Enabling Real Time Alerts using Microsoft Graph in Power Platform – Part 1

Real-time notifications on system changes are crucial for proactive monitoring and automation. Microsoft Graph allows us to receive change notifications across multiple Microsoft 365 resources. In this blog series, we will explore how to set up Microsoft Graph change notifications for Teams presence status changes, with alerts delivered to Azure Event Hub. As part of this process, we will create a custom connector to manage the lifecycle of a change notification subscription and a Power Automate flow to receive alerts from Azure Event Hub. Other delivery channels, such as Webhooks, are supported for Microsoft Graph change notifications. However, they are not ideal for high-throughput scenarios and they require a publicly available notification URL. This approach offers flexibility compared to standard connectors for triggers, enabling alert handling across various Microsoft resources.

Solution Architecture

1. Microsoft Graph Subscription – Creates a subscription for Teams presence updates.
2. Azure Event Hub – Receives change notifications from Microsoft Graph.
3. Custom Connector in Power Platform – Handle Lifecycle [Create, Update/Renew] of the Microsoft Graph Subscription.
4. Power Automate Flow – Processes event [Teams Presence Update] data.

Set Up Permissions in Entra ID for creating Microsoft Graph Subscription:

To create a Microsoft Graph subscription for Teams presence change notifications, you must first register an Entra ID app with the appropriate Microsoft Graph permissions based on the resources you want to get alerts. In this case, the resource will be Microsoft Teams presence. This app is then used in a custom connector to manage the subscription lifecycle including creation, renewal, and may be deletion. Since Microsoft Graph subscriptions are not permanent, they must be renewed periodically. Specifically, a Teams presence subscription is valid for a maximum of 1 hour before requiring renewal.

Entra ID App registration for Signed In user (Delegated Access) – Custom Connector:

1. Navigate to Microsoft Entra ID.
2. Create a new App Registration and note the Application (Client) ID, Tenant ID & Client Secret.
3. Under API Permissions, add the following Delegated permissions:
   • Presence.Read.All
   • Subscription.Read.All – Admin Consent
   • User.Read

1. Generate a Client Secret under Certificates & Secrets.
2. Copy Client ID and Client Secret for authentication.

Setting Up Azure Event Hub

Azure Event Hub acts as a high-throughput messaging service that enables the real-time processing of Microsoft Graph notifications.

1. Create an Azure Event Hub

Create the Azure Event hub according to the instructions given in this MS Learn documentation.

The recommendation is to use Microsoft Entra ID RBAC instead of SAS. The Notification URL, which will be used when creating the Microsoft Graph subscription, would look like the example below:

EventHub:https://yourazureeventhubinstancename.servicebus.windows.net/eventhubname/youreventhubname?tenantId=yourtenantdomainname.onmicrosoft.com

You can create this based on the Host name of the Event Hubs Namespace and the name of your event hub.

Creating a Custom Connector in Power Platform

A custom connector is used to manage the lifecycle of the Microsoft Graph subscription, including creating the subscription and updating/renewing it before it expires, as the duration of a subscription is not infinite.

3.1 Create a Custom Connector

The Entra ID app is registered with required permissions, the next step is to create the custom connector. To create the connector, go to Power Automate or Power Apps portal → Custom Connectors → New Custom Connector – Create from blank.

In the General Tab, Provide graph.microsoft.com under Host.

1. In the Security tab, set Authentication type:

• Select OAuth 2.0
• Enter the Client ID, Client Secret from the Entra Id app registration
• Set the Resource URL to your Dataverse environment Url: https://graph.microsoft.com/

1. Click Create connector. After this, the Redirect URL will be generated – Copy it. Next in the Entra ID App registration create earlier, navigate to the Authentication section under the Manage, add the copied Redirect URL by clicking + Add a platform and selecting Web.

You can download the Swagger definition of the custom connector from here.  After importing the file into your environment, replace the client ID and client secret in the security settings.

The Microsoft Graph API endpoints for creating, renewing / updating subscriptions for change notifications, utilized in connector definitions are thoroughly documented in this Microsoft Learn link. The action in the custom connector for renewing the subscription can be used in a scheduled Power Automate flow.

Summary:

So far, we have set up the foundational components required for enabling real-time notifications. This includes configuring an App Registration with the necessary permissions to create and manage subscriptions via a custom connector. We have also set up Azure Event Hub to receive alerts from Microsoft Graph.

In the next part, we will focus on creating the subscription and configuring a Power Automate flow to process and act on presence updates received from Azure Event Hub. Stay tuned! Hope you have found this informational & thanks for reading. If you are visiting my blog for the first time, please do look at my other blogposts.

Do you like this article?

Subscribe to my blog with your email address using the widget on the right side or on the bottom of this page to have new articles sent directly to your inbox the moment I publish them.

Original Post https://ashiqf.com/2025/03/31/enabling-real-time-alerts-using-microsoft-graph-in-power-platform-part-1/