Create an Azure Active Directory app to use with the Microsoft Graph Toolkit

Microsoft Graph, the API that you use to connect to Microsoft 365, is secured with OAuth 2.0. In order to connect your app to Microsoft 365, you will need to create an app in Azure Active Directory (Azure AD) and grant this app permissions to access specific resources on behalf of the person using your app. This topic describes how to register and configure a web application to use with Microsoft Graph Toolkit.

Add new application registration in Azure Active Directory

To create an application in Azure Active Directory, you need to add a new application registration, and then configure an app name and URL location.

To create the app in Azure Active Directory:

  1. Go to the Azure portal at
  2. From the menu, select Azure Active Directory.
  3. From the Azure Active Directory menu, select App registrations.
  4. From the top menu, select the New registration button.
  5. Enter the name for your app; for example, My M365 app.
  6. For the type of supported account types, select Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox).
  7. For the Redirect URI field:
    • If using Msal2Provider or TeamsMsal2Provider, select Single Page Application (SPA), and in the URL field, enter your redirect URL (and/or http://localhost if testing locally).
    • If using MsalProvider or TeamsProvider, select Web, and in the URL field, enter your redirect URL (and/or http://localhost if testing locally).
  8. Confirm changes by selecting the Register button.

Enable OAuth implicit flow (only for MsalProvider and TeamsProvider)

In most cases, you will use Microsoft Graph Toolkit in client-side applications that consist only of client-side code. Because client-side apps can't store secrets securely, you need to use OAuth implicit flow, which assumes an app's identity based on its ID and URL.

  1. In the Azure Portal, open your newly created app registration.
  2. From the menu, choose Authentication.
  3. In the Implicit grant section, enable both Access tokens and ID tokens options.
  4. Confirm your changes by choosing the Save button.

Next steps