►
From YouTube: Microsoft Graph community call-May 2020
Description
May’s call, hosted by Jeremy Thake, included an overview of Publisher Verification, Publisher Attestation and Certification and wrapped up by a demo of GitHub Actions hooked up to Calendar API to schedule PR reviews.
Speakers: Jeff Sakowicz, Tony Balkan, Leana Gerrard from Microsoft and Anoop Tatti from Content and Code.
Resources:
Publisher Verification Preview signup https://aka.ms/AA8c3vi
Attestation and Certification overview https://aka.ms/AA8cix6
For more Microsoft Graph videos, visit https://aka.ms/AA8dd5s
Stay connected
Twitter https://twitter.com/microsoft365dev
YouTube https://aka.ms/M365DevYouTube
Blogs https://aka.ms/M365DevBlog
A
Welcome
to
the
Microsoft
girl
community
call
I'm
jeremy
thake,
and
I
am
helping
out
here
with
a
community
call
for
Microsoft
graph.
We've
got
a
bunch
of
really
good
topics
today,
which
I
think
not
just
for
developers
but
also
for
IT
admins
are
looking
to
want
to
control
what
kind
of
apps
enter
their
environment
and
you
know
for
customers
just
be
aware
of
when
they
can
sent
things.
A
What
what
kind
of
things
they
can
trust
based
on
these
programs
that
the
team
of
introducing
so
really
pleased
to
have
the
team
on
here
to
talk
about
that
and
then
once
that's
done,
we've
got
a
newt
who's
going
to
talk
about
how
he
built
a
hub
actions
capability
using
canva,
API
is
kind
of
for
planning
fields
and
releases
and
code
reviews
just
really
really
cool.
So
I'm
really
looking
forward
to
seeing
that
too.
A
But
first
off
just
one
quick
announcement
now
build
2020
is
around
the
corner,
we're
all
very,
very
busy
on
preparing
a
lot
of
really
really
cool
content
that
that's
gonna
occur
across
May,
19th
and
20th.
There
will
be
live
sessions
over
a
48-hour
period
to
accommodate
all
the
different
time
zones
that
you're
in
and
there'll
also
be
a
bunch
of
on-demand
sessions
which
are
a
bit
longer
in
length
and
just
to
call
out
from
a
Microsoft
graph
perspective.
A
We'll
have
a
Microsoft
graph
fundamentals
session
that
you
know,
arenas
and
Darrell
Miller
in
our
team
are
putting
together
and
a
what's
new
session,
which
will
cover
all
the
new
announcements.
That's
happening
in
Microsoft
graph
for
build
that
we've
been
working
on
for
the
last
six
months
of
we
semester
plan.
We
call
it
which
at
least
yang
and
Vincent
Bray
have
been
putting
together
and
those
will
be
on
demand
sessions.
A
You've,
gotta
watch
it
anytime
and
then
Nick
elements
you
live
and
myself
are
actually
putting
together
a
three
hour,
twitch
stream,
which
will
start
at
3:45
in
the
afternoon
on
Wednesday
the
20th
we're
gonna
be
building
a
an
application
in
teams
that
consumes
a
graph
that
user
Microsoft
graph
talk
here.
It's
full
reacts
will
be
showing
how
you
can
use
SPF
X
as
part
of
that
deployment.
A
While
we
talk
Deeping
diving,
deep
into
Azure
ad
configuration
for
it
and
all
the
different
kind
of
tips
and
tricks
as
we
go
through
and
we're
gonna
have
some
guests
from
the
program
management
teaming,
jumping
on
skype
to
chapters
as
we're
doing
it
as
well
as
some
MVP.
So
there's
a
lot
of
really
good
content.
That's
going
to
be
part
of
that
48
hours!
A
B
Right,
Thank,
You
Jeremy,
and
thank
you
everybody
for
joining
us
today,
so
Microsoft
has
been
making
a
number
of
investments
to
help
developers,
create
trust
for
the
apps
and
to
make
sure
that
those
apps
can
be
quickly
and
easily
adopted
by
customers
all
while
helping
those
customers
stay,
confident
that
their
data
is
secure
and
that
their
compliance
requirements
are
being
met.
So
we
want
to
talk
to
you
about
a
few
of
these
investments
today
and
I
want
to
start
with
publisher
verification.
B
Verification
is
about
letting
developers
prove
their
authenticity,
and
this
is
kind
of
the
first
step
in
the
journey
towards
creating
a
trustworthy
app
and
it
helps
increase
customer
trust
in
your
apps
by
letting
them
know
that
you
are
actually
an
authentic
publisher
with
a
valid
identity,
and
it's
really
this
helps.
Customers
distinguish,
you
know
valid
apps
from
developers.
B
So
with
this
in
a
nutshell,
what
we're
doing
here
is
were
we
didn't
want
to
force
anybody
to
go
out,
and
you
know
redo
any
sort
of
verification
process
if
they've
already
done
it
and
a
lot
of
you,
especially
folks
who
say,
might
have
an
app
listed
in
apps
or
soar
as
your
marketplace
or
might
have
participated
in
a
developer
program.
We're
building
an
app
routines
or
an
office
at
in
or
you
know,
participate
in
any
other
sort
of
developer
program
with
Microsoft
over
the
years.
B
You
know
very
cognizant
of
the
security
and
compliance
footprint
of
their
organization,
and
you
know
where
customers
are
extra
sensitive
to
the
sorts
of
apps,
especially
OAuth
apps,
that
can
get
access
to
data
and
their
organization's
going
through
publisher
verification.
Is
you
know
the
the
first
major
step
in
the
journey
towards
making
sure
these
costs,
your
those
sorts
of
customers,
can
adopt
these
apps
as
low
friction
without
feeling
like
they're,
making
a
sacrifice
and
security
and
compliance.
B
This
is
while
this
is
a
really
nice
piece
of
branding
I
will
you
know,
say
this
is
about
much
more
than
the
check
mark
in
the
future.
Admins
will
be
able
to
set
policies
that
reason
over
publisher
verification
status
and,
as
an
example,
only
allow
apps
with
verified
publishers
to
be
used
in
their
organizations,
and
this
will
also
have
an
impact
on
various
risk
detection
that
run
across
apps
in
the
ecosystem.
So
this
really
is
a
way
to
you
know:
increase
the
security
and
trustworthiness
posture
of
a
given
app.
B
This
capability
currently
is
in
private
preview
and
we
are
open
to
new
participants.
So
if
you
are
building
apps,
especially
apps,
that
do
meet
the
criteria
that
I
mentioned
on
the
previous
slide
or
two,
which
is
these
are
generally
speaking-
multi
tenant
apps
that
are
calling
api's
like
graph
that
use
OAuth
and
open
ID
connect.
You
can
go
to
that.
Akms
link
there
there's
a
quick
form,
just
ask
you
a
couple
basic
questions
and
we
can
get
you
enrolled
in
the
private
preview.
So
that's
just
a
whirlwind.
B
A
Thanks
Jeff
I
really
appreciate
that
this
can
make
a
huge
difference,
I
think
in
terms
of
the
trust
associated
what
developers
a
building
so
I.
You
know
I've
been
excited
to
see
you
working
through
this
with
the
with
the
teams
and
get
the
partners
involved.
Are
there
partners
already
doing
this
already
and
is
there
any
like
experience?
You
could
share
how
it's
changed
their
experience,
or
is
this
pro
preview
brand
new
that
you're
pulling
people
into
yes,.
B
We've
gone
through
the
process,
we
already
have
the
bat
showing
up
and
we've
had
some
really
good
feedback
so
far,
and
people
are
pretty
excited
about
being
able
to.
You
know
prove
that
they're,
authentic
and
kind
of
increased
customer
trust
in
their
apps
and
you
know,
get
get
a
lower
friction.
Adoption
also.
A
C
Jeremy
yeah,
so
basically
the
the
M
365
certification
program
was
designed.
You
know
for
a
number
of
reasons,
but
you
know
one
of
the
primary
ones
was
to
help
give
customers
comfort
that
their
data
was
being
handled
in
a
secure
manner
by
third-party
applications.
It's
also
you
know
going
to
be
a
differentiator
for
for
you
in
the
marketplace
as
well.
It's
got
some
basic
building
block
levels
again.
We
just
talked
about
publisher
verification
and
then
publisher
attestation
allows
you
to
provide
details
about
your
organization
and
the
the
security
posture
of
your
application.
C
Building
on
that,
we
go
to
the
certification
program,
which
again
is
designed
to
provide.
You
know
a
great
level
of
trust
in
the
marketplace
for
your
application
in
the
customer
community.
We'll
talk
about
these
in
the
more
next
slides,
but
I
want
to
go
ahead
and
introduce
you
to
Liana
now
to
talk
to
you
through
publisher
attestation,
yeah.
D
So
the
third-party
publisher
self
attestation
developed
about
this
time
last
year
within
the
team's
engineering
team,
and
it
was
built
as
a
way
to
increase
adoption
of
third-party
apps
so
we're
running
into
customers
or,
in
this
case
IT
admins,
not
enabling
third-party
apps,
because
they
didn't
know
if
those
apps
met
the
security
standards
of
their
organization
and
then,
on
the
other
end
of
the
spectrum.
We
were
running
into
app
developers
who
were
constantly
filling
out
our
RFPs
for
customers,
which
I'm
sure
you
all
are
probably
very
familiar
with.
D
So
the
solution
was
to
work
with
the
app
developers
directly
and
offer
them
a
way
to
self
attest
to
their
application,
security
and
compliance
posture,
and
we
make
that
information
readily
available
for
the
IT
admins
or
anyone
else
to
consume.
So
the
the
goals
of
the
program
include
speeding
up
in
an
organization,
security
and
compliance
internal
view
timeline.
So
we
want
to
increase
the
third-party
app
adoption
and
we
want
to
make
the
information
necessary
to
make
those
decisions
easily
available
for
the
gatekeepers
in
most
cases
the
IT
admins.
D
Building
upon
that
point,
we
aim
to
present
out
data
in
a
convenient
manner
and
an
inconsistent
format.
So
every
application,
the
data
is
displayed
in
the
same
format,
making
it
easy
to
interpret
for
the
IT
admin,
and
the
third
goal
is
to
improve
transparency
and
strengthen
trust
between
developers
and
enterprise
organizations.
So
what
the
actual
publisher
attestation
is,
we
asked
118
questions
across
90
plus
different
vectors
and
we
collect
information
in
three
main
categories.
So
there's
the
general
information
that
includes
contact
information,
licensing,
information,
location
of
the
headquarters.
D
So
if
a
customer
is
looking
to
move
forward
and
needs
to
reach
that
developer,
they
know
who
to
contact
and,
more
importantly,
how
to
contact
them.
Data
handling
is
the
next
category,
so
what
data
does
the
app
collect
and
why?
Why
does
it
collect
the
data?
Does
the
app
use
graph
api's
and
if
so,
what
are
the
Scopes
of
the
permissions
that
it
seeks
where's
the
data
stored?
Who
has
access
to
it,
really
those
sorts
of
questions?
D
And
then
the
last
category
is
security
and
compliance,
so
we've
integrated
with
em
Cass
to
show
which
standards
have
been
met,
suck
ISO,
HIPPA,
etc.
Those
sorts
of
things
other
questions
include
how
they
have
any
data
breaches
recently
what's
their
plan.
If
they
have
action,
if
they
do
have
a
data
breach,
what's
the
password
policy,
do
they
use
multi-factor
authentication,
and
then
we
have
about
60
more
questions.
D
I
don't
relate
to
that
so
right
now,
the
publisher
out
of
station
is
just
for
team's
apps,
but
it
is
our
top
priority
to
expand
the
scope
to
include
Word,
Excel,
PowerPoint
outlook
and
Web
Apps
that
leverage
graph
API
s
and
so
far
we've
had
about
70
partners
complete
the
self
attestation
for
their
team's
apps
and
we've
had
really
positive
feedback
from
those
that
have
have
done
it.
So
I'll
pass
it
off
to
Tony
now
to
talk
about
the
next
tier
in
our
program.
A
If
they've
had
a
breach
and
data
acquisition
at
rest,
and
so
and
so
there's
a
lot
of
information
you
can
garner
and
we
see
a
lot
more
customers
asking
about
what
types
of
compliance
they
support
to
across
the
board.
And
if
you
scroll
to
the
top
here,
you
can
see
the
data
handling
and
the
general
taps
I've
posted
a
link
to
this
overall
site
here
in
the
chat.
So
you
can
definitely
go
check
that
out.
You
know
socially
for
Microsoft
365.
That
certification
will
get
you
to
allowing
you
to
the
site
page
as
well.
A
So
it's
worth
checking
in
this
state
if
you
have
already
acquired
applications
to
see
what
information
those
publishers
have
and
we'd
ask
you
that,
if
you're
using
applications
inside
of
your
tenants
already
that
may
be
on
in
this
list,
they
encourage
them
to
go
through
this
process
as
well.
Sorry,
Tony,
no.
C
No,
no!
That's
that's
great
that
that
takes
care.
Half
my
presentation,
I
appreciate
it.
So
the
the
certification
program
really
builds
on
the
attestation
elements,
and
so
all
of
the
information
that
you
have
provided
through
the
the
self
attestation
process
you
know
will
carry
through
to
the
the
certification
element.
It's
it's
going
to
be
a
differentiator
in
the
marketplace.
C
Operational
security
is
really
you
know
how
how
you
manage
your
business
here.
You
know
the
things
such
as
security,
packaging,
Incident,
Response,
just
kind
of
the
things
outside
of
the
scope
of
app
application,
security
and
then,
of
course,
paramount
to
your
customers.
The
data
handling
security
and
privacy
elements
will
be
key
for
them
to.
You
know
understand
that
that
you're,
taking
you're
being
a
good
custodian
of
their
data
with
your
application
and
then
the
compliance
checks
that
you
see
at
the
bottom.
C
Basically
we're
going
to
be
giving
you
credit
for
external
certifications
such
as
Sauk,
PCI
and
ISO.
If
you've
already
gone
through
those
as
an
organization,
you
know
that
will
address
many
of
the
certification
controls
that
we've
got
in
place
for
this.
For
this
program,
the
next
couple
of
slides
actually
will
show
you
a
bit
of
the
marketplace.
C
So
it's
it's
kind
of
a
repeat
of
what
you'd
seen
before
just
now,
but
again,
you
can
see
in
here
you've
got
the
checkmark
to
denote
publisher
to
attested
and
then
the
security
badge
I
was
referencing
in
the
certified
column.
So
again,
it's
it's
one
place
where
your
customers
can
go
and
see.
You
know
the
status
of
the
applications
that
you
published
this
again.
C
It's
all
publicly
facing
this
is
an
app
source
that
we
just
saw,
and
so
in
the
middle
of
the
screen,
you
can
see
that
there's
the
security
badge
again
and
then
the
links
that
Jeremy
had
pointed
out
to
both
publisher
attestation
and
365
certification.
That
will
again
take
you
to
the
the
detailed
pages
for
your
applications.
Again,
it's
a
publicly
available
space
for
all
of
your
customers
to
go
and
look
at
the
information,
and
you
know
as
as
Liana
had
mentioned
before.
C
A
Tony
just
clarify
that,
because
we've
had
question
discussions
internally-
and
it's
always
good
to
share
here
that
so
that
the
first
part
with
the
the
publisher
attestation
is
something
that
publisher,
the
ISV
does
that
stay
basically
States,
what
the
different
areas
are
and
there's
for
the
different
categories
that
we've
decided
to
do
around
the
certification.
The
certification
then
looks
at
what
they've
stated
and
actually
validates
that
all
that
information
is
correct.
Is
that
really
the
way
to
two
readers
so.
C
That's
that's
a
part
of
it
yeah.
So
there
is
there
valet
Artie
security
Assessor,
but
they
will
also,
you
know,
go
beyond
that
and
you
know
look
for
for
evidence
for
particular
controls
in
those
four
domains.
So
it's
it's
I
would
say
it's
not
a
full-blown
audit
like
a
PCI
audit
or
something
like
that,
but
we
we
have
selected.
You
know
what
we
feel
are
the
most
applicants.
Excuse
me
applicable
controls
in
our
marketplace
to
demonstrate.
You
know
that
the
ISP
is
taking
good
care
of
the
customers,
data
and
information.
I.
Think.
A
Typically,
in
that
deals,
I
worked
on
the
deal
would
be
closed
and
then
the
IT
admins
would
get
involved
to
then
kind
of
be
the
the
people
that
say
no
and
so
having
this
kind
of
a
motion
to
ensure
that
trusts
gonna
make
a
really
big
difference.
I
think
in
terms
of
that
kind
of
deployment,
yeah,
it's
been
purchased.
C
It's
really
it's
really
a
win-win-win.
You
know
it's
a
win
for
the
ISV
because
they
get
to
differentiate
themselves
in
the
marketplace.
It's
a
win
for
Microsoft
because
you
know
we're
also
protecting
our
customers
data
and
it's
a
win
for
the
customer,
because
they've
not
only
got
the
comfort
that
their
data
is
being
handled
properly,
but
you
know
they
they
can
spend
more
time
doing
things
other
than
you
know,
app
investigation
with
with
RFPs
and
so.
A
C
Right
now,
there's
you
know
the
the
funnel
that
we're
looking
at
is
apps
that
are
going
through
partners
center
that
are
being
registered.
They
are
notified
that
that
the
self
attestation
process
and
the
certification
process
exists
at
time
of
am
publishing
as
well.
As
you
know,
the
the
new
program
that
Jeff
introduced
with
the
publisher
verification
that
will
funnel
appropriate
applications
into
our
pipeline
as
well.
Okay,.
C
A
That's
excellent:
we
can
put
it
in
the
meeting
chat
for
people
to
look
at
later,
but
I'd
already
definitely
encourage
people
to
go
check
out
that
site
to
see
what
existing
publish
exists.
Who's
been
through
that
because
you're,
probably
using
those
applications
and
often
it's
useful,
to
have
that
information
at
hand
for
your
own
internal
compliant
security
checks
as
well.
A
E
A
Okay,
slight
tangent
on
question:
I
was
specifically
asking
for
questions
around
the
publisher
of
verification
at
verification
and
test
ation
and
certification.
It's
quite
the
mouthful
right
there
in
terms
of
the
question
you
just
asked,
which
is
kind
of
not
relevant.
To
that
you
do
have
to
be
authenticated.
They
call
the
graph
to
get
access
to
those
calls.
I,
don't
see
any
of
the
team's
teams
expert
PM's
in
here
that
could
answer
that.
So
I
can
definitely
take
that
offline
with
you.
A
If
you
ping
me
an
email,
a
sip,
but
with
the
graph
any
access
fried,
the
api's
will
required
to
be
authenticated
either
as
a
consumer
account
ie,
you
know,
Journal
a
Capcom
or
a
organizational
account
like
my
Microsoft
account
Jake
at
Microsoft
comm
accessing
information
on
teams.
Meetings
anonymously
is
wouldn't
wouldn't
be
supported,
but
please
ping
an
email
and
I'll
make
sure
that
we
can
get
that
officer
all.
C
A
E
C
E
A
E
My
idea
is,
or
my
question
is
related
to
I'm,
not
in
a
company
or
the
ice
beef
vendor,
or
something
like
that.
So
what
if
I
can
I
want
to
start
an
application
publishing
they
observe,
but
an
independent
developer
so
can
I
submit
this
process.
Application
process
to
meet
requirements
or
I
have
to
be
part
of
a
company.
A
Yeah
my
experience
with
this
with
people
who've
been
through
this
with
a
MPN,
is
that
you
would
need
a
registered
company
to
publish
an
app
into
the
store,
much
like
other
stores
out
there
in
here
in
the
instep,
broader
than
Microsoft,
and
so
you'd
have
to
register
a
company
in
whatever
country
you're
in
and
sign
up
for
MPN
the
Microsoft
Partner
Network,
and
then
that
way
you
can
register
that
application
through
that
process
and
then
go
through
this
verification.
Devestation
certification
process.
A
A
There
I
think
there's
an
assumed
value
with
some
of
the
known
software
vendors
out
there
that
they're
trusted
from
a
compliance
perspective,
and
this
definitely
does
help
independence
and
and
smaller
is
fees
that
want
to
kind
of
have
that
trust
with
large
customers
that
go
through
this
process
on
the
Microsoft
Partner
Network.
So
it's
partnered
up
Microsoft
comm,
there's
information
on
how
you
can
sign
up
for
NPM
and
it
will
require
you
to
have
it
registered-
need
to
do
that
for
various
reasons,
including
tax
reasons
and
so
forth,
cool.
Thank
you.
So
look.
That's
great!
A
We're
bang
on
time
as
well.
So
I
appreciate
you
guys
with
the
questions
and
thank
you
for
sharing
that
and
if
you
do
have
any
follow-up
questions
you
can
post
in
this
chat
post
the
meeting
and
when
we
can
get
the
team
to
respond
there
too.
If
you
have
anything
you'd
like
to
ask,
so
thank
you
again
for
that.
Tony
and
léa
owner
and
Jeff
really
appreciate
it
this
morning,
and
so
now
we
have
a
new
study
from
content
encode
that
he's
going
to
talking
about
github
actions
and
the
calendar
API.
A
This
was
something
I
saw
him
blog
about
recently
and
actually
reached
out
and
Twitter
to
volunteer
to
present
in
this
call.
So
if
you
are
blogging
and
a
building
stuff
with
Microsoft
graph
and
want
to
present
what
you're
doing
inside
of
these
calls
with
a
broader
audience,
I'd
really
encourage
you
to
reach
out
to
me,
but
you're
on
Twitter
or
my
email.
Jay
thank
at
Microsoft
accom
and
we
can
get
you
scheduled
for
upcoming
community
calls.
A
We
really
are
looking
to
have
more
and
more
community
members
sharing
what
they're
doing
with
the
graph
to
kind
of
really
show
the
creativity
of
all
the
possible
things
you
can
do
by
kind
of
accessing
data.
That's
inside
of
Microsoft
365.
So
neat,
thank
you
for
joining
the
call
this
morning
and
you
have
the
stage.
F
Thank
you,
my
theory,
I
suppose.
I
would
just
like
to
apologize
for
the
packet
on
a
nice.
If
you
hear
that
there's
some
diversion,
so
all
the
traffic
is
being
diverted
very
close
to
my
house,
so
sorry,
apologies
can
at
once
see
yeah
just
a
quick
intro.
My
name
is
Luke
30
I'm,
a
SharePoint
developer,
working
at
content
and
code
based
in
London.
That's
my
Twitter
account
on
Kells
and
I
could
write
blogs
on
medium
under
the
account
Monty,
and
so
you
can
follow
me
on
those
platforms
all
right.
F
So
today's
session
is
about
github
actions
and
how
to
use
Microsoft
graph
in
github
actions.
We
will
come
to
know
about
these
actions
very
soon.
So
I
have
divided
this
session
into
two
parts
in
the
first
part
will
be
demo
of
the
functionality
and
in
the
second
part
there
will
be
the
explanation
of
the
core
of
the
pond
society.
So
what
I
have
here
is,
and
by
the
way,
the
demo
that
I'm,
showing
is,
is
mainly
applicable
for
all
for
video
posts
that
are
posted
in
in
github.
F
So
what
I
have
here
is,
in
my
account,
I
have
a
bit
of
repository.
Just
imagine
that
this
is
so
big
repository
with
lot
of
ways,
but
it's
actually
simple
one
with
just
one
file
and
then
I
have
two
branches.
One
is
the
master
branch
and
the
develop
branch.
So
what
I
have
done
is
I've
made
some
small
changes
in
the
develop
branch
and
then
I'll
go
ahead
and
create,
and
you
pull
request
and
then
just
give
it
a
nice
description
and.
F
Now,
if
let
me
just
switch
to
my
calendar,
so
if
all
goes
well,
then
what
would
happen
is
I
should
see
an
event
that
gets
created
in
my
Outlook
calendar
to
review
that
pull
request
that
was
just
submitted,
so
the
situation
might
be.
As
you
know,
someone
creates
a
cool
request
and,
as
the
owner
of
the
repository
you
know,
an
event
gets
created
in
your
calendar.
So,
like
I
said
you
know,
that's
the
even
that
God
created
and
if
I
open,
that
it
says
new
put.
F
A
quest
has
been
submitted
on
that
posit
area
from
that
user
and
then
I
can
preview
it
by
clicking
the
link.
Click
on
that,
and
then
it
gives
me
the
detail
of
the
pull
request.
So
what
was
updated
and
if
there
were
any
comments
and
then,
as
the
owner
of
the
repository
I,
can
go
ahead
and
take
further
actions
now?
How
did
we
achieve
this?
F
So
this
was
done
by
something
called
as
a
gate
of
both
flow,
so
each
each
deposit,
lien
get
up
can
have
one
or
more
workflows
and
those
can
be
seen
by
you
know
clicking
on
by
going
to
the
code
and
then
working
the
sorry,
opening
the
github
and
then
blood
flows
forth.
So
that's
the
workload
that
that
was
created
which
which
you
know
created
the
event
in
my
calendar.
So
if
you
are
familiar
with
as
your
pipelines,
this
might
look.
This
might
look
over
here.
F
So
it's
nothing
but
yeah
man
file
in
which
we
specify
some
instructions.
So
the
first
thing
we
do
in
number
four
is
and
I'll
give
it
a
name
yeah.
So
in
this
case
we've
called
it
as
create
event,
and
then
we
specify
the
trigger
for
that
workflow.
So
in
this
particular
case
we
have
said
this
photo
should
cover
all
pull
requests
and
whenever
there's
a
pull
request
on
the
quantum
master
branch
now
and
then
each
workflow
is
made
up
of
several
jobs
and
each
job
contains
several
tasks.
F
So
if
we
look
at
this
job,
which
is
called
as
create
event
again,
we
specify
a
host
on
which
the
workflow
spoken
in
this
case,
we
have
said
open
to
latest.
We
can
have
a
separate
session
on
the
host
machine
circuit
because
that's
a
that's
a
different
topic,
but
let's
concentrate
only
on
the
steps
in
the
world
flow.
So
we
have
a
couple
of
steps
here.
The
first
one
is
printing
a
message.
This
is
just
for
the
more
purpose.
F
So
all
this
does
is
just
prints,
a
message
saying
about
to
call
an
action
and
and
the
next
one-
and
this
particular
task
is
the
main
one
that
creates
an
event.
So,
basically,
what
we
are
doing
here
is
someone
so
that
there
is
code
on
on
github
which
lets
us
create
event
in
in
in
someone's
calendar
using
Microsoft
craft.
Now,
instead
of
writing
that
whole
core
ourselves
in
the
workflow,
we
are
just
consuming
that
code
in
the
workflow
ie.
F
We
are
consuming
ocut
of
action
in
our
workflow
and
in
this
particular
case
we
are
consuming
this
MS
craft
create
even
bit
of
action,
so
each
action
accepts
some
input
parameters.
In
this
case,
we
have
just
clear
all
right
in
this
case.
We
have
these
input
parameters
so
basically
Kenneth's
name
app,
ID
secret
and
then
the
subject
body
and
the
email
address
of
the
of
the
e
the
event
in
who's
sort
of
the
person
in
whose
calendars
the
human
must
be
created.
So
that's
that's
a
workflow
in
a
nutshell.
F
So
if
I
just
look
at
the
rung
of
that
photo
and
just
need
to
click
on
actions
and
then
click
on
the
latest
one
and
then
I
can
see
that
the
first
thing
it
does
was
it
printed
a
message
which
was
about
to
call
an
action,
and
then
it
called
the
action
which
which
then
you
know
it's
set
up
graph
and
then
it
created
even
created
in
event
and
then
just
posted
a
message
saying
email
create.
Now
did
all
this
happen.
F
So
what
we'll
do
is
we'll
just
take
a
look
at
the
at
the
core
of
this,
of
this
particular
get
up
action.
So,
as
you
can
see,
the
name
of
the
repositories
MS
craft
create
event.
So
if
I
go
in
a
new
tab
and
then
open
that
same
repository,
which
is
MS
create
event,
I
can
see
the
the
code
for
quickly
top
action.
This
is
nothing
but
a
simple
typescript
project.
So
if
you're
familiar
with
typescript,
you
can
see
all
the
folders
over
here,
like
so
sleep
tests,
etc.
F
So
this
is
just
a
simple
test:
script
project.
If
I
just
go
into
the
source
folder
and
then
expand
the
one
time
script
file
that
I
have,
let
me
just
quickly
explain
the
details
this
way.
So
initially,
what
we
are
doing
is
we
are
just
importing
some
libraries
that
are
needed
in
this
case
the
the
core
library
that
is
to
do
with
actions
and
then
some
other
libraries
that
are
needed
for
crafts
and
then
what
we
do
is
we
define
some
input
parameters.
F
So
these
are
the
ones
which
we
passed
earlier
in
the
workflow,
so
the
tenant,
happily
secret
and
then
subject
body
and
the
email
address.
These
are
the
ones
that
we
passed
to
the
worker
to
the
action
and
what
we
do
some
computation
and
then
the
the
first
thing
we
do
is
set
up
draft.
So
in
this
case
we
are
using
P
n
PG
s
to
set
up
trough.
This
is
because
I'm
chef
point
of
the
familiar
pas.
F
That's
why
I
use
that,
but
there
are
other
options
as
well,
which
Jamie
will
be
explaining
after
this
demo.
So
once
we
a
setup
graph,
we
just
you
declare
create
the
even
40,
sorry,
the
creat,
you
create
the
event
object
which
has
a
subject
body
start
time,
end
time
and
the
location,
and
then
we
finally
called
the
the
calendar
got
even
start
ad
end
point
so
that
essentially
go
out
and
create
the
create
the
event.
F
F
Now
you
might
be
wondering
if
it's
just
if
this
is
a
simple
test
project,
what
makes
it
a
gate
of
action.
So
there
is
a
file
called
action,
dot
EML
in
this
file.
We
define
all
the
how
the
parameters
related
to
the
action.
So
if
we
specify
the
name
of
the
action,
we
give
it
a
description
and
then
we
provide
some
branding
and
then
we
specify
all
the
all
the
inputs
in
this
case.
Subject:
body,
etc,
and
then
the
important
thing
is.
F
Is
this
part
wherein
we
say,
which
is
the
entry
point,
so
in
this
case
it
is
the
indexed
or
Cheers.
So
essentially,
what
we
are
saying
here
is:
whenever
someone
calls
this
action
in
a
bit
of
workflow,
please
use
the
indexed
or
TS
file
to
run
this
action,
and
that's
why
we
saw
the
the
index
dot
JS
file
earlier,
so
that
that's
how
you
know
this
this
particular
action
works
now.
What
I
have
explained
here
is
a
simple
bit
of
action.
F
The
the
possibilities
are
endless
see
you
might,
you
know,
create
a
workflow
which
will
figure
when,
when
an
issue
is
labeled
as
critical
in
github
and
that'll,
that
may
call
an
action
which
will
go
ahead
and
post
a
message
in
a
team's
channel
as
an
eruptive
card
to
say,
an
issue
has
been
marked
as
critical
and
then
the
team
members
of
that
team
will
come
to
know
about
it
and
then
take
the
further
steps.
So
so
your
what
I
want,
what
I
am
trying
to
say
is
with
when
graph
comes
into
pictures.
F
The
possibilities
are
endless,
so
get
up,
can
you
know
easily
interact
with
office
365
now,
in
the
final
part,
I
just
want
to
show
how
how
easy
it
is
to
to
basically
create
these
actions.
So
github
have
have
an
account
called
actions
under
which
states
the
repository
called
typescript
action
that
this
particular
action.
This
particular
repository
can
be
used
as
a
template
to
create
your
own
bit
of
actions.
So,
as
you
can
see,
it's
a
it's
a
types
project
that
has
all
these
source
and
dist
files,
etcetera.
F
A
I
had
a
quick
question,
so
I
noticed
some
tokens
there
for
client,
ID
and
secret
yeah.
Where
are
you
storing
those
in
maybe
you've
mentioned
that
I
missed,
missed
it,
but
because,
obviously
just
get
hub
being
open
source
and
public.
You
wouldn't
want
to
be
putting
your
app
IDs
and
secrets
in
directly
into
the
typescript
files.
A
F
Yeah,
that's
right!
So
if
I
just
go
to
the
work
again
so
you're
asking
about
these
tokens
right,
yeah
yeah,
so
as
you
can
see,
it
says
that
you
know
we
use
the
word
secrets.
So
each
github
repository
in
each
eater
proposal.
You
can
create
something
called
as
secrets.
So,
if
I
go
into
the
settings
of
this
repository
and
then
click
on
secrets
in
the
left
navigation
you
can
see.
These
are
all
the
secrets
that
I've
created
for
this
repository
and
the
best
part
about
secrets.
F
Is
they
can
be
created
only
once
you
know
one
can
edit
them
not
even
the
owner
and
no
one
can
access
these
secrets,
except
for
the
actions
and
even
if
you
want
to
try
and
print
these
secrets
in
Agata
for
flow,
it
is
just
you
know,
print
out
the
message
as
a
star.
It
won't
put
a
secret
anywhere,
so
it
is
a
very.
A
A
F
A
Because
you're
using
that
as
the
upnc,
it's
the
mailbox-
that's
really
nice
I.
Really!
This
is
such
a
cool
scenario
and
I
see
Vincent
berries,
already
saying
that
he's
gonna
tweak
this
to
create
to
do
tasks
rather
than
the
calendar
entry.
So
there's
a
bunch
of
scenarios
where
this
makes
a
lot
of
sense
and
just
to
touch
on
the
the
SDK
aspects
of
the
usage
here.
A
I
mean
I
I'm,
familiar
with
your
work
because
you
work
in
the
SharePoint
space
and
you've
done
a
bunch
of
contributions
on
the
pnp
work
that
vessel
even
and
drives
in
sharepoint
onedrive
and
365
team,
and
so
you're
using
the
PM
pjs,
which
is
an
open
source
sdk
for
connecting
to
SharePoint
api's
as
well
as
graph
api
is.
So
we
commonly
see
that
being
used
by
kind
of
people
using
SPF,
X
and
SharePoint
dev
that
there
is
a
nother
approach.
We
we
have
a
a
Microsoft
graph,
JavaScript
API.
A
It's
very
similar
to
how
the
office
365
CLI
is
being
built
by
the
PMP
team
as
well,
so
definitely
different
uses
and
different
approaches
to
what
you'd
want
to
do.
The
one
thing
we're
working
through
with
the
PMP
jairs
team
is
the
other
main
benefit
that
they
have
is
they
have
a
fluent
interface
for
the
API,
with
the
Microsoft
graph
JavaScript
SDK
right
now
you
have
to
put
the
URLs
in
as
strings.
A
It's
not
strongly
typed,
like
our
other
API
is
like
the
domenase,
SDKs
and
and
so
we're
working
through
that
with
a
Microsoft
graph,
JavaScript
day's
SDKs
to
get
that
fluent
design
done
in
an
automated
way.
Obviously,
it's
a
little
bit
trickier
in
automating
your
fluent
API
across
the
entire
surface
layer.
A
So
please
keep
checking
in
on
that
so
and
thank
you
so
much
for
sharing
that
today,
I'm
when
I
saw
your
post
I
was
it's
just
another
great
example
of
how
you
can
use
the
graph
across
other
meat
conveniently
Microsoft
Act
stack,
but
there
is
no
reason
why
this
can't
be.
You
know
implemented
in
other
systems
outside
of
the
Microsoft
world
outside
of
github
and
forever.
So
thank
you
very
keen
time
to
put
that
demo
together
and
I.
A
You
know
creditors
at
how,
while
you
presented
that
you
are
a
zoomit
king
when
it
comes
to
highlighting
areas
its
grain,
so
other
presenters
take
note.
It
definitely
helps
to
be
in
a
furlong
and
using
those
things.
I
don't
believe
there
were
any
other
questions
related
to
that.
There
was
a
few
on
how
to
get
started
and
those
github
thing:
github
actions
and
things
have
been
shared
and
when
the
on
demand
recordings
out,
but
in
the
week
will
have
all
those
links
in
the
blog
posts
on
Microsoft
graph
and
the
365
blog
as
well.
A
So,
just
as
a
quick
recap
here,
bill
2010
a
is
around
the
corner,
it
is
a
virtual
event.
It
will
be
for
a
48-hour
period
on
the
19th
and
20th
of
May.
We
will
have
a
very
own
Microsoft
365
keynote
with
Rajesh.
You
are
our
EVP
for
the
whole
of
a
+
D
until
it
Microsoft-
and
you
know,
arenas
our
fearless
leader
if
Microsoft
graph
will
actually
be
in
that
keynote.
Talking
about
Microsoft
graph
there'll,
be
lots
of
talk
about
booth
framework
and
Microsoft
team.
So
please
do
not
miss
that
keynote.
A
It
will
set
the
stage
for
where
we're
going
in
the
future.
With
the
M
365
platform,
from
a
developer
perspective,
we
will
be
having
a
series
of
live
sessions
which
actually
being
repeated
three
times
during
that
48
hour
period,
to
accommodate
all
the
different
time
zones
which
will
be
a
combination
of
people
presenting
content
and
then
dedicated
time
for
Q&A
so
base.
When
the
schedule
comes
out
on
May
11th
next
Monday,
please
go
check
and
essentially
just
block
out
your
calendar
48
hours
and
then
just
work
out
what
you
want
to
go
see.
A
There
are
also
going
to
be
on-demand
sessions
as
well
as
these
live
sessions
that
will
be
available
on
YouTube
and
obviously
you
will
be
promoting
all
those
on
all
the
usual
social
handles,
as
well
as
on
our
and
Mike
so
365
and
graph
blah.
So
please
check
those
out
too
call-outs,
because
I
can,
because
it's
the
graph,
call
the
Microsoft
graph
foundational
session
and
it's
gonna
be
led
by
inner
arenas
and
Darryl
Miller,
and
that
will
really
talk
about
setting
the
stage
for
getting
started
with
the
graph.
A
And
you
know
we'll
talk
in
detail
about
the
value
of
the
graph
and
what
she
sees
out
there
in
the
real
world
of
how
this
is
being
used
across
many
many
different
scenarios,
so
I'm
again
really
exciting.
That
I
always
find
that's
a
great
even
for
me,
a
good
refresher
on
the
graph
and
and
what
we
intend
to
do
that
strategically
in
the
future.
A
And
then
the
other
call-out
I
have
is
the
what's
new
session
that
Vincent
brain
who's
in
this
core
and
lease
yang
who
are
going
to
be
presenting
on
on
what's
new
in
the
graph,
and
this
again
is
something
we
traditionally
do.
Every
build
and
ignite
to
talk
about
across
the
whole
spectrum.
Everything
that's
available,
Microsoft
graph,
what
new
things
are
being
announced
as
of
build.
A
For
this
event,
so
what's
new
session
is
a
really
good
way
of
just
sweeping
those
through
and
that
will
be
available
on-demand
to
view
at
your
leisure
and
then
lastly,
Nicola
mature
life,
who's
presented
many
times
in
his
community
call,
who
had
something
like
soft
growth,
toolkit
and
I
will
actually
be
presenting
a
three
hour:
twitch
stream
on
the
Wednesday
at
3:45
PDT.
That
slot
will
mean
that
Europe
will
be
asleep.
We
are
having
some
special
guests
from
various
different
program
management
teams
who
aren't
asleep
as
well
as
some
MVP
guess
as
well.
A
It's
going
to
be
we're
gonna,
be
building
something
live
from
scratch
and
walking
through
all
the
steps
and
explaining
in
a
lot
of
detail
very
similar
to
the
pace.
What
new
pictures
showed
in
if
we
think
you
have
action
sections
so
we're
hoping
that
you'll
jump
on
and
learn
and
we're
going
to
be
building
a
really
cool
example,
with
Microsoft
teams
using
their
new
visual
studio
code
extension
for
craning
teams,
tabs
and
team
spots
and
so
forth.
A
It's
a
really
neat
session
that
we're
putting
together
there
and
we're
gonna
have
a
lot
of
fun
doing
it.
So
maybe,
if
you
can't
make
this
whole
three
hours,
we'll
be
posting
a
schedule
of
the
different
timings
of
when
we're
starting
particular
parts
of
the
build,
so
you
can
hop
on
and
check
out
what
we're
doing
there.
So
there
is
a
lot
of
content
that
you
have
as
an
option
when
it
comes
to
build
in
in
two
weeks
on
19th
and
20th,
so
go
to
register,
build
Microsoft
calm.
A
If
you
haven't
already
it's
a
free
event
and
again
we're
coming
to
you
will
be
on
your
screen.
Scott
handsome
is
a
great
video.
If
you
haven't
seen
it
already
on
Twitter
we're
coming
to
your
living
room,
your
home
office,
your
bedroom,
wherever
you
are,
we
will
be
there
on
your
time.
Zones
accommodating
and
repeating
live
sessions
to
make
sure
that
you
get
to
see
the
latest
from
Microsoft,
specifically
around
Mike,
so
365
keynote
or
in
the
platform.
A
In
our
perspective,
and
just
as
a
quick
reminder,
there
are
many
other
community
calls
here
that
we
have
across
the
variety
of
the
month
across
em
365
development.
If
you
haven't
seen
these
before,
please
go
check
those
out
and
then
myself
and
a
nivi
people
Shea
fly
and
also
do
a
podcast
I'm,
not
personally
consuming
too
many
podcast
at
the
minute,
because
I
haven't
got
my
commute
as
an
excuse
to
listen
to
them
on
the
road
driving
to
work,
but
we
just
did
one
which
launched
yes
or
yes.
A
They
on
outlook
add-ins
with
one
they're,
making
some
amazing
strides
they're
on
some
call
scenarios
that
people
had
asked
for
user
voice
for
a
long
time.
So,
if
you
haven't
caught
up
with
out
in
a
while,
we're
definitely
encouraged
to
check
out
that
podcast
and
then
on
Monday.
Next
week
we
actually
interviewed
the
edge
team
and
talked
about
identity
and
some
of
the
awesome
new
features
that
are
coming
in
edge
specifically
for
developers
and
end
users
and
IT
pros
around
identity,
so
definitely
go
check
that
out
as
well
and
then
just
lastly
to
wrap
up.
A
These
were
recording
will
be
available.
If
you
want
to
send
this
to
other
people
that
maybe
couldn't
attend
the
call
or
you
had
to
jump
out
early
or
you
came
in
late,
they'll
all
be
available
on
the
m36
5
dev
youtube
channel.
I'd,
encourage
you
all
to
click
prescribing
youtube,
so
you
get
those
alerts
on
your
phone.
If
you
have
the
youtube
app
installed
and
our
Twitter
account
and
Microsoft
365
dev
is
where
you
should
be
following
on
Twitter
to
keep
up
with
all
these
announcements.
A
The
next
call
will
be
June,
2nd
at
the
same
time,
at
8
a.m.
PST.
If
you're
interested
in
presenting,
we
still
have
slots
open
for
the
community
contributions.
I
feel,
like
some
people
have
been
voluntold
in
the
chat
of
this
call
of
what
should
be
presented
for
the
next
one,
but
we'll
see
how
we
go
and
I
look
forward
to
seeing
you
all
in
2020
in
two
weeks.