Microsoft Graph .NET SDK with Delegated Access

Jakub Pernica 210 Reputation points
2023-05-25T12:03:07.6833333+00:00

Hello,

I'm kind of overwhelmed by the whole Azure and Graph platforms and could use some advice for directions on where to look for my specific use case.

What I'm trying to accomplish is to:

  1. Have a C# class library that will act as a Graph client for accessing data in SharePoint/OneDrive
  2. Have an application (web), where user will sign-in using his Microsoft account and can use the client class library to access some data

Where only users which have permissions can do certain operations. Basically, multiple users will have access to same resources based on their individual permissions and the Graph client class library will process their requests on their behalf. (Delegated access)

This is how I define my client at the moment (Application-only access):

public SharePointClient(string tenantId, string clientId, string clientSecret, string[] scopes)
{
	TenantId = tenantId;
    ClientId = clientId;
    ClientSecret = clientSecret;
    Scopes = scopes;
}


private GraphServiceClient CreateSharepointClient() 
{
	var options = new TokenCredentialOptions
	{
		AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
	};

	var clientSecretCredential = new ClientSecretCredential(
		TenantId,
	    ClientId,
	    ClientSecret,
	    options
	);

	return new GraphServiceClient(clientSecretCredential, Scopes);
}

/*
... some methods that use Graph Client ...
*/

What I can do: I'm able to implement Graph Client class library that acts as Application-only access, which is registered in Azure Active Directory as application, with set permissions and generated ClientSecret

What do I want to do: Add users to my organization, set their permissions (or role?) and make the Graph Client class library to act to their behalf upon login instead of App-only access

I assume I need to create some kind of login form for my Web application that retrieves user access token, which is then provided to the Graph client so it knows which user makes the request, but I'm kind of lost in the complexity of Azure and Graph.

.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,264 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,296 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,102 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 15,856 Reputation points Microsoft Employee
    2023-05-29T11:33:19.4333333+00:00

    @Jakub Pernica

    Thank you for posting your query on Microsoft Q&A. You can Microsoft Graph .NET Client Library to Integrate the Microsoft Graph API into your client app.

    Once done kindly follow :

    You could use SharePoint list - Microsoft Graph v1.0 examples to access the onedrive/sharepoint data.

    Please do let me know if you have any further queries by posting in comments section.

    Thanks

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.