Querying the Office 365 Management APIs using Postman


Overview

This blog post demonstrates how to create an app registration in Azure Active Directory and how to use PostMan to test access and query the Office 365 Management Activity API and Office 365 Service Communications API.

For troubleshooting information please visit the official page: Troubleshooting the Office 365 Management Activity API.

Note: Service Communications API is currently in Preview and support is only offered via stackoverflow.com.

Create an app registration

  1. In the Azure Portal click on Azure Active Directory in the navigation menu on the left then click on App registrations then click on New application registration on the right

  2. Fill in the Name and the Sign-on URL fields and click Create

  3. Click on Settings

  4. On the Settings page click on Required permissions

  5. On the Required permissions page click Add

  6. On the Add API access page click Select an API

  7. On the Select an API page select Office 365 Management APIs and click Select

  8. On the Enable Access page, click the checkboxes for the appropriate access then click Select

  9. Back on the Add API access page, click Done

  10. On the Required permissions page click Grant permissions

  11. If you wish to make use of Application* tokens instead of Delegate** tokens, on the Settings page click on Keys

  12. To generate a new Key (client secret) type in a Description, select the validity period in the Expires column and click Save

  13. Make a copy of the key value as you won't be able to retrieve it if you navigate away from this page

  14. Go back to the App registrations page and click on Endpoints to retrieve the authorization and token endpoints

  15. Make note of the OAUTH 2.0 TOKEN ENDPOINT and OAUTH 2.0 AUTHORIZATION ENDPOINT values

* Application Permissions: Your client application needs to access the web API directly as itself (no user context). This type of permission requires administrator consent and is also not available for native client applications.

** Delegated Permissions: Your client application needs to access the web API as the signed-in user, but with access limited by the selected permission. This type of permission can be granted by a user unless the permission requires administrator consent.

Acquiring an OAuth 2.0 token in Postman

  1. In Postman, select OAuth 2.0 and click on Get New Access Token

  2. Follow the next steps to prepare your token request and Request Token:
    1. Select Authorization Code for the Grant Type
    2. Fill in the Callback URL with the Sign-on URL you've defined for your app registration
    3. Fill in your Client ID fields with the Application
      ID from the App registrations page in Azure
    4. Fill in the Client Secret with the key you've saved previously
    5. Select Send client credentials in body in the Client Authentication combo
    6. Fill in the Access Token URL with the OAUTH 2.0 TOKEN ENDPOINT value you've copied from the Endpoints page in Azure
    7. Add "?resource=https%3A%2F%2Fmanage.office.com" to your OAUTH 2.0 AUTHORIZATION ENDPOINT value you've copied from the Endpoints page in Azure and fill in the Auth URL with the complete URL. For example: https://login.microsoftonline.com/dde7a7c4-1df5-4788-8a29-e6c8bf183f21/oauth2/authorize?resource=https%3A%2F%2Fmanage.office.com

  3. Supply the credentials when prompted

  4. Click on Use Token to use the new token with your request

Testing the Office 365 Service Communications API

With the token you're acquired above, Send a Get request to https://manage.office.com/api/v1.0/YOURTENANTNAME.onmicrosoft.com/ServiceComms/Services, where YOURTENANTNAME is the name of your tenant.

The result should be similar to the one in the screenshot below:

For the complete list of operations please check the official documentation.

Note: Service Communications API is currently in Preview and support is only offered via stackoverflow.com.

Testing the Office 365 Management Activity API

With the token you're acquired above, Send a Get request to https://manage.office.com/api/v1.0/YOURTENANTNAME.onmicrosoft.com/activity/feed/subscriptions/list to see the list of active subscriptions, where YOURTENANTNAME is the name of your tenant.

The result should be similar to the one in the screenshot below:

Revisions

Type Date Author
Created 3rd Aug 2018 Andrei Ghita
Comments (0)

Skip to main content