How To Use Graph API To Read Data From OneDrive For Business - Netwoven
Blog

How To Use Graph API To Read Data From OneDrive For Business

By Sabyasachi Bal  |  Published on December 24, 2019

How to use Office 365 Management Activity API

In my last project, there was a requirement to analyze the user’s OneDrive data. For example, I needed to generate a report like if the item was a folder, file or Notebook. Also, I needed other information, for example, the size of the file and if the file was shared with external and internal users.
One of the user’s OneDrive contained more than 100 GB data and 2 lakhs of items count. So, to achieve the goal, there were different options available, like we can use SharePoint Restful API or CSOM or Graph API.
In CSOM, there is a limitation of the threshold value. So, I decided to write a PowerShell with the Graph API.
Microsoft Graph API is a Restful web API that enables us to access Microsoft Cloud Services. To call Graph API, first I needed to create and register an app and get it authenticated.

Steps to create Azure App and Grand Admin Concern:

Step 1. Login to Azure portal (https://portal.azure.com/) with a global admin account.
Step 2. Navigate to Azure Active Directory ->App registration –> New registration
How To Use Graph API To Read Data From OneDrive For Business
Step 3. Provide a user friendly APP name and use redirect URI as (https://localhost ) then click on “Register”
How To Use Graph API To Read Data From OneDrive For Business
Step 4: Configure permission. To call Graph API, I need to grant application level permission.
How To Use Graph API To Read Data From OneDrive For Business

Step to Get client id and secrets

To authenticate and get access of the graph API, I need tenant Id, AppId and client Secret.

1. Login to Azure portal (https://portal.azure.com/) with a global admin account.
2. Navigate to Azure Active Directory ->App registration
3. Click on the newly created app from the list.
How To Use Graph API To Read Data From OneDrive For Business
4. Copy Client ID, tenant Id from the Overview section.
How To Use Graph API To Read Data From OneDrive For Business
5. Click on the “Certificate & secrets”
How To Use Graph API To Read Data From OneDrive For Business
6. Click on the “New client secret”
How To Use Graph API To Read Data From OneDrive For Business
7. Give some Description and select “Never”
How To Use Graph API To Read Data From OneDrive For Business
8. Copy the newly created value and store in safe place. We will use in our code.
How To Use Graph API To Read Data From OneDrive For Business

Writing and executing code

We are writing code in PowerShell. I write our code in VS Code.
We need “Microsoft.IdentityModel.Clients.ActiveDirectory.dll” to run the code.

Step 1. Declare 3 global variable and add tenantID, appID, client_secret.
$ADALpath = '\Microsoft.IdentityModel.Clients.ActiveDirectory.dll'
$tenantID = "######”
$appID = "#######" #the GUID of your app. For best result, use app with Sites.ReadWrite.All scope granted.
$client_secret = "########" #client secret for the app
Step 2. To obtain access toke use following code:
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList "https://login.windows.net/$tenantID"
$ccred = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential -ArgumentList $appID,$client_secret
$global:authHeader = @{'Authorization'=$authenticationResult.Result.CreateAuthorizationHeader()}
Step 3. To get all users of your tenant, execute following query:
$uri = "https://graph.microsoft.com/v1.0/users?$`select=displayName,mail,userPrincipalName,id,userType&`$top=999&`$filter=userType eq 'Member'
$result = Invoke-WebRequest -Headers $AuthHeader -Uri $uri -Verbose:$VerbosePreference -ErrorAction Stop
Step 4: Loop each of the results and execute the following line:
$uri = "https://graph.microsoft.com/v1.0/users/$($user.id)/drive/root"

It will return users root folder details.

Step 5: If root folder contains any child items then traverse each item.
Step 6: For getting child item details, we will execute following query:
$uri = https://graph.microsoft.com/v1.0/users/$($user.id)/drive/root/children
$children = @()
    do {
        $result = Invoke-GraphApiRequest -Uri "$URI" -Verbose:$VerbosePreference
        $URI = $result.'@odata.nextLink'
        $children += $result
    } while ($URI)
    if (!$children) { Write-Verbose "No items found for $($user.userPrincipalName), skipping..."; continue }
    $output = @()
    $cFolders = $children.value | ? {$_.Folder}
    $cFiles = $children.value | ? {$_.File} 
    $cNotebooks = $children.value | ? {$_.package.type -eq "OneNote"}

Store the output into a global variable.
To export output in a csv, execute the following query:

$Output | select OneDriveOwner,Name,lastModifiedDateTime,ItemType,Versions,Size,publicationStatus,Shared,ExternallyShared,Permissions,ItemPath | Export-Csv -Path "$((Get-Date).ToString('yyyy-MM-dd_HH-mm-ss'))_ODFBSharedItems.csv" -NoTypeInformation -Encoding UTF8 -UseCulture

Related Posts

1 comment

  1. am testing it on Windows PowerShell … i Get an error for the below command ….
    $authContext = New-Object “Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext” -ArgumentList “https://login.windows.net/$tenantID”
    error
    New-Object : Cannot find type [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]: verify that the assembly containing this type is loaded.
    At line:1 char:16

    can you kindly guide on this ….

    Reply

Leave a comment

Your email address will not be published. Required fields are marked *

Unravel The Complex
Stay Connected

Subscribe and receive the latest insights

Netwoven Inc. - Microsoft Solutions Partner

Get involved by tagging Netwoven experiences using our official hashtag #UnravelTheComplex