Microsoft Graph snippets sample for ASP.NET Core 3.1

Table of contents

This sample project provides a repository of code snippets that use the Microsoft Graph to perform common tasks, such as sending email, managing groups, and other activities from within an ASP.NET Core MVC app. It uses the Microsoft Graph .NET Client SDK to work with data returned by the Microsoft Graph.

The sample uses the Microsoft Identity Web library for authentication. This library provides features for working with the Microsoft identity platform (v2.0), which enables developers to write a single auth flow that handles authentication for both work or school (Azure Active Directory) and personal (Microsoft) accounts.

In addition, the sample shows how to request tokens incrementally. Users consent to an initial set of permission scopes during sign in, but can consent to other scopes later. In the case of this sample, any valid user can sign in, but admininstrators can later consent to the admin-level scopes required for certain operations.

Important note about the Microsoft Identity Web preview

The Microsoft Identity Web library is in preview. Please review the support SLA before taking a dependency on this library in production code.


This sample requires the following:

Register the application

  1. Open a browser and navigate to the Azure Active Directory admin center. Login using a personal account (aka: Microsoft Account) or Work or School Account.

  2. Select Azure Active Directory in the left-hand navigation, then select App registrations under Manage.

  3. Select New registration. On the Register an application page, set the values as follows.

    • Set Name to ASP.NET Core Graph Snippets App.
    • Set Supported account types to Accounts in any organizational directory and personal Microsoft accounts.
    • Under Redirect URI, set the first drop-down to Web and set the value to https://localhost:5001/.
  4. Select Register. On the ASP.NET Core Graph Snippets App page, copy the value of the Application (client) ID and save it, you will need it in the next step.

  5. Select Authentication under Manage. Under Redirect URIs add a URI with the value https://localhost:5001/signin-oidc.

  6. Set the Logout URL to https://localhost:5001/signout-oidc.

  7. Locate the Implicit grant section and enable ID tokens. Select Save.

  8. Select Certificates & secrets under Manage. Select the New client secret button. Enter a value in Description and select one of the options for Expires and select Add.

  9. Copy the client secret value before you leave this page. You will need it in the next step.

    IMPORTANT: This client secret is never shown again, so make sure you copy it now.

Build and run the sample

  1. Open your command-line interface (CLI) in the ./SnippetsApp directory and run the following command to restore dependencies.

    dotnet restore
  2. Run the following commands to add your application ID and secret into the .NET Secret Manager. The Secret Manager is for development purposes only, production apps should use a trusted secret manager for storing secrets. Replace YOUR_APP_ID with your application ID, and YOUR_APP_SECRET with your application secret.

    dotnet user-secrets init
    dotnet user-secrets set "AzureAd:ClientId" "YOUR_APP_ID"
    dotnet user-secrets set "AzureAd:ClientSecret" "YOUR_APP_SECRET"
  3. Run the sample:

    • From your CLI: dotnet run
    • From Visual Studio Code: Press F5 or select the Run menu, then Start Debugging.
  4. Sign in with your personal account (MSA) or your work or school account, and grant the requested permissions.

  5. Choose a snippets category in the navigation bar, such as Users, Files, or Mail.

    NOTE: If you logged in with a personal account, snippets that aren't supported for Microsoft accounts are removed from the navigation bar.

How the sample affects your account data

This sample creates, updates, and deletes entities and data (such as users or files). Depending on how you use it, you might edit or delete actual entities and data and leave data artifacts.

To use the sample without modifying your actual account data, be sure to perform update and delete operations only on entities that are created by the sample.

Questions and comments

We'd love to get your feedback about this sample. You can send us your questions and suggestions in the Issues section of this repository.

Your feedback is important to us. Connect with us on Stack Overflow. Tag your questions with [MicrosoftGraph].


This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.

Additional resources

Copyright (c) 2020 Microsoft. All rights reserved.