingested into the Microsoft Graph.  The connector must be registered as an application in the Azure AD admin center.