Unlocking the Enterprise with Office 365

Office_365_AppsEnterprises have a trove of business resources and data that are often under-utilized – users, calendars, contacts, emails, tasks, documents and other files. Often there are redundancies between what users do with Office applications and other enterprise applications, and a painful lack of integration.

In prior posts, I discussed the compelling new Office 365 development platform and introduced Matter Center to demonstrate how integrating web-based add-ins directly into Office applications like Outlook can lead to productivity gains and happy users.

In this post we’ll introduce a sample application to show a practical example of how we can use these technologies to bring enterprise applications together with these valuable resources.

The Key

Microsoft’s new unified Graph API provides a RESTful Web API for programmatic access to the wealth of resources and functionality in both Office 365 and Azure Active Directory. With this single endpoint you have a platform-independent, secure API to integrate with applications, services and workflows.

One Identity: Azure Active Directory

Azure Active Directory (AAD) is Microsoft’s “Identity as a Service (IDaaS)” solution, and it provides authentication and authorization services for Office 365. Your directory can exist entirely in the cloud or be synchronized with an on-premises Active Directory. The same Azure Active Directory credentials are used to secure all Graph API calls.

Example App: Work Item Tracker

As a simple example, let’s imagine a Work Item tracking system that lets authorized users add, update and delete work items. When a work item is created, we want it automatically assigned to a user who is available on the work item’s due date. Once assigned, the application sends an email notification to the user. We’d like the user to be able to manage work items without having to switch from Outlook to the full application.

The flow for adding a work item looks like this:

Work Item Workflow

We’ll use Microsoft Azure for hosting and services, so our architecture diagram looks like this:

Work Item Architecture

The architecture has these components:

  • An ASP.NET Work Item app with both a Web API for REST access to work items, and an MVC controller for the UI. Both will be secured by requiring Azure Active Directory credentials.
  • An Azure SQL Database to store the work items.
  • An Azure Storage Queue: we don’t want to tie up the work item save operations with additional scheduling and email processing, so we’ll add an item to the queue and process it in the background.
  • An associated Web Job that processes items in the queue by using the Graph API to find an available user and send an email upon assignment. This means we’ll need to configure app-only credentials in AAD for access to Office 365.
  • An Outlook Add-in that allows users to manage the work item in Outlook. Its web app can be serviced by the same App Service instance as our other web.

The App and Add-in in Action

Here are a few example screen shots of the solution in action.


We can get to the home page without authentication:

Work Item app home page


When we try to view or create a work item, we are redirected to sign in with our Azure Active Directory account using the standard Microsoft login page:

Work Item app login page


After signing in, we can view, create, edit and delete work items. Let’s add a new one:

Work Item app add new


When we click the Create button, the item is saved to the database, and a task to assign the work item is added to the queue. Then our worker job picks up the item from the queue, checks user’s calendars in Office 365, and assigns the work item to an available user and sends a notification email. Here we see the new item assigned:

Work Item app view item


Now in Outlook we can see the email notification. When viewing the item, we see a link to the Work Item add-in:

Work Item outlook email


If we click on the Work Item Form link, it opens our Add-in application which looks up the work item related to the email:

Work Item outlook email form


Let’s set the Status to In Progress, add some Notes and Save:

Work Item outlook email form updated


We can check back with the full application to confirm the changes:

Work Item app view updated item

The Benefits

We’ve just scratched the surface of what the Graph API and Office 365 Add-ins have to offer, but we’ve already realized these benefits:

  1. A single authentication and authorization source to secure all resources and applications using Azure Active Directory.
  2. Retrieving a list of users to consider for scheduling from Azure Active Directory. We could easily leverage groups in AAD for more granular management of which users should be considered.
  3. Automated scheduling and work assignment based on users’ calendars in Office 365.
  4. Securely sending email notifications to users with ease.
  5. Users can securely manage work items from within their email notification in Outlook. No need to switch applications.

In my next post we’ll take a look more closely at the Graph API and the implementation for this example.

→ Learn more about our Office 365 solutions

Further Reading from our Office 365 Series:

Office 365 as a Development Platform

Matter Center on the Office 365 Platform

Office 365 and the Graph API: Under the Hood

Improving Productivity With Office 365 Add-Ins

About David Zientara

David Zientara joined AIS in 2010 with over 15 years of software engineering and architecture experience, much of it utilizing the Microsoft technology stack. His career has spanned industries such as security, digital imaging, health care, education and non-profits with organizations ranging from small start-ups to multi-national corporations. His enthusiasm is currently focused on HTML5 and JavaScript front ends, server-side solutions using technologies like ASP.NET MVC and Web API, and leveraging cloud services. David’s other passions include music, foreign languages and cultures, and travel.