GPT How-to: Configuring Microsoft Graph + OAuth (and various third party APIs)

With OpenAI’s latest advancements, particularly the GPT feature and its enhanced assistant capabilities, integrating AI with Microsoft Graph and third-party APIs has become more dynamic and important.

This guide focuses on configuring GPTs, Microsoft Graph with OAuth for seamless interaction, leveraging GPT’s improved context understanding and automated abilities. The integration extends GPT’s reach, enabling it to interact with extensive Microsoft 365 data and services but could be used for pretty much any API that uses Oauth like HubSpot or Google.

The integration of these advanced GPT capabilities with Microsoft Graph unlocks unprecedented possibilities. Microsoft Graph serves as a rich data source encompassing various Microsoft 365 services like Azure AD, Office 365, and more. By tapping into this repository, GPTs can leverage the vast array of organizational data, enhancing AI-driven functionalities.

You can try my functional version here.

Potential Applications

  • Reading and Responding to Emails: With improved language understanding, GPT can effectively manage email communications, summarizing content, drafting responses, and prioritizing actions.
  • Document Management and Review: Utilizing OneDrive integration, GPT can assist in document review, summarization, and organization.
  • Advanced Scheduling Capabilities: GPT’s understanding of natural language can revolutionize calendar management, scheduling meetings, and optimizing appointments.
  • Customized Business Solutions: The amalgamation of GPT with Microsoft Graph opens avenues for personalized AI solutions like intelligent chatbots, virtual assistants, and more, tailored to specific business needs.

Step by Step Guide

Step 1: Register Your Application in Azure Active Directory

  • Log in to Azure Portal: Go to Azure Portal and sign in.
  • Access Azure Entra ID: Select “Azure Entra ID” from the navigation menu.
  • Register Application: Go to “App registrations” > “New registration”. Fill in the details: Name: Choose a meaningful name for your application.
  • Look for Redirect URI (optional): Enter the URL where users will be redirected after authentication. (You’ll likely need to come back to this later.)

Step 2: Obtain Application (Client) ID and Directory (Tenant) ID

  • After registration, note the “Application (client) ID” and “Directory (tenant) ID” from the app overview page.

Step 3: Create a Client Secret

  • Navigate to Certificates & Secrets: In your app’s registration page, go to “Certificates & secrets”.
  • New Client Secret: Create a new client secret and note its value.

Step 4: Set Up OAuth in Your Application

  • Go to Configure in your GPT Creator.
  • Scroll down to Actions and create a new action
  • Copy Sample OpenAPI.json for OAuth
  "openapi": "3.0.0",
  "info": {
    "title": "Microsoft Graph API Example",
    "version": "1.0"
  "servers": [
      "url": ""
  "paths": {
    "/me": {
      "get": {
        "operationId": "getUserProfile",
        "summary": "Get current user profile",
        "responses": {
          "200": {
            "description": "Successful response",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/UserProfile"
        "security": [
            "OAuth2": []
  "components": {
    "schemas": {
      "UserProfile": {
        "type": "object",
        "properties": {
          "displayName": {
            "type": "string"
          "mail": {
            "type": "string"
    "securitySchemes": {
      "OAuth2": {
        "type": "oauth2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "{tenant}/oauth2/v2.0/authorize",
            "tokenUrl": "{tenant}/oauth2/v2.0/token",
            "scopes": {
              "User.Read": "Read user profile"
  • Replace {Tenant} with your tenant value you previously copied.
  • Add Additional Scopes: Add any additional scopes like Mail.Read, etc., as needed to increase functionality like writing emails, creating docs, scheduling meetings.
  • Ask ChatGPT for Help: If you have any questions, feel free to ask ChatGPT.
  • Add Privacy Policy: I used Microsoft’s since it’s their service. Microsoft Privacy Policy

Step 5: Configure Redirect URI

  • Refresh the GPT Creator Interface: This is important, as the redirect URL doesn’t show correctly until the interface is refreshed. This is a strange quirk.
  • Copy the Call Back URL: Add it to the redirects field in the Authentication area of Azure.

Step 6: Reauthorize and Test

  • Reauthorize Your Application: After updating, reauthorize your application and test the required functionality again.
  • Type getUserProfile to see the connection to Microsoft. You may get redirected back to the wrong page, go to the previous Chat interface and type getUserProfile again to reinitialize it.

Additional Notes

  • Beta Platform: The GPT platform is very Beta and doesn’t always act as expected.
  • Troubleshooting Oauth: If the OAuth doesn’t work, remove it and do the steps again. Trust me, this does work. It takes some messing around to get it working.
  • Security: Keep the client secret secure.
  • Redirect URI: Ensure the redirect URI in your OAuth request matches what’s configured in Azure AD.
  • OpenAPI.json Snippets: These provide a blueprint for your API’s authentication structure but do not directly enforce security in a runtime environment. Ensure your implementation in code aligns with this configuration.

You can grab other GPTS from my Repo:

1 Like

Couple things to note. You need to have a azure verified publisher account. You also need to make sure enable all multitenant options.

1 Like

This was a great post. It helped me to use the GPT action with MS Graph api.

1 Like

Hi Kari. are you able to access contents of OneDrive files and ask GPT about them using this?