You can install the PHP SDK with Composer by editing your composer.json
file:
{
"require": {
"microsoft/microsoft-graph": "^2.4.0"
}
}
Register your application to use the Microsoft Graph API using Microsoft Azure Active Directory in your tenant's Active Directory to support work or school users for your tenant, or multiple tenants.
A Token Request Context contains the credentials used to authenticate requests. The SDK supports various contexts that align with OAuth 2.0 flows: client_credentials
, authorization_code
and on_behalf_of
with support for secret-based and certificate-based client authentication.
Under the hood, the Token Request Context is passed to an authentication provider which fetches, caches and refreshes access tokens ensuring all requests are authenticated against the Microsoft Identity platform.
The following sample creates a TokenRequestContext that gets access without a user:
<?php
use Microsoft\Kiota\Authentication\Oauth\ClientCredentialContext;
use Microsoft\Graph\Core\Authentication\GraphPhpLeagueAuthenticationProvider;
$tokenRequestContext = new ClientCredentialContext(
'tenantId',
'clientId',
'clientSecret'
);
To gets access on behalf of a user:
<?php
use Microsoft\Kiota\Authentication\Oauth\AuthorizationCodeContext;
use Microsoft\Graph\Core\Authentication\GraphPhpLeagueAuthenticationProvider;
$tokenRequestContext = new AuthorizationCodeContext(
'tenantId',
'clientId',
'clientSecret',
'authCode',
'redirectUri'
);
Note that your application will need to handle redirecting the user to the Microsoft Identity login page to get the authorization_code
that's passed into the AuthorizationCodeContext
.
See for more on the authorization_code
grant flow.
To keep your user signed in across multiple requests within a session, see section on access token management
Using the Token Request Context and optional scopes, a GraphServiceClient
can be initialised:
use Microsoft\Graph\GraphServiceClient;
// Defaults to using https://graph.microsoft.com/.default scopes
$graphServiceClient = new GraphServiceClient($tokenRequestContext);
// With specific scopes
$scopes = ['User.Read', 'Mail.ReadWrite'];
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
To initialize the GraphServiceClient
with an already acquired access token or to retrieve the access token that the SDK fetches on your behalf, see section on access token management.
For more on Graph client configuration, see more examples
The following is an example that shows how to fetch a user from Microsoft Graph
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Kiota\Abstractions\ApiException;
use Microsoft\Kiota\Authentication\Oauth\ClientCredentialContext;
$tokenRequestContext = new ClientCredentialContext(
'tenantId',
'clientId',
'clientSecret'
);
$graphServiceClient = new GraphServiceClient($tokenRequestContext);
try {
$user = $graphServiceClient->users()->byUserId('[userPrincipalName]')->get()->wait();
echo "Hello, I am {$user->getGivenName()}";
} catch (ApiException $ex) {
echo $ex->getError()->getMessage();
}
Note: The SDK is designed to make async requests by default. Operations (
get()
,post()
...) return a Promise. To get the result, callwait()
after the operation. Example:->get()->wait();
Note that to calling me()
requires a signed-in user and therefore delegated permissions (obtained using the authorization_code
flow):
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Kiota\Abstractions\ApiException;
use Microsoft\Kiota\Authentication\Oauth\AuthorizationCodeContext;
$tokenRequestContext = new AuthorizationCodeContext(
'tenantId',
'clientId',
'clientSecret',
'authCode',
'redirectUri'
);
$scopes = ['User.Read'];
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
try {
$user = $graphServiceClient->me()->get()->wait();
echo "Hello, I am {$user->getGivenName()}";
} catch (ApiException $ex) {
echo $ex->getError()->getMessage();
}
For detailed information on breaking changes, bug fixes and new functionality introduced during major upgrades, check out our Upgrade Guide
Run
vendor/bin/phpunit
from the base directory.
View or log issues on the Issues tab in the repo.
Please read our Contributing guidelines carefully for advice on how to contribute to this repo.
Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT license.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.