Adding a Office 365 Graph API Key to VitalSigns

Owned by Chandler Berry
Last updated: Mar 17, 2021
4 min read

Many of the API calls that VitalSigns makes have recently been deprecated by Microsoft. To continue to get this data, we have utilized Microsoft's own Graph API.

Azure Portal

Detailed in this document is the process for adding the Graph API to VitalSigns to utilize VitalSigns rich metrics and Administrative abilities.

The first steps of this process are below:

  1. Navigate to the Office365 portal.
    http://portal.azure.com
  2. At the Search bar on the Top of the Screen, type in the search term App registrations, and select it from the results
  3. Click on the New Registration button.
  4. Enter a recognizable name, then click the Register button at the bottom of the page.
  5. From the Left Pane of the resulting page, select the menu item labelled API permissions.
  6. Click on the button labelled Add a permission
  7. From the resulting pane on the right, select Microsoft Graph
  8. Select Application permissions
  9. From the list that populates, select the following permissions:

    If you want VitalSigns to collect information about your tenant (required to populate the O365 tabs), then give it minimal Read rights:

    • Group.Read.All
    • Reports.Read.All
    • Sites.Read.All
    • Files.Read.All (reserved for future features related to reporting on OneDrive usage)

    If you want VitalSigns to be able to collect information about your tenant, AND perform end user experience testing then it will require more elevated rights:

    • Calendars.ReadWrite
    • Files.Read.All
    • Group.ReadWrite.All
    • Mail.ReadWrite
    • Mail.Send
    • Reports.Read.All
    • Sites.Read.All
  10. Click on the Add permissions button.
  11. Click on the Grant admin consent for <Directory Name> button
  12. Click Yes on the resulting pop-up.
  13. Navigate to the Overview page from the left Navigation Pane.
  14. Click the Copy to Clipboard button next to the field titled Application (client) ID

  15. Continue on to the VitalSigns UI portion of these steps.

    STOP Do NOT continue with step 16-19 until told so by the steps in the VitalSigns portion of this guide

  16. Navigate to the Certificates and secrets page from the left Navigation Pane.

  17. Click on the New client secret button
  18. Give a Name to the secret, and click on the Add button.
  19. Click the Copy to Clipboard button next to the Value 
2.
3. 
4.
5. 
6. 
7. 

8. 

9.

10.

11. 

12. 

13. 

14. 

16. 
17. 
18. 
19. 

VitalSigns UI

This portion of the guide takes place in the VitalSigns UI.

  1. Navigate to and log in to your VitalSigns Environment
  2. Navigate to the Application Settings page, under the Configurator category
  3. Select the credentials tab
  4. Click the Add button to add a new set of credentials.
  5. Fill out the fields with the following:
    1. Alias: A name for the credentials
    2. User ID: The string you copied from Application (client) ID
    3. Device Type: Office 365

    4. Password: This is the value of the Secret

      At this point, you can finish step 16-19 in the Azure section of this guide.

  6. Click the Save button.

2. 

3. 

4. 

5. 

6. 


Setting up Azure to allow Login in VitalSigns

This section goes over how to modify your VitalSigns App Registration to allow for Azure Active Directory Login to VitalSigns. This does assume that you have previously set up a Graph API App Registration for use with VitalSigns.

  1. Navigate to the Office365 portal.
    http://portal.azure.com
  2. At the Search bar on the Top of the Screen, type in the search term App registrations, and select it from the results
  3. Find the existing VitalSigns App registration and select it
  4. Copy the Application (client) ID
  5. Log in to the Windows Machine that VitalSigns is installed on
  6. Navigate to this directory: C:\inetpub\wwwroot\VSWeb\wwwroot\ and open the config.production file in Notepad.
  7. Inside the bracket, add the following: "azureClientId": and paste the id in quotes, as shown on the right:
  8. Next, go back to the Azure Portal, and open the Authentication tab on the VitalSigns App Registration
  9. Click on the "Add a Platform" button, then Select the Web option.
  10. Enter the FQDN of the VitalSigns site into the Redirect URIs field, adding "http://" or "https://" to the beginning, and "/login" to the end, shown on the right:
  11. Do the same for the Front-channel logout url field.
  12. Check both the Access tokens and ID tokens check boxes
  13. Set the Supported Account types to Multitenant

2. 

4.

6.

7.
{
"apiEndpoint": "http://hostsite.com:5000",
"uatStorage": "session",
"azureClientId": "IDGoesHere"
}

10.
http://hostsite.com/login 

12.