Hi, my name is David Carr and I'm a PHP Developer.

Blog Archives Categories Authors About Me Open Source Books Contact Me

Sponsor Me

Help support the blog so that I can continue creating new content!

My Latest Book

Laravel: The Modular way

Learn how to build modular applications with Laravel Find out more


Via Composer

composer require dcblogdev/laravel-microsoft-graph


You can publish the config file with:

php artisan vendor:publish --provider="Dcblogdev\MsGraph\MsGraphServiceProvider" --tag="config"

When published, the config/msgraph.php config file contains:


return [

    * the clientId is set from the Microsoft portal to identify the application
    * https://apps.dev.microsoft.com
    'clientId' => env('MSGRAPH_CLIENT_ID'),

    * set the application secret

    'clientSecret' => env('MSGRAPH_SECRET_ID'),

    * Set the url to trigger the oauth process this url should call return MsGraph::connect();
    'redirectUri' => env('MSGRAPH_OAUTH_URL'),

    * set the url to be redirected to once the token has been saved

    'msgraphLandingUri'  => env('MSGRAPH_LANDING_URL'),

    set the tenant authorize url

    'tenantUrlAuthorize' => env('MSGRAPH_TENANT_AUTHORIZE'),

    set the tenant token url
    'tenantUrlAccessToken' => env('MSGRAPH_TENANT_TOKEN'),

    set the authorize url
    'urlAuthorize' => 'https://login.microsoftonline.com/'.env('MSGRAPH_TENANT_ID', 'common').'/oauth2/v2.0/authorize',

    set the token url
    'urlAccessToken' => 'https://login.microsoftonline.com/'.env('MSGRAPH_TENANT_ID', 'common').'/oauth2/v2.0/token',

    set the scopes to be used, Microsoft Graph API will accept up to 20 scopes

    'scopes' => 'offline_access openid calendars.readwrite contacts.readwrite files.readwrite mail.readwrite mail.send tasks.readwrite mailboxsettings.readwrite user.readwrite',

    The default timezone is set to Europe/London this option allows you to set your prefered timetime
    'preferTimezone' => env('MSGRAPH_PREFER_TIMEZONE', 'outlook.timezone="Europe/London"'),


You can publish the migration with:

php artisan vendor:publish --provider="Dcblogdev\MsGraph\MsGraphServiceProvider" --tag="migrations"


Optionally if you plan on using Microsoft Graph as a login system you can publish a listener:

php artisan vendor:publish --provider="Dcblogdev\MsGraph\MsGraphServiceProvider" --tag="Listeners"

This contains the following listener:


namespace App\Listeners;

use App\Models\User;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Dcblogdev\MsGraph\Models\MsGraphToken;
use Illuminate\Support\Facades\Auth;

class NewMicrosoft365SignInListener
    public function handle($event)
        $tokenId = $event->token['token_id'];
        $token = MsGraphToken::find($tokenId)->first();

        if ($token->user_id == null) {
            $user = User::create([
                'name'  => $event->token['info']['displayName'],
                'email' => $event->token['info']['mail'],
                'password' => ''

            $token->user_id = $user->id;


        } else {
            $user = User::findOrFail($token->user_id);


You can customise this to suit your application.

After the migration has been published you can create the tokens tables by running the migration:

php artisan migrate

.ENV Configuration

Ensure you've set the following in your .env file:



If you've setup a single-tenant application make sure to include the tenant ID in the .env:

The tenantID value can be seen in the application you've created at https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps click on your application, the Directory (tenant) ID will be listed at the top of the page.

Adding the tenant_id changed some of the URLs from using /common/ to using the supplied tenant ID


When logging in as a tenant (for Admin access) add the tenant ID .env:


Optionally add



Copyright © 2009 - 2022 David Carr. All code MIT license. All rights reserved.