microsoft-graph
Orchestration hub for Microsoft Graph API across Microsoft 365 services. Use for Graph API integrations, querying Microsoft 365 data, and building applications that interact with Azure AD.
What this skill does
# Microsoft Graph API Orchestration Skill
Microsoft Graph is a unified REST API endpoint for accessing Microsoft Cloud resources across Microsoft 365, Windows, and Enterprise Mobility + Security. Base URL: `https://graph.microsoft.com/{version}/{resource}`
**API Versions:** `v1.0` (production) or `beta` (preview)
**Authentication:** OAuth 2.0 via Azure AD
**Data Format:** JSON
## When to Load Which Resource
| Task | Service | Load Resource |
|------|---------|---------------|
| Setup auth, register apps, manage credentials | Applications & Auth | [resources/authentication-apps.md](resources/authentication-apps.md) |
| Manage users, groups, organization, directory | Identity & Access | [resources/identity-access.md](resources/identity-access.md) |
| Email, folders, attachments, rules, signatures | Mail Operations | [resources/mail-operations.md](resources/mail-operations.md) |
| Calendar, events, scheduling, meetings, free/busy | Calendar & Scheduling | [resources/calendar-scheduling.md](resources/calendar-scheduling.md) |
| Upload files, folders, share, OneDrive, SharePoint | Files & Storage | [resources/files-storage.md](resources/files-storage.md) |
| Teams, channels, chats, presence, online meetings | Teams & Communications | [resources/teams-communications.md](resources/teams-communications.md) |
| Planner tasks, To Do lists, OneNote notebooks | Planning & Notes | [resources/planning-notes.md](resources/planning-notes.md) |
| Security alerts, compliance, device management, reports | Security & Governance | [resources/security-governance.md](resources/security-governance.md) |
## Orchestration Protocol
### Phase 1: Analyze Your Task
Identify which service area you need by answering:
- **What resource?** (users, files, messages, events, etc.)
- **What action?** (read, create, update, delete)
- **Who?** (signed-in user or service account)
- **Permissions?** (delegated or application)
### Phase 2: Load the Right Resource
Use the decision table above to find your resource file. Each resource includes:
- Complete endpoint reference with base paths
- Request/response examples for all CRUD operations
- Query parameters and filter options
- Required permissions (delegated and application)
- Error handling patterns and best practices
- Common workflows and patterns
### Phase 3: Implement with Confidence
Each resource shows practical, copy-paste-ready examples for your use case.
## Universal Graph Concepts
**Standard Query Parameters:**
```
$select=prop1,prop2 Choose properties to return
$filter=startsWith(name,'A') Filter results by condition
$orderby=name desc Sort results (asc or desc)
$top=25 Limit to 25 results (default 20)
$skip=50 Skip first 50 results
$expand=members Include related/nested data
$count=true Include total count in response
$search="keyword" Full-text search across content
```
**Standard CRUD Operations:**
```http
GET /me/messages?$select=subject&$top=10 # Read
POST /me/events {"subject": "Meeting", ...} # Create
PATCH /users/{id} {"jobTitle": "Manager"} # Update
DELETE /me/messages/{id} # Delete
```
**Pagination:** Always follow `@odata.nextLink` in responses for complete data sets
**Batch Requests:** Use `POST /$batch` to combine 1-20 operations into single call
**Delta Queries:** Use `GET /users/delta` to track changes since last query via `@odata.deltaLink`
**Error Response Format:**
```json
{"error": {"code": "Code", "message": "Description"}}
```
**Common Status Codes:**
- 200/201/204: Success
- 400: Invalid request
- 401: Authentication required
- 403: Insufficient permissions
- 404: Resource not found
- 429: Rate limited (check Retry-After header)
- 500-503: Server error (implement exponential backoff)
## Resource File Index
| File | Focus | Lines |
|------|-------|-------|
| [authentication-apps.md](resources/authentication-apps.md) | App registration, OAuth, credentials | 350+ |
| [identity-access.md](resources/identity-access.md) | Users, groups, organization, directory | 350+ |
| [mail-operations.md](resources/mail-operations.md) | Email, folders, attachments, rules | 400+ |
| [calendar-scheduling.md](resources/calendar-scheduling.md) | Events, recurring, meetings, free/busy | 350+ |
| [files-storage.md](resources/files-storage.md) | OneDrive, SharePoint, uploads, sharing | 400+ |
| [teams-communications.md](resources/teams-communications.md) | Teams, channels, chats, presence | 350+ |
| [planning-notes.md](resources/planning-notes.md) | Planner, To Do, OneNote | 350+ |
| [security-governance.md](resources/security-governance.md) | Security, compliance, devices, reports | 400+ |
## Best Practices
**Performance:** Use `$select` for specific properties, implement pagination, cache tokens, use batch for bulk ops, apply delta queries for sync scenarios
**Security:** Store tokens securely (never in code), request least-privilege permissions, use managed identities for Azure, rotate credentials every 90 days, validate all responses
**Development:** Test in `beta` endpoint first, monitor deprecation notices, implement exponential backoff for retries, respect rate limiting, check Graph health status
**Troubleshooting:**
- 401 Unauthorized → Check token validity and scopes
- 403 Forbidden → Verify permissions are configured in Azure AD
- 404 Not Found → Verify resource ID and that resource exists
- 429 Too Many Requests → Implement retry with exponential backoff
## Tools & SDK Resources
**Interactive Testing:** Graph Explorer at https://developer.microsoft.com/graph/graph-explorer
**SDKs:**
- .NET: `Microsoft.Graph` NuGet
- JavaScript/TypeScript: `@microsoft/microsoft-graph-client` npm
- Python: `msgraph-sdk-python` pip
**Documentation:**
- API Reference: https://docs.microsoft.com/graph/api/overview
- Permissions Reference: https://docs.microsoft.com/graph/permissions-reference
- Changelog: https://docs.microsoft.com/graph/changelog
---
**Skill Version:** 2.1 | **API Versions:** v1.0 (production), beta (preview) | **Updated:** December 2025
Related in Ads & Marketing
ads
IncludedMulti-platform paid advertising audit and optimization skill. Analyzes Google, Meta, YouTube, LinkedIn, TikTok, Microsoft, and Apple Ads. 250+ checks with scoring, parallel agents, industry templates, and AI creative generation.
banana
IncludedAI image generation Creative Director powered by Google Gemini Nano Banana models. Use this skill for ANY request involving image creation, editing, visual asset production, or creative direction. Triggers on: generate an image, create a photo, edit this picture, design a logo, make a banner, visual for my anything, and all /banana commands. Handles text-to-image, image editing, multi-turn creative sessions, batch workflows, and brand presets.
rpg-migration-analyzer
IncludedAnalyzes legacy RPG (Report Program Generator) programs from AS/400 and IBM i systems for migration to modern Java applications. Extracts business logic from RPG III/IV/ILE source code, identifies data structures (D-specs), file operations (F-specs), program dependencies (CALLB/CALLP), and converts RPG constructs to Java equivalents. Generates migration reports, complexity estimates, and Java implementation strategies with POJO classes, JPA entities, and service methods. Use when modernizing AS/400 or IBM i legacy systems, analyzing RPG source files (.rpg, .rpgle, .RPGLE), converting RPG to Java, mapping data specifications to Java classes, planning legacy system migration, or when user mentions RPG analysis, Report Program Generator, RPG III/IV/ILE, AS/400 modernization, IBM i migration, packed decimal conversion, or mainframe application rewrite.
brand-library-architect
IncludedBuild a complete brand library for a product — visual asset render pipeline, brand documentation set (BRAND, COPY, MANIFESTO, BIOS, FAQ, GLOSSARY, TONE, PRICING), open-source convention files (README, CONTRIBUTING, SECURITY, CODE_OF_CONDUCT), and a self-contained press kit. This skill should be used when the user asks to "build a brand library / brand kit / press kit / brand assets" for a product, "set up a brand library workflow," "create a positioning manifesto plus visual identity," or any combination of brand documentation + visual asset pipeline. Apply phase-by-phase or run end-to-end. Templates are product-agnostic and use {{TOKEN}} placeholders the skill prompts the user to fill.
writing-tech-post
IncludedAuthors engineering blog posts end-to-end: launch deep-dives, incident postmortems, architecture migrations, performance case studies, tutorials, AI/agent system writeups, security disclosures, and research-to-product translations. Picks the correct archetype, plans the abstraction ladder, enforces an evidence cadence (diagrams, benchmarks, profiles, traces, code, ablations), tunes voice against publisher house styles (Datadog, Vercel, GitHub, AWS, Meta, Cloudflare, Jane Street), and runs a pre-publish gate for narrative momentum and disclosure ethics. Use when drafting a new engineering post, restructuring a draft that feels flat, deciding which evidence form belongs where, validating that depth and product context are balanced, or preparing a postmortem, migration, or performance narrative for external publication. Do not use for API reference documentation, README authoring, marketing copy, release notes, generic SEO content, ghost-written executive thought leadership, or non-engineering long-form essays.
blog-google
IncludedGoogle API integration for blog performance: PageSpeed Insights, CrUX Core Web Vitals with 25-week history, Search Console performance, URL Inspection, Indexing API, GA4 organic traffic, NLP entity analysis for E-E-A-T, YouTube video search for embedding, and Google Ads Keyword Planner. Progressive feature availability based on credential tier (API key, OAuth/service account, GA4, Ads). Shares config with claude-seo at ~/.config/claude-seo/google-api.json. Use when user says "google data", "page speed", "core web vitals", "search console", "indexation", "GA4", "keyword research", "nlp entities", "blog performance", "youtube search", "google api setup".