Get started with the Microsoft Graph Beta SDK for PHP

Install the SDK

You can install the Beta PHP SDK with Composer by editing your composer.json file:

{
    "minimum-stability": "RC",
    "require": {
        "microsoft/microsoft-graph-beta": "^2.0.0-RC10",
    }
}

OR

{
    "require": {
        "microsoft/microsoft-graph-beta": "^2.0.0-RC10",
        "microsoft/microsoft-graph-core": "@RC"
    }
}

Get started with Microsoft Graph

Register your application

Register your application to use the Microsoft Graph API using Microsoft Azure Active Directory in your tenant's Active Directory to support work or school users for your tenant, or multiple tenants.

Create an Authentication Provider object

An AuthenticationProvider handles authentication of requests made to the Graph. It fetches, caches and refreshes access tokens ensuring all requests are authenticated against the Microsoft Identity platform. It supports various OAuth 2.0 flows: client_credentials, authorization_code and on_behalf_of with support for secret-based and certificate-based client authentication.

The provided authentication provider wraps around the The PHP League OAuth client.

The following sample creates an authentication provider that gets access without a user:

use Microsoft\Kiota\Authentication\Oauth\ClientCredentialContext;
use Microsoft\Kiota\Authentication\PhpLeagueAuthenticationProvider;

$tokenRequestContext = new ClientCredentialContext(
    'tenantId',
    'clientId',
    'clientSecret'
);
$scopes = ['https://graph.microsoft.com/.default'];
$authProvider = new PhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);

To create an authentication provider that gets access on behalf of a user:

use Microsoft\Kiota\Authentication\Oauth\AuthorizationCodeContext;
use Microsoft\Kiota\Authentication\PhpLeagueAuthenticationProvider;

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId',
    'clientId',
    'clientSecret',
    'authCode',
    'redirectUri'
);
$scopes = ['User.Read', 'Mail.Read'];
$authProvider = new PhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);

Note that your application will need to handle redirecting the user to the Microsoft Identity login page to get the authorization_code that's passed into the AuthorizationCodeContext. See for more on the authorization_code grant flow.

The SDK also provides equivalent TokenRequestContext objects that rely on certificates as opposed to client secrets: ClientCredentialCertificateContext, AuthorizationCodeCertificateContext.

Initialise a GraphServiceClient HTTP Adapter object

The SDK uses an adapter object that handles the HTTP concerns. This HTTP adapter object is used to build the Graph client for making requests.

To initialise one using the authentication provider created in the previous step:

use Microsoft\Graph\Beta\GraphRequestAdapter;

$requestAdapter = new GraphRequestAdapter($authProvider);

We currently use Guzzle as our HTTP client. You can pass your custom configured Guzzle client using withHttpClient():

use Microsoft\Graph\Core\GraphClientFactory;
use Microsoft\Graph\Beta\GraphRequestAdapter;

$guzzleConfig = [
    // your custom config
];
$httpClient = GraphClientFactory::createWithConfig($guzzleConfig);
$requestAdapter = new GraphRequestAdapter($authProvider, $httpClient);

Call Microsoft Graph using the Beta endpoint and models

The following is an example that shows how to fetch a user from Microsoft Graph

use Microsoft\Graph\Beta\GraphRequestAdapter;
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Kiota\Abstractions\ApiException;
use Microsoft\Kiota\Authentication\Oauth\ClientCredentialContext;
use Microsoft\Kiota\Authentication\PhpLeagueAuthenticationProvider;

$tokenRequestContext = new ClientCredentialContext(
    'tenantId',
    'clientId',
    'clientSecret'
);
$scopes = ['https://graph.microsoft.com/.default'];
$authProvider = new PhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);
$requestAdapter = new GraphRequestAdapter($authProvider);
$betaGraphServiceClient = new GraphServiceClient($requestAdapter);

try {
    $response = $betaGraphServiceClient->usersById('[userPrincipalName]')->get();
    $user = $response->wait();
    echo "Hello, I am {$user->getGivenName()}";

} catch (ApiException $ex) {
    echo $ex->getMessage();
}

Note that to calling me() requires a signed-in user and therefore delegated permissions (obtained using the authorization_code flow):

use Microsoft\Graph\Beta\GraphRequestAdapter;
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Kiota\Abstractions\ApiException;
use Microsoft\Kiota\Authentication\Oauth\AuthorizationCodeContext;
use Microsoft\Kiota\Authentication\PhpLeagueAuthenticationProvider;

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId',
    'clientId',
    'clientSecret',
    'authCode',
    'redirectUri'
);
$scopes = ['User.Read'];
$authProvider = new PhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);
$requestAdapter = new GraphRequestAdapter($authProvider);
$betaGraphServiceClient = new GraphServiceClient($requestAdapter);

try {
    $response = $betaGraphServiceClient->me()->get();
    $user = $response->wait();
    echo "Hello, I am {$user->getGivenName()}";
} catch (ApiException $ex) {
    echo $ex->getMessage();
}

Documentation and resources

• Examples

• Microsoft Graph website

Upgrading

For detailed information on breaking changes, bug fixes and new functionality introduced during major upgrades, check out our Upgrade Guide

Develop

Run Tests

Run

vendor/bin/phpunit

from the base directory.

Issues

View or log issues on the Issues tab in the repo.

Contribute

Please read our Contributing guidelines carefully for advice on how to contribute to this repo.

Copyright and license

Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT license.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.