Skip to content
Create Microsoft Graph webhook subscriptions for a Node.js app, so that it can receive notifications of changes in a user’s Microsoft account data.
Branch: master
Clone or download
Latest commit cefeb56 Oct 9, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin feat: update to es6 Jun 17, 2017
helpers chore: simplify the app Jun 19, 2017
public chore: remove header Oct 24, 2017
routes chore: simplify the app Jun 19, 2017
tests Took care of feedback from editor. Mar 22, 2016
views chore: remove favicon Jun 19, 2017
.bowerrc Added scaffold for node express Feb 9, 2016
.editorconfig Added scaffold for node express Feb 9, 2016
.eslintrc.js feat: update to es6 Jun 17, 2017
.gitignore Updated gitignore Feb 24, 2016
.travis.yml feat: update to es6 Jun 17, 2017 Added information about the Microsoft Open Source Code of Conduct Jul 19, 2016
LICENSE.txt Updated Node.js license in NOTICES file Mar 2, 2016 Fixed markdown lint issues May 3, 2018
app.js Removed unused dependency Jul 30, 2018
bower.json Added scaffold for node express Feb 9, 2016
constants.js Updated resource webhook to *me/mailFolders('Inbox')/messages* Mar 14, 2016
gulpfile.js chore: simplify the app Jun 19, 2017
package-lock.json Updated dependencies Oct 9, 2018
package.json Updated dependencies Oct 9, 2018

Microsoft Graph Webhooks Sample for Node.js

Build Status

This Node.js sample shows how to start getting notifications from Microsoft Graph. The following are common tasks that a web application performs with Microsoft Graph webhooks.

  • Sign-in your users with their work or school account to get an access token.
  • Use the access token to create a webhook subscription.
  • Send back a validation token to confirm the notification URL.
  • Listen for notifications from Microsoft Graph.
  • Request for more information in Microsoft Office 365 using data in the notification.


  1. First you need sign in.

    sign in

  2. Once signing in, the app will listen to the incoming emails.


  3. After sending the email to the address, you will see the email in the app.



To use the Webhook sample, you need the following:

Register the app

This app uses the Azure AD endpoint, so you'll register it in the Azure Portal.

  1. Sign in to the portal using your work or school account.

  2. Choose New application registration.

    1. Enter a friendly name for the application.
    2. Choose 'Web app/API' as the Application Type.
    3. Enter http://localhost:3000/callback for the Sign-on URL.
    4. Click Create.
  3. Choose your new application from the list of registered applications.

  4. Copy and store the Application ID. This value is shown in the Essentials pane or in Settings > Properties.

  5. To enable multi-tenanted support for the app, choose Settings > Properties and set Multi-tenanted to Yes.

  6. Configure permissions for your application:

    1. Choose Settings > Required permissions > Add.
    2. Choose Select an API > Microsoft Graph, and then click Select.
    3. Choose Select permissions, scroll down to Delegated Permissions, choose Read user mail, and then click Select.
    4. Click Done.
  7. Choose Settings > Keys. Enter a description, choose a duration for the key, and then click Save.

  8. Important: Copy the key value--this is your app's secret. You won't be able to access this value again after you leave this blade.

You'll use the application ID and secret to configure the app.

Configure a tunnel for your localhost

The sample uses localhost as the development server. For this reason, we need a tunnel that can forward requests from a URL on the Internet to your localhost. If for any reason, you don't want to use a tunnel, see Hosting without a tunnel. If you want a detailed explanation about why to use a tunnel, see Why do I have to use a tunnel?

For this sample, we use ngrok to create the tunnel. To configure ngrok:

  1. Download and unzip the ngrok binaries for your platform.

  2. Type the following command:

    ngrok http 3000
  3. Take note of the https public URL that ngrok provides for you. This is an example:


You'll need the NGROK_ID value in the next section.

Configure and run the web app

  1. Use a text editor to open constants.js.

  2. Replace ENTER_YOUR_CLIENT_ID with the client ID of your registered Azure application.

  3. Replace ENTER_YOUR_SECRET with the client secret of your registered Azure application.

  4. Replace NGROK_ID with the value in https public URL from the previous section.

  5. Install the dependencies running the following command:

    npm install
  6. Start the application with the following command:

    npm start

    Note: You can also make the application wait for a debugger. To wait for a debugger, use the following command instead:

    npm run debug

    You can also attach the debugger included in Microsoft Visual Studio Code. For more information, see Debugging in Visual Studio Code.

  7. Open a browser and go to http://localhost:3000.


If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.

Questions and comments

We'd love to get your feedback about the Microsoft Graph Webhook sample. You can send your questions and suggestions to us in the Issues section of this repository.

Office 365 development questions? Post them to Stack Overflow. Make sure to tag your questions or comments with [Office365] and [API].

Additional resources


Copyright (c) 2016 Microsoft. All rights reserved.

You can’t perform that action at this time.