Demo of the Microsoft Graph “Quick Start” which generates a full code project with a new App ID (Client ID). Azure Active Directory (AAD) manages a registration of application ID paired with API permission grants for which API calls can be made. From there, the client side JavaScript application can invoke HTTP GET to fetch JSON data for the allowed MS Graph API endpoints. Cheers!
Recently while debugging an application I needed to design REST and JSON api calls across DNS domains. However, the client browser Chrome blocked those HTTP transactions due to CORS. While essential to production security, this can be a roadblock to developer productivity locally. The below steps show how to launch Chrome browser with CORS security temporarily disabled. This can help remove complexity and security warnings to focus first on application features.
Once stable, we can add CORS support to the endpoint APIs (HTTP header Access-Control-Allow-Origin:*) and calling JS application.