Set up an HTTP Connection to Microsoft Graph

The out-of-the-box Microsoft 365 Connection in TrueContext makes it easy to work with SharePoint and OneDrive. For advanced scenarios, such as accessing Microsoft Graph endpoints or retrieving data on demand, you can set up a custom HTTP Connection to Microsoft Graph. This recipe walks you through how to set up an HTTP Connection to Microsoft Graph.

Contents

Available on all tiers:

Digital
Intelligent
Elite
?

Prerequisites

High-level process

System Action
Microsoft Entra Register TrueContext as an application. Create a client secret and grant API permissions.
TrueContext Create an HTTP Connection using the credentials generated in Microsoft Entra.

Register TrueContext as an application in Microsoft Entra

Note:These steps are based on our test environment and might not exactly match yours. The important thing is that your Entra setup results in a registered application, a client secret, and the correct API permissions. Your organization's Entra administrator or Microsoft Entra documentation can help if your workflow differs.

  1. Sign in to Microsoft Entra.

  2. Create a new app registration:

    1. On the side bar, select App registrations.

    2. Select New registration. Set up the application:

      • Enter a Name.

      • For Supported account types, leave the default option Accounts in this organizational directory only.

      • For Redirect URI, select the option Web, and then enter the following Redirect URI:

        https://live.prontoforms.com/security/oauth/connections/httpoauth

    3. Select Register.

  3. Create a client secret:

    1. Go to Certificates & secrets and select New client secret.

      • Enter a Description.

      • Select an expiration.

        Info:To avoid service disruptions, you must rotate the client secret before it expires.

    2. Select Add.

      Result: The page shows a Value and a Secret ID. You’ll use the Value to authenticate in TrueContext.

      Note:Store the Value in a secure location before you leave the page. Once you navigate away, you can’t see the value again, and you will have to create a new secret.

  4. Set your API permissions:

    1. Go to API permissions > Add a permission > Microsoft Graph.

    2. Select Delegated permissions.

    3. Under OpenId permissions, select offline_access.

    4. Select all the permissions you want to give the connection. For example, to connect with SharePoint, you can set the following permissions:

      Permission category Permission name
      Files Files.Read.All
      Sites Sites.Read.All

      Info:Set enough permissions for your connection to access necessary data. The Microsoft Graph documentation provides a detailed list of available permissions.

    5. Select Add permissions.

Create an HTTP Connection using the credentials generated in Microsoft Entra

  1. In the TrueContext Web Portal, go to Forms & IntegrationsClosed Integration refers to secure communication and data sharing between TrueContext and a third-party system, such as Salesforce or ServiceMax. Connections, Data Sources, Data Destinations, and App-to-App calls and callbacks can be used as part of an integration solution. > ConnectionsClosed A Connection is an integration point that's used to link a TrueContext Data Source or Data Destination to an external service to import or export data. Data Destinations and Data Sources that share the same external service can also share the same Connection. > CREATE CONNECTION > HTTP Connection.

  2. Enter a Name for your Connection.

  3. Specify the FormSpaces that can use the Connection in Selected FormSpaces allowed to use this Connection.

  4. Enter the Microsoft Graph Base Connection URL: https://graph.microsoft.com/v1.0.

  5. Select OAuth 2.0 as the Authentication Scheme. Set up your OAuth 2.0 Configuration:

    Field Configuration
    Grant Type Select Authorization Code.
    Authorization Code URL In Microsoft Entra, open the application you registered. Go to Overview > Endpoints. Microsoft Entra opens a list of endpoints. Copy the OAuth 2.0 authorization endpoint (v2).
    Access Token URL From the list of endpoints in Microsoft Entra, copy the OAuth 2.0 token endpoint (v2).
    Client ID Go to your application’s Overview page in Microsoft Entra. Copy the Application (client) ID.
    Client Secret Enter the Value (not the Secret ID) of the client secret you created.
    Scopes Enter the list of permissions you assigned to your application separated by a space.

  6. Select Connect.

    Result: The system opens a window where you can sign in to your Microsoft account and grant permissions for the connection.

  7. Select Create.

    Result: You can use this connection to set up HTTP GET Data Sources and HTTP Data Destinations.

Rotate the client secret

Client secrets in Microsoft Entra expire after a set period of time. To avoid service disruptions, rotate the client secret before it expires. To do that:

  1. In Microsoft Entra, create a new client secret.

    1. Go to Certificates & secrets and select New client secret.

      • Enter a Description.

      • Select an expiration.

        Note:Take note of the new expiration date.

    2. Select Add.

      Result: The page shows a Value and a Secret ID. You’ll use the Value to authenticate in TrueContext.

      Note:Store the Value in a secure location before you leave the page. Once you navigate away, you can’t see the value again, and you will have to create a new secret.

  2. In TrueContext, reconnect all related Connections using the new credentials.

  3. Once you test all your Connections, delete the old credentials in Microsoft Entra.

Related topics