Index: /branches/rel_ag_9_4_5/aaa/aaa_cli.c
===================================================================
--- /branches/rel_ag_9_4_5/aaa/aaa_cli.c	(revision 20385)
+++ /branches/rel_ag_9_4_5/aaa/aaa_cli.c	(working copy)
@@ -3626,6 +3626,7 @@
 	int i;
 	struct saml_idp *idp;
 	struct server_saml *svr_saml;
+	struct saml_ms_graph_api *ms_graph_api;
 
 	sec_site = find_vsite_by_name(vsite);
 	if (sec_site == NULL) {
@@ -3666,6 +3667,30 @@
 	if (svr_saml->idp_name[0] != '\0') {
 		ui_printf(rsp_buff, CMD_AAA_SAML_SP_IDP, svr_saml->idp_name);
 	}
+
+	ms_graph_api = &svr_saml->ms_graph_api;
+	ui_printf(rsp_buff, CMD_AAA_SAML_MSGRAPHAPI, ms_graph_api->tenant_id,
+		ms_graph_api->client_id, ms_graph_api->client_secret);
+}
+
+void
+show_aaa_saml_msgraphapi(rpc_rsp_buff_t *rsp_buff, char *vsite)
+{
+	struct aaa_conf *aaa_conf = NULL;
+	sec_vsite_t *sec_site = NULL;
+	struct server_saml *svr_saml;
+	struct saml_ms_graph_api *ms_graph_api;
+
+	sec_site = find_vsite_by_name(vsite);
+	if (sec_site == NULL) {
+		return;
+	}
+	aaa_conf = sec_site->aaa_configure;
+	svr_saml = &aaa_conf->saml;
+	ms_graph_api = &svr_saml->ms_graph_api;
+
+	ui_printf(rsp_buff, CMD_AAA_SAML_MSGRAPHAPI, ms_graph_api->tenant_id,
+		ms_graph_api->client_id, ms_graph_api->client_secret);
 }
 
 void
Index: /branches/rel_ag_9_4_5/aaa/aaa_common.h
===================================================================
--- /branches/rel_ag_9_4_5/aaa/aaa_common.h	(revision 20385)
+++ /branches/rel_ag_9_4_5/aaa/aaa_common.h	(working copy)
@@ -868,6 +868,12 @@
 	struct server_smx_base smx_host[2];
 };
 
+struct saml_ms_graph_api {
+	char tenant_id[SEC_MAX_URL_LEN+1];
+	char client_id[SEC_MAX_URL_LEN+1];
+	char client_secret[SEC_MAX_URL_LEN+1];
+};
+
 struct saml_idp {
 	char name[AAA_VS_NAME_LEN+1];
 
@@ -886,6 +892,7 @@
 	char acs_binding[SAML_BINDING_LEN+1]; /* post|artifact */
 	char slo_binding[SAML_BINDING_LEN+1]; /* redirect|post */
 	struct saml_idp idps[SERVER_MAX];
+	struct saml_ms_graph_api ms_graph_api;
 };
 
 struct saml_sp {
Index: /branches/rel_ag_9_4_5/ui/generator/commands.pm
===================================================================
--- /branches/rel_ag_9_4_5/ui/generator/commands.pm	(revision 20385)
+++ /branches/rel_ag_9_4_5/ui/generator/commands.pm	(working copy)
@@ -58835,6 +58835,47 @@
 	},
 	{
 		obj_type => "ITEM",
+		name => "msgraphapi",
+		menu => "root_aaa_saml",
+		module => "aaa",
+		help_string => "Configure Microsft Graph API used to get Azure AD server information",
+		cmd_attribute => "CMD_ARRAYOS|CMD_SPROXY|CMD_NORMAL|CMD_SCOPE_VIRTUAL|CMD_SITE_EXCLUSIVE|CMD_SITE_ALIAS|CMD_LOCAL",
+		user_level => "CLI_LEVEL_CONFIG",
+		function_name => "aaa_saml_msgraphapi",
+		function_args => [
+			{
+				type => "STRING",
+				name => "vsite",
+				help_string => "Virtual site ID",
+				optional => "NO",
+				arg_attribute => "SITE_IDENTIFIER",
+				length => [1, "AAA_VS_NAME_LEN"],
+			},
+			{
+				type => "STRING",
+				name => "tenant_id",
+				help_string => "Tenant ID",
+				optional => "YES",
+				length => [1, "SEC_MAX_URL_LEN"],
+			},
+			{
+				type => "STRING",
+				name => "client_id",
+				help_string => "Client ID",
+				optional => "YES",
+				length => [1, "SEC_MAX_URL_LEN"],
+			},
+			{
+				type => "STRING",
+				name => "client_secret",
+				help_string => "Client Secret",
+				optional => "YES",
+				length => [0, "SEC_MAX_URL_LEN"],
+			},
+		],
+	},
+	{
+		obj_type => "ITEM",
 		name => "name",
 		menu => "root_aaa_saml_idp",
 		module => "aaa",
@@ -59849,6 +59890,26 @@
 		function_args => [
 			{
 				type => "STRING",
+				name => "vsite",
+				help_string => "Virtual site ID",
+				optional => "NO",
+				arg_attribute => "SITE_IDENTIFIER",
+				length => [1, "AAA_VS_NAME_LEN"],
+			},
+		],
+	},
+	{
+		obj_type => "ITEM",
+		name => "msgraphapi",
+		menu => "root_show_aaa_saml",
+		module => "aaa",
+		help_string => "Display the SAML Microsoft Graph API configuration",
+		cmd_attribute => "CMD_ARRAYOS|CMD_SPROXY|CMD_NORMAL|CMD_SCOPE_VIRTUAL|CMD_SITE_EXCLUSIVE|CMD_SITE_ALIAS|CMD_RPC",
+		user_level => "CLI_LEVEL_ENABLE",
+		function_name => "show_aaa_saml_msgraphapi",
+		function_args => [
+			{
+				type => "STRING",
 				name => "vsite",
 				help_string => "Virtual site ID",
 				optional => "NO",
Index: /branches/rel_ag_9_4_5/ui/localcmd/ui_aaa.c
===================================================================
--- /branches/rel_ag_9_4_5/ui/localcmd/ui_aaa.c	(revision 20385)
+++ /branches/rel_ag_9_4_5/ui/localcmd/ui_aaa.c	(working copy)
@@ -3470,6 +3470,26 @@
 }
 
 int
+aaa_saml_msgraphapi(char *vsite_name, char *tenant_id,
+	char *client_id, char *client_secret)
+{
+	struct server_saml *saml;
+	struct saml_ms_graph_api *ms_graph_api;
+
+	saml = get_saml_conf(vsite_name);
+	if (saml == NULL) {
+		return -1;
+	}
+
+	ms_graph_api = &saml->ms_graph_api;
+	strncpy(ms_graph_api->tenant_id, tenant_id, sizeof(ms_graph_api->tenant_id) - 1);
+	strncpy(ms_graph_api->client_id, client_id, sizeof(ms_graph_api->client_id) - 1);
+	strncpy(ms_graph_api->client_secret, client_secret, sizeof(ms_graph_api->client_secret) - 1);
+
+	return 0;
+}
+
+int
 aaa_saml_idp_name(char *vsite_name, char *idp_name)
 {
 	struct server_saml *saml;
@@ -3786,7 +3806,7 @@
 
 	return 0;
 }
- 
+
 int
 show_aaa_saml_idp_metadata(char *vsite_name, char *idp_name)
 {