Dev Proxy v0.29 with refactored architecture, MCP server, and exposed LM prompts | by Waldek Mastykarz & Garry Trinder.

https://devblogs.microsoft.com/microsoft365dev/dev-proxy-v0-29-with-refactored-architecture-mcp-server-and-exposed-lm-prompts/

Reminder: Exclusive Training for OpenAIRE Members

Join us on 6 June, 14:00–16:00 CEST for a hands-on session on the @OpenAIREGraph

Not a member? Join our public session on June 20! Registration below.

Register now: shorturl.at/QZVD2

I'm not easily swearing, but how can I put this: sending infra emails from a data center to addresses managed by #Microsoft 365 is crazy. MS dislikes #SMTP AUTH, ok, and so begins the #OAuth journey to get the #postfix mail relay to embrace OAuth

The best idea so far is to write a script that acts as a proxy between postfix and MS, sending emails via the MS #GraphAPI. Undoubtedly much more secure and, just as undoubtedly, absolutely no vendor lock-in for something as simple as SMTP ... WTF!!

Just published a guide on setting up custom admin notifications for new Intune enrollments.

Read it here: https://moltenbit.net/posts/custom-admin-notifications-for-new-intune-enrollments/

Dev Proxy v0.26 with improved mocking, plugin validation, and Docker support | by Waldek Mastykarz & Garry Trinder.

https://devblogs.microsoft.com/microsoft365dev/dev-proxy-v0-26-with-improved-mocking-plugin-validation-and-docker-support/

Hat hier jemand schon mal Erfahrung mit der #Instagram Graph API gemacht und diese erfolgreich mit Mastodon verknüpft? Ich würde gerne wissen, ob das möglich ist und wie man Inhalte von Instagram automatisch hierher spiegeln kann.

Aktuell vermehrt #Cyberangriffe auf #Owncloud-Instanzen - Patch für die ausgenutzte #Schwachstelle ist seit September 2023 verfügbar, allen Administratoren wird deshalb die dringende Aktualisierung der #Graphapi-App auf Version 0.3.1 nahe gelegt:
"Die bei den beobachteten Angriffen ausgenutzte Sicherheitslücke ist als CVE-2023-49103 registriert und mit dem maximal möglichen CVSS-Wert von 10 als kritisch eingestuft." #cybersecurity #cybersicherheit
https://www.golem.de/news/patch-verfuegbar-kritische-owncloud-luecke-wird-vermehrt-attackiert-2502-193282.html

How to check for OAuth apps with specific Graph permissions assigned

https://jeffreyappel.nl/how-to-check-for-oauth-apps-with-specific-graph-permissions-assigned/

Meta releases Graph API v21.0 and Marketing API v21.0: New API versions bring changes to Facebook, Instagram, and WhatsApp platforms. Learn about deprecations and feature updates. https://ppc.land/meta-releases-graph-api-v21-0-and-marketing-api-v21-0/?utm_source=dlvr.it&utm_medium=mastodon #Meta #GraphAPI #MarketingAPI #Facebook #Instagram

Dev Proxy v0.23 with inspecting cloud API requests.

https://buff.ly/3ASP0jE
#m365 #graphapi #msgraph #apis #proxy #webdev #cloud

Some Graph API fun today.

The Graph API knows `applications` (https://learn.microsoft.com/en-us/graph/api/resources/application) and `servicePrincipals` (https://learn.microsoft.com/en-us/graph/api/resources/serviceprincipal).

The Azure Portal knows `App Registrations` and `Enterprise Applications`.

App Registrations (Portal) = applications (Graph API)
Enterprise Applications (Portal) = servicePrincipals (Graph API)

Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

```
GET /servicePrincipals/{id}
GET /servicePrincipals(appId='{appId}')
GET /applications/{applicationObjectId}
GET /applications(appId='{appId}')
```

When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.

Dev Proxy v0.21 with simulating authentication and authorization by Waldek Mastykarz & Garry Trinder.

#m365 #devproxy #msgraph #graphapi #apis #oauth #auth
https://devblogs.microsoft.com/microsoft365dev/dev-proxy-v0-21-with-simulating-authentication-and-authorization/

Fantastic blog post around looking for malicious activity in the #Microsoft #GraphAPI https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/hunting-with-microsoft-graph-activity-logs/ba-p/4234632. Shiva also demonstrates & shares all the #KQL queries. It really demonstrates some of the power of KQL. For the next week the #KQL book is 50% off at MS Press. https://www.microsoftpressstore.com/promotions/back-to-learning-sale-save-50-on-books-ebooks-and-video-142521. All the queries in the book are available on GitHub repo for the book. https://github.com/KQLMSPress/definitive-guide-kql. #infosec

Dev Proxy v0.20 with improved simulating API errors and a new API for building integrations.

#m365 #msgraph #devproxy #apis #debugging #testing #graphapi
https://devblogs.microsoft.com/microsoft365dev/dev-proxy-v0-20-with-improved-simulating-api-errors-and-a-new-api-for-building-integrations/

Using Dev Proxy to troubleshoot issues with Graph Connectors by Matteo Pagani.

#devproxy #debugging #m365 #msgraph #graphapi
https://www.developerscantina.com/p/dev-proxy-graph-connectors/

Zuckerberg criticizing Apple for gatekeeping shows a serious lack of self-consciousness.

Remember the Graph API? They just kept on shutting all the features that were deemed "too powerful".

Some stuff to read … https://learn.microsoft.com/de-de/graph/permissions-reference #Microsoft #Azure #GraphAPI Reference with explanations for each privilege…

Wenn du denkst du kennst schon alle #Facebook APIs kommt immer noch eine neue um die Ecke und ist natürlich anders als die anderen. #graphapi

I am eagerly awaiting the big expose on Microsoft #GraphExplorer and #GraphAPI being the source of a major, multi company breach due to its absolute lack of auditing or control