The biggest issue you’ll deal with when it comes to OAuth2 with Microsoft Graph is making sure you have the appropriate client id/client secret, the appropriate authentication type, and ensuring the authorization endpoint and token endpoint are correct. Their documentation (though somewhat well hidden when it comes to searching for it) provides example URLs for authorization and token endpoints. Auth Endpoint is typically like this: https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize (Where the Tenant is the tenant id from your internally created azure portal application) and token endpoint is typically like this: https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token.
You’ll need to provide scopes in your token endpoint config with the key being scope and value being a space-separated list of scopes as documented for the endpoint you’re using (your application will need to have them specified as either delegated (for the authorization_code grant type) or application (for the client_credentials grant type).
You can look through some of our other Microsoft Snap Packs (Teams, One Drive, or Exchange Online) to get a better idea of setup, the OAuth accounts for those are pretty similar to the REST OAuth2 account configuration, just some handy things to make final configuration a little bit easier.
