If you want quick access to Microsoft 365 data without a full app registration, Graph Explorer is the fastest on-ramp. It gives you a short-lived access token you can hand to an AI assistant or use directly to explore the Microsoft Graph API.

⚠️ For Testing Only: Graph Explorer tokens are ideal for exploration, prototyping, and working with AI assistants. For production applications, implement proper app registration with OAuth flows. These tokens use delegated permissions (acting as you), not application permissions.

What You Can Do

With the right permissions, you can query or automate almost anything in Microsoft 365. Here are common, low-friction use cases:

  • Email search: find messages by sender, subject, or time window
  • Teams discovery: list teams and channels, read recent messages
  • Send messages: post to Teams channels or chats
  • SharePoint: list sites, browse drives, read files
  • Profile data: get /me and org info to bootstrap workflows

Microsoft Graph Explorer Self-Service Quick Guide

  1. Go to Graph Explorer: https://developer.microsoft.com/en-us/graph/graph-explorer
  2. Sign in with your Microsoft account (top right)
  3. Pick your endpoint from the sidebar or type it manually
  4. Check permissions for the request
  5. Copy the access token: click the "Access token" tab in the response area, then click the copy icon
  6. Give your AI assistant the token + endpoint, or use tools like Postman or curl

Example endpoints to try:

# Read operations
GET https://graph.microsoft.com/v1.0/me
GET https://graph.microsoft.com/v1.0/me/messages?$top=10
GET https://graph.microsoft.com/v1.0/me/joinedTeams
GET https://graph.microsoft.com/v1.0/me/drive/root/children
GET https://graph.microsoft.com/v1.0/sites?search=marketing

# Write operations (requires appropriate permissions)
POST https://graph.microsoft.com/v1.0/teams/{team-id}/channels/{channel-id}/messages
POST https://graph.microsoft.com/v1.0/me/sendMail

When prompting your AI tool, keep it simple and explicit:

Token: ACCESS_TOKEN_HERE
Endpoint: GET https://graph.microsoft.com/v1.0/me/messages?$top=10

Advanced Filtering with OData

Graph API supports OData query parameters for precise filtering and selection:

# Filter messages by sender
GET .../me/messages?$filter=from/emailAddress/address eq 'boss@company.com'

# Select specific fields only
GET .../me/messages?$select=subject,receivedDateTime&$top=5

# Combine filter and select
GET .../me/messages?$filter=isRead eq false&$select=subject,from&$top=20

Important Notes

  • Token expiry: expect 60-90 minutes before you need a new token
  • Scope-limited: the token only works for permissions you consented to
  • Admin consent: some permissions require admin approval and won't work self-service
  • Store securely: treat tokens like passwords, avoid sharing them, and revoke if exposed
  • Common errors: 401 (expired/invalid token), 403 (insufficient permissions), 429 (rate limit - check retry-after header)

Reference Links

Resource Link
Graph Explorer developer.microsoft.com/en-us/graph/graph-explorer
API Reference learn.microsoft.com/en-us/graph/api/overview
Permissions Reference learn.microsoft.com/en-us/graph/permissions-reference
Quick Start Guide learn.microsoft.com/en-us/graph/tutorials
Authentication Basics learn.microsoft.com/en-us/graph/auth/auth-concepts
Graph Explorer is the fastest way to go from "I wonder if this is possible" to "yes, here's the data."
Microsoft 365 Graph API Graph Explorer Teams SharePoint AI Tools