Integrations

Microsoft Graph Webhooks Guide

Microsoft Graph change notifications can drive automation for users, groups, mail, calendar, files, Teams, and directory workflows. Subscription validation and renewal behavior make the webhook endpoint more than a simple POST receiver.

FastHook answers validationToken checks, optionally validates clientState, stores notification evidence, routes accepted events, and gives operators retry and replay controls for downstream Graph-driven workflows.

Microsoft Graph webhook validationToken ingress contract. — Microsoft Graph validation is challenge-based. Keep validation requests and normal change notifications visible separately.

Graph validation fields

validationToken: GET query parameter FastHook returns as plaintext for subscription validation.
clientState: optional notification body value FastHook can compare when configured.

Create a Microsoft Graph source

Create Microsoft Graph source

curl -X POST "https://api.fasthook.io/v1/sources" \
  -H "Authorization: Bearer $FASTHOOK_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Microsoft Graph production",
    "type": "MICROSOFT_GRAPH",
    "config": {
      "auth_type": "PROVIDER_SIGNATURE",
      "auth": {
        "provider": "MICROSOFT_GRAPH",
        "client_state": "optional-client-state"
      },
      "allowed_http_methods": ["POST", "PUT", "PATCH", "DELETE"]
    }
  }'

Routing strategy

Use separate sources or routes for high-risk tenants and production subscriptions.
Route user, group, mail, calendar, file, and Teams notifications by owning workflow.
Inspect validation requests separately from normal POST notifications.
Replay failed notifications only after the destination can safely reconcile current Graph state.

Microsoft Graph Webhooks Guide

Graph validation fields

Create a Microsoft Graph source

Routing strategy

Related guides