How to call Microsoft Graph REST API with groovy script

Ngo Dong Huy Vu 1 Reputation point
2022-08-08T02:39:09.49+00:00

I am trying to call Microsoft Graph API on groovy script using Java libraries.
Even though partly success, I still have some issues using it within my current project, so I think about trying to call the REST API using groovy-wslite.

This is my current code for getting access token: 

def tenantID= "************"  
def clientID= "************"  
def authorizeHost = "https://login.microsoftonline.com"  
def authorizePath = "/${tenantID}/oauth2/v2.0/authorize?"  
try {  
	RESTClient client = new RESTClient(authorizeHost)  
	def params = [  
			"client_id":clientID,  
			"scope": "https://graph.microsoft.com/.default",  
			"response_mode"	: "query",  
			"response_type"	: "code",  
			"redirect_uri"	: "http://localhost/myapp/"  
		]  
	def response = client.post(  
		path: authorizePath,  
	)  
	{  
		type ContentType.URLENC  
		json 	params  
		  
	}  
	LOGGER.info("Success: " + (response.statusCode == 200));  
	LOGGER.info("Output: (" + response.contentType + ") " + response.text);  
} catch (RESTClientException e) {  
	StringWriter sw = new StringWriter();  
	e.printStackTrace(new PrintWriter(sw));  
	LOGGER.info("Error: " + sw.toString());  
}

The response from the log: 

AADSTS900144: The request body must contain the following parameter: 'client_id'.

How can I change the above code, so that Microsoft Graph REST API can recognize my sending content.

Also, as I understanding, if I using this method, I will actually receive a login form, and have to submit it to receive the access token.
Is there any way to automatically received the token with REST API, as this code will be a part of backend code that automatically send Team chat message to notice employee of their tasks.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,511 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. CarlZhao-MSFT 36,736 Reputation points
    2022-08-09T08:50:53.47+00:00

    Hi @Ngo Dong Huy Vu

    Yes, your code is using the auth code flow to get the token, the flow is actually an interactive authentication flow, as you said, you need to interact with the user in the browser to get the authorization code and then use that to redeem an access token.

    Depending on your context, if you want to receive tokens automatically, then the auth code flow is obviously not for you, since that flow requires you to have to log in manually.

    I'm not sure if you have to use user authentication, if so then I recommend you to use the ROPC flow, as this flow doesn't require a login form, you just have to hardcode your username and password in the code. If you don't have to use user authentication, but only use application principals, a daemon-based client credential flow would be the best option.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.