Get started with Microsoft Graph in an Android app

Building apps for enterprise customers? Your app may not work if your enterprise customer turns on enterprise mobility security features like conditional device access. In this case, you may not know and your customers may experience errors.

To support all enterprise customers across all enterprise scenarios, you must use the Azure AD endpoint and manage your apps using the Azure Management Portal. For more information, see Deciding between the Azure AD and Azure AD v2.0 endpoints.

This article describes the tasks required to get an access token from the Azure AD v2.0 endpoint and call Microsoft Graph. It walks you through building the Connect Sample for Android and explains the main concepts that you implement to use Microsoft Graph in your app for Android. The article also describes how to access Microsoft Graph by using either the Microsoft Graph SDK for Android or raw REST calls.

To use Microsoft Graph in your app for Android, you need to show the Microsoft sign in page to your users, as shown in the following screenshot.

Sign in page for Microsoft accounts on Android

Don't feel like building an app? Get up and running fast by downloading the Connect Sample for Android that this article is based on.

Prerequisites

To get started, you'll need:

Register the application

Register an app on the Microsoft App Registration Portal. This generates the app ID and password that you'll use to configure the app.

  1. Sign into the Microsoft App Registration Portal using either your personal or work or school account.

  2. Choose Add an app.

  3. Enter a name for the app, and choose Create application.

    The registration page displays, listing the properties of your app.

  4. Copy the application ID. This is the unique identifier for your app.

  5. Choose Add Platform and Mobile application.

    Note: The Application Registration Portal provides a Redirect URI with a value of urn:ietf:wg:oauth:2.0:oob. However, you'll use the default Redirect URI value of https://login.microsoftonline.com/common/oauth2/nativeclient.

  6. Choose Save.

Configure the project

Start a new project in Android Studio. You can leave the default values for most of the wizard, just make sure to choose the following options:

  • Target Android Devices - Phone and Tablet
    • Minimum SDK - API 16: Android 4.1 (Jelly Bean)
  • Add an Activity to Mobile - Basic Activity

This provides you with an Android project with an activity and a button that you can use to authenticate the user.

Note: You can also use the Starter project that takes care of the project configuration so you can focus on the coding sections of this walkthrough.

Authenticate the user and get an access token

You'll use an OAuth library to simplify the authentication process. OpenID provides AppAuth for Android, a library that you can use in this project.

Add the dependency to app/build.gradle

Open the build.gradle file in the app module and include the following dependency:

compile 'net.openid:appauth:0.3.0'

Start the authentication flow

  1. Open the MainActivity file and declare an AuthorizationService object in the onCreate method.

    final AuthorizationService authorizationService =
        new AuthorizationService(this);
    
  2. Locate the event handler for the click event of the FloatingActionButton. Replace the onClick method with the following code. Insert the application ID of your app in the placeholder marked with <YOUR_APPLICATION_ID>.

    @Override
    public void onClick(View view) {
        Uri authorizationEndpoint =
            Uri.parse("https://login.microsoftonline.com/common/oauth2/v2.0/authorize");
        Uri tokenEndpoint =
            Uri.parse("https://login.microsoftonline.com/common/oauth2/v2.0/token");
        AuthorizationServiceConfiguration config =
            new AuthorizationServiceConfiguration(
                    authorizationEndpoint,
                    tokenEndpoint,null);
    
        List<String> scopes = new ArrayList<>(
            Arrays.asList("openid mail.send".split(" ")));
    
        AuthorizationRequest authorizationRequest = new AuthorizationRequest.Builder(
            config,
            "<YOUR_APPLICATION_ID>",
            ResponseTypeValues.CODE,
            Uri.parse("https://login.microsoftonline.com/common/oauth2/nativeclient"))
            .setScopes(scopes)
            .build();
    
        Intent intent = new Intent(view.getContext(), MainActivity.class);
    
        PendingIntent redirectIntent =
            PendingIntent.getActivity(
                    view.getContext(),
                    authorizationRequest.hashCode(),
                    intent, 0);
    
        authorizationService.performAuthorizationRequest(
            authorizationRequest,
            redirectIntent);
    }
    

At this point, you should have an Android app with a button. If you press the button, the app presents an authentication page using the device's browser. The next step is to handle the code that the authorization server sends to the redirect URI and exchange it for an access token.

Exchange the authorization code for an access token

You need to make your app ready to handle the authorization server response, which contains a code that you can exchange for an access token.

  1. We need to tell the Android system that MainActivity can handle requests to https://login.microsoftonline.com/common/oauth2/nativeclient. To do this open the AndroidManifest file and add the following children to the MainActivity's intent-filter element.

    <action android:name="android.intent.action.VIEW"/>
    <category android:name="android.intent.category.DEFAULT"/>
    <category android:name="android.intent.category.BROWSABLE"/>
    <data android:scheme="https"/>
    <data android:host="login.microsoftonline.com"/>
    <data android:path="/common/oauth2/nativeclient"/>
    
  2. The activity will be invoked when the authorization server sends a response. You can request an access token with the response from the authorization server. Go back to your MainActivity and append the following code to the onCreate method.

    Bundle extras = getIntent().getExtras();
    if (extras != null) {
        AuthorizationResponse authorizationResponse = AuthorizationResponse.fromIntent(getIntent());
        AuthorizationException authorizationException = AuthorizationException.fromIntent(getIntent());
        final AuthState authState = new AuthState(authorizationResponse, authorizationException);
    
        if (authorizationResponse != null) {
            HashMap<String, String> additionalParams = new HashMap<>();
            TokenRequest tokenRequest = authorizationResponse.createTokenExchangeRequest(additionalParams);
    
            authorizationService.performTokenRequest(
                tokenRequest,
                new AuthorizationService.TokenResponseCallback() {
                    @Override
                    public void onTokenRequestCompleted(
                            @Nullable TokenResponse tokenResponse,
                            @Nullable AuthorizationException ex) {
                        authState.update(tokenResponse, ex);
                        if (tokenResponse != null) {
                            String accessToken = tokenResponse.accessToken;
                        }
                    }
                });
        } else {
            Log.i("MainActivity", "Authorization failed: " + authorizationException);
        }
    }
    

Note that you have an access token in this line String accessToken = tokenResponse.accessToken;. Now you're ready to add code to call Microsoft Graph.

Call Microsoft Graph

You can use the Microsoft Graph SDK or the Microsoft Graph REST API to call Microsoft Graph.

Call Microsoft Graph using the Microsoft Graph SDK

The Microsoft Graph SDK for Android provides classes that build requests and process results from Microsoft Graph. Follow these steps to use the Microsoft Graph SDK.

  1. Add Internet permissions to your app. Open the AndroidManifest file and add the following child to the manifest element.

    <uses-permission android:name="android.permission.INTERNET" />
    
  2. Add dependencies to the Microsoft Graph SDK and GSON.

    compile 'com.microsoft.graph:msgraph-sdk-android:1.0.0'
    compile 'com.google.code.gson:gson:2.7'
    
  3. Replace the line String accessToken = tokenResponse.accessToken; with the following code. Insert your email address in the placeholder marked with <YOUR_EMAIL_ADDRESS>.

    final String accessToken = tokenResponse.accessToken;
    final IClientConfig clientConfig = 
            DefaultClientConfig.createWithAuthenticationProvider(new IAuthenticationProvider() {
        @Override
        public void authenticateRequest(IHttpRequest request) {
            request.addHeader("Authorization", "Bearer " + accessToken);
        }
    });
    
    final IGraphServiceClient graphServiceClient = new GraphServiceClient
        .Builder()
        .fromConfig(clientConfig)
        .buildClient();
    
    final Message message = new Message();
    EmailAddress emailAddress = new EmailAddress();
    emailAddress.address = "<YOUR_EMAIL_ADDRESS>";
    Recipient recipient = new Recipient();
    recipient.emailAddress = emailAddress;
    message.toRecipients = Collections.singletonList(recipient);
    ItemBody itemBody = new ItemBody();
    itemBody.content = "This is the email body";
    itemBody.contentType = BodyType.text;
    message.body = itemBody;
    message.subject = "Sent using the Microsoft Graph SDK";
    
    AsyncTask.execute(new Runnable() {
        @Override
        public void run() {
            graphServiceClient
                .getMe()
                .getSendMail(message, false)
                .buildRequest()
                .post();
        }
    });
    

Call Microsoft Graph using the Microsoft Graph REST API

The Microsoft Graph REST API exposes multiple APIs from Microsoft cloud services through a single REST API endpoint. Follow these steps to use the REST API.

  1. Add Internet permissions to your app. Open the AndroidManifest file and add the following child to the manifest element.

    <uses-permission android:name="android.permission.INTERNET" />
    
  2. Add a dependency to the Volley HTTP library.

    compile 'com.android.volley:volley:1.0.0'
    
  3. Replace the line String accessToken = tokenResponse.accessToken; with the following code. Insert your email address in the placeholder marked with <YOUR_EMAIL_ADDRESS>.

    final String accessToken = tokenResponse.accessToken;
    
    final RequestQueue queue = Volley.newRequestQueue(getApplicationContext());
    String url ="https://graph.microsoft.com/v1.0/me/sendMail";
    final String body = "{" +
        "  Message: {" +
        "    subject: 'Sent using the Microsoft Graph REST API'," +
        "    body: {" +
        "      contentType: 'text'," +
        "      content: 'This is the email body'" +
        "    }," +
        "    toRecipients: [" +
        "      {" +
        "        emailAddress: {" +
        "          address: '<YOUR_EMAIL_ADDRESS>'" +
        "        }" +
        "      }" +
        "    ]}" +
        "}";
    
    final StringRequest stringRequest = new StringRequest(Request.Method.POST, url,
        new Response.Listener<String>() {
            @Override
            public void onResponse(String response) {
                Log.d("Response", response);
            }
        },
        new Response.ErrorListener() {
            @Override
            public void onErrorResponse(VolleyError error) {
                Log.d("ERROR","error => " + error.getMessage());
            }
        }
    ) {
        @Override
        public Map<String, String> getHeaders() throws AuthFailureError {
            Map<String,String> params = new HashMap<>();
            params.put("Authorization", "Bearer " + accessToken);
            params.put("Content-Length", String.valueOf(body.getBytes().length));
            return params;
        }
        @Override
        public String getBodyContentType() {
            return "application/json";
        }
        @Override
        public byte[] getBody() throws AuthFailureError {
            return body.getBytes();
        }
    };
    
    AsyncTask.execute(new Runnable() {
        @Override
        public void run() {
            queue.add(stringRequest);
        }
    });
    

Run the app

You're ready to try your Android app.

  1. Start your Android emulator or connect your physical device to your computer.
  2. In Android Studio, press Shift + F10 to run your app.
  3. Choose your Android emulator or device from the deployment dialog box.
  4. Tap the Floating Action Button on the main activity.
  5. Sign in with your personal or work or school account and grant the requested permissions.
  6. In the app selection dialog, tap your app to continue.

Check the inbox of the email address that you configured in Call Microsoft Graph. You should have an email from the account that you used to sign in to the app.

Next steps

See also