Skip to main content

Calling Microsoft Graph REST API via the "HTTP Make an OAuth 2.0 request" module

Calling the Microsoft Graph REST API from Make's HTTP > Make an OAuth 2.0 request requires you to:

Prerequisites

  • A Make account

  • Admin access to the Azure portal

Required information

Both the Azure portal and Make require information to create a connection:

Values entered in Make created or found in the Azure portal:

Value required in Make

Value as named in Azure portal UI

Client ID

Application ID

Client secret

Secret ID Value

Authorize URI

OAuth 2.0 authorization endpoint (v2)

Token URI

OAuth 2.0 token endpoint (v2)

Values entered in the Azure portal related to Make:

Value required in the Azure portal

Value to enter

Redirect URI (Web)

https://www.integromat.com/oauth/cb/oauth2

Create an application in the Azure portal

To create your OAuth connection for Microsoft, complete these steps in the Azure portal:

  1. Register your web application.

  2. Create a client secret.

  3. Grant the required permissions.

When you create and register a web application in the Azure portal, Azure automatically creates your Client ID. This procedure only creates the web application. You still need to create your client secret and grant any required permissions.

  1. Log in to your Azure portal account.

  2. Under Manage Azure Active Directory, click View.

  3. In the left sidebar, click App registrations, and then click New registration.

  4. Enter a name for your application.

  5. Under Redirect URI, click Web and enter the redirect URL: https://www.integromat.com/oauth/cb/oauth2

    OAuth redirect URI domain

    Notice that the redirect URI starts with https://www.integromat.com instead of https://www.make.com. This is currently a known issue in Make.

    Make was formerly called Integromat, which means you can trust this URL as much as any Make URL.

    Please make sure all your OAuth redirect URIs point to https://www.integromat.com/oauth/cb/oauth2.

  6. Click Register.

  7. Save your Application (client) ID in a safe place. You need to enter in the module configuration on Make.

After registering your app, you can create a client secret in the Azure portal. Keep your client credentials in a safe place. If you lose your client secret, you can use this procedure to create a new one.

  1. In the Azure AD B2C - App registrations page, click the application you created in the above procedure.

  2. In the left sidebar, under Manage, click Certificates & secrets.

  3. Click New client secret.

  4. In the Description box, enter a description for the client secret.

  5. Under Expires, select a duration for which the secret is valid, then click Add.

  6. Your client secret appears in the Value field. Save your client secret in a safe place. Enter this client secret in the module configuration on Make. You cannot retrieve this client secret once you leave this page.

After registering a web application and getting your OAuth credentials, you need to grant the required permissions.

  1. Click App registrations.

  2. Select the app you created in the above procedure and open its Overview page.

  3. Under Manage, click API permissions.

  4. Click + Add a permission.

  5. Select the required Microsoft API.

  6. Click Delegated permissions and use the search bar to find and select the permissions required by the app you are configuring.

  7. Click Add permissions. The selected permissions now appear under Configured permissions.

  8. Click Grant admin consent for {your Azure AD tenant name}.

  9. A pop-up prompts you to confirm. Click Yes.

You can verify success by checking the Status column. A green checkmark appears with the text Granted for {your Azure AD tenant name}.

Find your connection URIs in the Azure portal

Make's HTTP > Make an OAuth 2.0 request requires URIs to authorize your API calls and obtain a token. You can find these URIs in the Azure portal:

  1. Click App registrations.

  2. Select the app you created in the above procedure and open its Overview page.

  3. Click Endpoints.

  4. In the pop-up, use the Copy to clipboard button to copy and save or enter the following in the module configuration on Make:

    Value required in Make

    Value as named in Azure portal UI

    Authorize URI

    OAuth 2.0 authorization endpoint (v2)

    Token URI

    OAuth 2.0 token endpoint (v2)

Configure the HTTP > Make an OAuth 2.0 request module

  1. In Make dashboard, go to Create a new scenario.

  2. Insert the HTTP > Make a OAuth 2.0 request module.

  3. Open the module's configuration and click Add next to the Connection field to create a new connection.

  4. Click Show advanced settings.

  5. Fill the connection setup as follows:

    Flow type

    Select Authorization Code.

    Authorize URI

    Enter the OAuth 2.0 authorization endpoint (v2) URI you found previously.

    Token URI

    https://login.microsoftonline.com/common/oauth2/v2.0/token

    Scope

    Click + to add each permission you granted previously.

    Check that:

    • All necessary permissions are listed.

    • Each permission is a separate item.

    Scope separator

    Select SPACE.

    Client ID

    Enter the Application ID from the app you created in the Azure portal.

    Client Secret

    Enter the client secret you created previously.

    Authorize parameters

    Enter the following keys and values:

    Key

    response_mode

    Value

    query

    Key

    prompt

    Value

    consent

    Refresh token parameters

    Enter the following key and value

    Key

    scope

    Value

    Enter all scopes you have in the Scopes field separated spaces.

    Example:

    offline_access opened profile User.Read

    Token placement

    Select In the header.

    Header token name

    Select Bearer.

  6. Click Continue.

  7. A window pops up. Review the permissions and click Accept.

The connection is successfully created. You can perform your API call.