Using the Microsoft Graph REST API in a Logic App is a nice way of creating integrations that work with Azure Active Directory. There are instructions how to use the API with Active Directory OAuth Authentication here, but they do not map directly to the built in authentication in Logic Apps, so i thought i would share what worked for me. This example queries the API for users but it should work with any Microsoft Graph query given the right permissions.
In an HTTP action, use https://graph.microsoft.com/v1.0/users as URI and enter the following values after selecting Active Directory OAuth under Authentication (Authority needs to be added by clicking "Add new parameter").
Authority | https://login.windows.net |
Tenant | Directory ID from the Application Registration |
Audience | https://graph.microsoft.com/ |
Client ID | Application ID from the Application Registration |
Secret | Client secret from the Application Registration |
Registration might take a moment, but the Logic App should then be able to fetch users from your Azure Active Directory.
Thanks to Mattias Lögdberg for the help and to NBajanca on Stackoverflow for pointing out that you need the Directory.Read.All and not User.Read.All permission to query users.
That is all, have a good day!
Updated 2019-12-09 to use the new App registrations experience in the Azure portal.