On

Following up on my previous post which was a very quick intro to building security apps using Microsoft Graph, to get things up and running there is no easier way than finding an app built by someone else that demonstrate some use cases and see it for yourself. a very good start is https://github.com/Microsoft/securitydev which has a sample app that displays your organisation score and list alerts and actions of these alerts.

First let's discuss the components of this sample:
  • An Angular SPA: represents the front end and it does trigger the authentication flow for the user 
  • A set of APIs:  connects to MS Graph security endpoints to collect alert, action and secure score data
  • notification end point: to set up remote endpoint for MS Graph webhook subscriptions and a SignalR enabled web page to display notifications in an interactive manner.

What you need to be able to run this sample?
  1. Azure AD application, can be easily registered following the guide https://docs.microsoft.com/en-us/graph/auth-register-app-v2 please note that the app need to have permission to MS Graph security endpoints as application permission as the security information (alerts, actions and secure store) is accessed by the API endpoint not as user identity
  2. need to replace the client ID and client secret in both appSettings.json and environments.ts files 
  3. If you are running this app locally (development environment) you can either run ng build  manually or preferably added to your visual studio build pipeline, (note if you don't have angular-cli installed you need to install it by simply
  4. Now you can run the app and launch it on the browser, you will be prompted to login in using your Azure AD credentials and you can have a go with the app various pages, there is a security dashboard, alerts, actions, subscriptions and secure scores