Example: Azure User Management

If you already use Azure Active Directory for identity and access management, it is easy to extend your app with user discovery and contact management using the Microsoft Graph API. The BBM Enterprise SDK examples include a user management implementation using Microsoft Graph API to access Azure Active Directory.

In Microsoft Azure, each access token must be used for a specific resource. Your app has to authenticate against Azure with a scope containing all Microsoft Graph API permissions to access Active Directory user data. It cannot reuse the access token granted for the BBM Enterprise SDK.

Extend Active Directory User Data with BBM Enterprise Account

The Microsoft Graph API allows an app to access the data of Active Directory users, and to write custom application data for each user using custom extensions. In the BBM Enterprise SDK examples, a user's registration ID (regId) is automatically stored against the user's data in Azure Active Directory. This allows your app to easily integrate against a corporate directory to facilitate user lookup, and start secure chat, voice, and video communications using the BBM Enterprise SDK. Your app can also leverage Microsoft Graph API to manage a contact list by utilizing user groups or other criteria.

Give your app permission to access Microsoft Graph API

Note: These instructions assume your app will use Azure Active Directory v2.0 authentication API.

From the Microsoft Application Registration Portal, access the Microsoft Graph Permissions section and add the following:

Modifying an example app to use Azure Active Directory

The BBM Enterprise SDK examples can be setup to use the Microsoft Graph API to access Azure Active Directory for User Management.