Microsoft Graph is the gateway to data and intelligence in Microsoft 365.
You can use the Microsoft Graph API to build apps for organizations and consumers that interact with the data of millions of users. With Microsoft Graph, you can connect to a wealth of resources, relationships, and intelligence, all through a single endpoint: https://graph.microsoft.com.
For additional information refer to https://docs.microsoft.com/en-us/graph/overview link.
Before using the APIs from the Microsoft Logic App, some configurations must be made within Microsoft Azure Active Directory.
Azure Active Directory Setup
Sign in to the Azure portal.
In the left-hand navigation pane, select the Azure Active Directory service.
Select “App registrations” (in preview at this moment) and then select “New registration”.
Enter an application name, select the account type you want to enable and click on “Register”
When finished, take note of “Application (client) Id” and “Directory (tenant) Id”.
To give the capability of calling Microsoft Graph API to your Logic App, you have to select the API permissions.
Click on “Add a permission”.
Select “Microsoft Graph”.
Now you have to choose the permission type, Delegated or Application.
In our case, we need to call the API listed below. Microsoft Graph API documentation specifies the permission required for each method.
List All Teams
Clone a Team
Add Group Owner
So, we have granted the following permission.
Once the necessary permissions have been added, you will see the following result. Now you have to delegate the permission. Click on “Grant admin consent for…”
Click on “Yes” to confirm.
As a last step, you need to generate a secret key. Select “Certificates & secret” and then “new client secret”.
Specify a description and choose the expiration time.
Once the secret has been generated, it is very important you take note of the secret value. You won’t able to retrieve it after you leave the page.
What you need to successfully call an API from a Logic App are:
- Application (client) Id
- Directory (tenant) Id
- Client secret key
Logic App Development
Once the Azure Active Directory setup is complete, you can use the HTTP connector to make calls to the Graph API.
My requirement was to clone a team, so I had to first look for the source MS Teams id and then proceed with cloning operation.
The following picture shows the search operation.
This API return a json inside which you can find the MS Teams id, then you can call the cloning operation.
The URI is the follow:
|@concat(‘https://graph.microsoft.com/v1.0/teams/’, body(‘Get_Teams_Template_Id’), ‘/clone’)
Keep in mind that some of the Graph API operations are not synchronous but may have a delay, especially when working with application permissions, you may won’t see the right permission in Teams until the permission synchronization has occurred (https://docs.microsoft.com/en-us/graph/api/group-post-owners?view=graph-rest-1.0).