Calling Graph API From Power Automate Flow

Overview

 
Microsoft Graph API offers a single endpoint to connect to data from various services. Power Automate (earlier MS Flow) enables us to design powerful workflows. Calling the Graph API from Power Automate Flow opens a wide range of possibilities. One scenario could be to get things done with application permissions, which otherwise cannot work under user-delegated permissions.
 
In the article, we will explore a scenario of calling Graph API from Power Automate Flow.
 
Prerequisites
 
Before we proceed, make sure you have below permissions,
  • Administrative access to Azure AD of Office 365 tenant
  • Permissions to create flow in Power Automate (prior MS Flow)

Create an application in Azure AD

 
We will start by registering an application in Azure AD. Follow the below steps to create an application in Azure AD,
  1. Login to Microsoft 365 Portal (https://portal.office.com)
  2. Open Microsoft 365 admin center (https://admin.microsoft.com)
  3. From the left menu, under “Admin centers”, click “Azure Active Directory”.

    Calling Graph API From Power Automate Flow

  4. From the left menu, click “Azure Active Directory”.
  5. Click “App registrations”.

    Calling Graph API From Power Automate Flow

  6. Click “New registration”.
  7. Provide the application name, supported account type and leave the Redirect URI blank.

    Calling Graph API From Power Automate Flow

  8. Click Register.
  9. Note down Application and Directory IDs to use later in the flow.

    Calling Graph API From Power Automate Flow

  10. From the left menu, click “API permissions” to grant some permissions to the application.
  11. Click “+ Add a permission”.

    Calling Graph API From Power Automate Flow

  12. Select “Microsoft Graph”.

    Calling Graph API From Power Automate Flow

  13. Select Application permissions.
  14. Grant the needed permissions.
  15. Click “Add permissions”.

    Calling Graph API From Power Automate Flow
    Below are examples of the needed application permissions to perform the operations. 
Action
Application permissions
List owners
Group.Read.All, User.Read.All, Group.Read.All, and User.ReadWrite.All
Add member
GroupMember.ReadWrite.All, Group.ReadWrite.All, and Directory.ReadWrite.All

Grant required permissions to the application

 
After creating the permissions, we need to grant consent to the application to allow the application to access Graph API without a consent screen.
  1. Click “Grant admin consent for …”

    Calling Graph API From Power Automate Flow

  2. From the left menu, click “Certificates & secrets”.
  3. Under “Client secrets”, click “+ New client secret”.

    Calling Graph API From Power Automate Flow

  4. Provide a description and select an expiry time for the secret.

    Calling Graph API From Power Automate Flow

  5. Click “Add”.
  6. Make a note of the secret value.

    Calling Graph API From Power Automate Flow 

Build Power Automate Workflow

 
We will start by building flow.
  1. Navigate to Power Automate in Office 365.
  2. From the left menu, click Create.
  3. Select “Instant flow”.

    Calling Graph API From Power Automate Flow

  4. In the modal dialog, specify the flow name (e.g. Join Private Group).
  5. Select the trigger as “When an HTTP request is received”.

    Calling Graph API From Power Automate Flow

  6. Click Create.
  7. The flow should get created as below.

    Calling Graph API From Power Automate Flow

  8. Expand the activity “When a HTTP request is received”.
  9. Click “Generate from sample”.
  10. In the popup, add the above request body JSON schema.

    1. {  
    2.    "groupId":"07c00c4d-6a21-4c51-9545-f2921b4109b0"  
    3. }  


  11. Click Done.
  12. The request body json schema will be generated.

    Calling Graph API From Power Automate Flow

  13. Initialize the variables client id, directory (tenant) id and secret generated from the previous step.

    These variables then can be used to make an MS Graph API call.

    Calling Graph API From Power Automate Flow

  14. Add the “HTTP” activity.

    Calling Graph API From Power Automate Flow

Test Flow with Soap UI

 
Download the SoapUI from here.
  1. Select Method as Post.
  2. Specify the endpoint as HTTP POST URL.
  3. Specify the header as Content-type with value application/json
  4. In the Body, specify the JSON.

    Calling Graph API From Power Automate Flow

  5. Click Send.
  6. Observe the run history of flow.

    Calling Graph API From Power Automate Flow 

Summary

 
Calling the Graph API from Power Automate Flow opens a wide range of possibilities. One scenario could be to get the things done with application permissions, which otherwise cannot work under user delegated permissions. Power automate flow then can be called from an SPFx solution to build more advanced scenarios.
 
Please refer to my previous article - Execute Power Automate Workflow from SPFx for more details.