Microsoft Graph Webhook
Webhook endpoint used by Microsoft Graph for email notification events. - During subscription setup, Microsoft Graph sends a validation token as a query parameter, which must be echoed back. - For subsequent notifications, Microsoft Graph sends email event data in the request body. - This endpoint does not require authentication since it’s called by Microsoft servers.
Request
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| validationToken | string | No | Validation token sent by Microsoft Graph during webhook registration |
Request Body (for email notifications)
Request Body Schema
| Field | Type | Required | Description |
|---|---|---|---|
| value | array | No | Array of Microsoft Graph notification objects |
| subscriptionId | string | No | Unique subscription identifier |
| changeType | string | No | Type of change (created, updated, deleted) |
| resource | string | No | Resource identifier |
| resourceData | object | No | Data about the changed resource |
Response
200 OK - Webhook validation (returns validation token)
200 OK - Email notification processed
400 Bad Request
500 Internal Server Error
Examples
Webhook Validation (during setup)
Email Notification (real-time)
Notes
- No Authentication Required: This endpoint is called by Microsoft servers
- Two Modes: Validation during setup, notifications during operation
- Validation Token: Must be echoed back exactly as received during setup
- Real-time Processing: Email notifications are processed immediately
- Queue System: Notifications are queued for asynchronous processing
Webhook Lifecycle
1. Setup Phase
- Microsoft Graph sends validation token
- Endpoint returns the token unchanged
- Subscription becomes active
2. Operation Phase
- Microsoft Graph sends email event notifications
- Endpoint processes and acknowledges notifications
- Emails are analyzed and statistics updated
Event Types
| Change Type | Description | Action Taken |
|---|---|---|
| created | New email received | Analyze email, update stats |
| updated | Email modified | Re-analyze if needed |
| deleted | Email deleted | Update statistics accordingly |
Processing Flow
- Receive Notification: Microsoft Graph sends webhook
- Validate Request: Verify source and format
- Queue for Processing: Add to analysis queue
- Email Analysis: Extract metadata and content
- Update Statistics: Refresh all relevant metrics
- Trigger Notifications: Send alerts if configured
Security Considerations
- Source Verification: Verify requests come from Microsoft Graph
- Rate Limiting: Handle high volume of notifications
- Data Privacy: Process email content securely
- Error Handling: Graceful degradation on processing failures
Troubleshooting
Common Issues
- Validation Fails: Ensure exact token is returned
- Missing Notifications: Check subscription status
- Processing Delays: Monitor queue health
- Duplicate Events: Implement deduplication logic
Monitoring
- Track webhook response times
- Monitor notification processing queue
- Alert on failed validation attempts
- Log all webhook events for auditing
Configuration
The webhook endpoint URL must be:- Publicly accessible: Microsoft servers must reach it
- HTTPS enabled: Required for security
- Responsive: Must respond within timeout limits
- Reliable: Handle Microsoft’s retry logic
Best Practices
- Fast Response: Respond quickly to webhook calls
- Async Processing: Use background jobs for email analysis
- Error Recovery: Implement retry logic for failures
- Logging: Log all webhook events for debugging
- Monitoring: Set up alerts for webhook health
Query Parameters
Validation token sent by Microsoft Graph during webhook registration. The API must return this token as plain text to validate the subscription.
Body
Array of Microsoft Graph notification objects.
Response
Successfully processed the webhook event or returned validation token
The response is of type string.
"ValidationTokenExample123456"