This 75-minute, fast-paced session provides a practical introduction to Microsoft Graph for admins and developers who want to automate Microsoft 365 tasks safely. We’ll walk through creating an app registration, then demystify delegated vs. application permissions, admin consent, and how role-based access control (RBAC) affects what your code can actually do across key workloads.

What you’ll learn

• How Microsoft Graph authentication works at a high level (Entra ID, tokens, scopes, roles)
• A practical “26 steps” setup checklist for app registration (redirect URIs, secrets/certs, API permissions, consent, and testing)
• When to use delegated permissions vs. application permissions—and the security tradeoffs of each
• How admin consent and least-privilege design reduce risk and improve auditability
• Why RBAC still matters after you grant Graph permissions (and how workload roles can block or allow operations)
• Using certificates vs. secrets
• Common pitfalls: over-privileging, missing roles, token audience/scope issues, and consent mismatches

Key Takeaways:

• What is the MS Graph API and how to use it.
• Setting up an Application registration and why there is no Kerberos ticket.
• Role Based Access Control (RBAC) for specific roles and how to set up permissions.