Microsoft Graph

microsoft

Unified API for accessing Microsoft 365 data and services including users, groups, mail, calendar, and files.

What is Microsoft Graph?

Microsoft Graph provides a single endpoint (graph.microsoft.com) for accessing data across Microsoft 365, Azure AD, and Windows. Applications use OAuth 2.0 to authenticate and request permissions to specific resources. Both delegated permissions (on behalf of a user) and application permissions (app-only) are supported.

In Microsoft 365

Microsoft Graph is the API that applications use to interact with M365 data. Security-sensitive permissions like Directory.ReadWrite.All, Mail.ReadWrite, and RoleManagement.ReadWrite.Directory should be carefully reviewed and minimized.

Examples

  • 1Reading user profiles and group memberships
  • 2Accessing mailbox data
  • 3Managing directory objects

Related TrueConfig Controls

These controls help implement and verify microsoft graph in your Microsoft 365 environment.

APP-03Internal App Registration PermissionsAPP-06Third-Party Enterprise App Permissions

Frequently Asked Questions

What is Microsoft Graph?
Unified API for accessing Microsoft 365 data and services including users, groups, mail, calendar, and files.
How does Microsoft Graph work in Microsoft 365?
Microsoft Graph is the API that applications use to interact with M365 data. Security-sensitive permissions like Directory.ReadWrite.All, Mail.ReadWrite, and RoleManagement.ReadWrite.Directory should be carefully reviewed and minimized.
What are examples of Microsoft Graph?
Examples of Microsoft Graph include: Reading user profiles and group memberships, Accessing mailbox data, Managing directory objects.
Which TrueConfig controls relate to Microsoft Graph?
TrueConfig controls related to Microsoft Graph include: APP-03, APP-06. These controls help implement and verify microsoft graph in your environment.
← Back to GlossaryBrowse Controls →