In the graph explorer, you can select the query you want to execute. Then, you can see the permissions (=scopes) you need (see Tab "Modify permissions"). Below, you see two screenshots of the Microsoft Graph Explorer tool which show the request URLs and the permissions for executing the first two requests (list One Note sections, list pages of a certain One Note section):
In the documentation of the Microsoft Graph API, we find the request for the One Note Page Creation:
Notes.ReadWrite.All.
We now have to add the prefix https://graph.microsoft.com/
to the permission name to get the scope which we need for the creation of the Cloud Integration Credential: https://graph.microsoft.com/Notes.ReadWrite.all
Permission: Notes.ReadWrite.All -> Scope: https://graph.microsoft.com/Notes.ReadWrite.All
https://graph.microsoft.com/Notes.ReadWrite.all
. (You can also specify several scopes in the "scope" field by separating them with the space character.)The following screenshot shows the "OAuth2 Authorization Code" creation dialog with the correct scope.
We create an integration flow with a script step which uses the created OAuth2 Authorization Code credential and a HTTP receiver adapter which calls the Microsoft Graph API. The following screenshot shows the integration flow we want to build:
The HTTPS sender adapter is configured as follows:
import com.sap.gateway.ip.core.customdev.util.Message;
import com.sap.it.api.securestore.SecureStoreService;
import com.sap.it.api.securestore.AccessTokenAndUser;
import com.sap.it.api.securestore.exception.SecureStoreException;
import com.sap.it.api.ITApiFactory;
def Message processData(Message message) {
SecureStoreService secureStoreService = ITApiFactory.getService(SecureStoreService.class, null);
AccessTokenAndUser accessTokenAndUser = secureStoreService.getAccesTokenForOauth2AuthorizationCodeCredential("MICROSOFT_ONE_NOTE_ACCESS");
String token = accessTokenAndUser.getAccessToken();
message.setHeader("Authorization", "Bearer "+token);
return message;
}
getAccesTokenForOauth2AuthorizationCodeCredential("MICROSOFT_ONE_NOTE_ACCESS"),
message.setHeader("Authorization", "Bearer "+token);
To be able to make different kind of requests to Microsoft Graph, we parameterize the "Address" and "Method" field in the HTTP receiver adapter as follows:
We call the HTTP receiver adapter in a request reply step because we want to clean-up headers after the call to Microsoft Graph. Therefore, we add the "Remove Headers" Content Modifier step after the "Request-Reply" step. Most importantly, we remove the "Authorization" header which is set by the script step and which contains the token. If we do not remove this header, the token will be part of the response to the sender and the sender could access this security relevant information. We also remove the other two headers "address" and "method" as shown in the following screenshot:
We want to use the headers "address", "method", and "Content-Type" to configure the HTTP Receiver adapter. The values for these headers shall be sent from the sender client. In the "Runtime Configuration" of the integration flow, you specify these headers in the "Allowed Headers" field. To get to the integration flow properties view, click on an empty space in the integration flow modeling area:
After you've deployed the integration flow, you find the integration flow endpoint in the Operations View in the "Manage Integration Content" tile:
GET https://graph.microsoft.com/v1.0/me/onenote/sections
GET https://<host from the iflow endpoint>/http/call_microsoft_graph_api
Headers:
Content-Type: text/plain
address: https://graph.microsoft.com/v1.0/me/onenote/sections
method: GET
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('a92e5487-af32-4283-93eb-dd47253c7856')/onenote/sections",
"value": [
{
"id": "1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36",
"self": "https://graph.microsoft.com/v1.0/users/a92e5487-af32-4283-93eb-dd47253c7856/onenote/sections/1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36",
"createdDateTime": "2020-11-19T14:16:31Z",
"displayName": "Test Section",
"lastModifiedDateTime": "2020-11-20T15:01:45Z",
"isDefault": false,
"pagesUrl": "https://graph.microsoft.com/v1.0/users/a92e5487-af32-4283-93eb-dd47253c7856/onenote/sections/1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36/pages",
"createdBy": {
"user": {
"id": "a92e5487-af32-4283-93eb-dd47253c7856",
"displayName": "Test User"
}
},
"lastModifiedBy": {
"user": {
"id": "a92e5487-af32-4283-93eb-dd47253c7856",
"displayName": "Test User"
}
},
"links": {
"oneNoteClientUrl": {
"href": "onenote:https://aintpomail-my.sharepoint.com/personal/test_user_test_com/Documents/Notebooks/My%20Notebook%20@%20Work/Research%20notes.one"
},
"oneNoteWebUrl": {
"href": "https://aintpomail-my.sharepoint.com/personal/test_user_test_com/Documents/Notebooks/My%20Notebook%20@%20Work?wd=target%28%2F%2FResearch%20notes.one%7C%2F%29"
}
},
"parentNotebook@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('a92e5487-af32-4283-93eb-dd47253c7856')/onenote/sections('1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36')/parentNotebook/$entity",
"parentNotebook": {
"id": "1-72f96a39-135f-43a7-b907-3c29b90e6c63",
"displayName": "My Notebook @ Work",
"self": "https://graph.microsoft.com/v1.0/users/a92e5487-af32-4283-93eb-dd47253c7856/onenote/notebooks/1-72f96a39-135f-43a7-b907-3c29b90e6c63"
},
"parentSectionGroup@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('a92e5487-af32-4283-93eb-dd47253c7856')/onenote/sections('1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36')/parentSectionGroup/$entity",
"parentSectionGroup": null
}
]
}
POST https://graph.microsoft.com/v1.0/me/onenote/sections/1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36/pages
Headers:
Content-Type: multipart/form-data; boundary=MyPartBoundary198374
Body:
--MyPartBoundary198374
Content-Disposition:form-data; name="Presentation"
Content-Type:text/html
<!DOCTYPE html>
<html>
<head>
<title>Note Page Demo</title>
<meta name="created" content="2020-11-21T09:00:00-08:00" />
</head>
<body>
<p>Test creating Note Page via API</p>
</html>
--MyPartBoundary198374--
POST https://<host from the iflow endpoint>/http/call_microsoft_graph_api
Headers:
Content-Type: multipart/form-data; boundary=MyPartBoundary198374
address: https://graph.microsoft.com/v1.0/me/onenote/sections/1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36/pages
method: POST
Body:
--MyPartBoundary198374
Content-Disposition:form-data; name="Presentation"
Content-Type:text/html
<!DOCTYPE html>
<html>
<head>
<title>Note Page Demo</title>
<meta name="created" content="2020-11-21T09:00:00-08:00" />
</head>
<body>
<p>Test creating Note Page via API</p>
</html>
--MyPartBoundary198374--
GET https://<host from the iflow endpoint>/http/call_microsoft_graph_api
Headers:
Content-Type: text/plain
address: https://graph.microsoft.com/v1.0/me/onenote/sections/1-ab9ffe21-abc1-56a9-1721-3b39f07a8f36/pages
method: GET
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
15 | |
11 | |
10 | |
9 | |
8 | |
8 | |
7 | |
7 | |
7 | |
7 |