Microsoft Graph API client library for Rust.
https://learn.microsoft.com/en-us/graph/api/overview
It currently covers the mail surface; see API coverage for the supported and planned Graph domains.
Microsoft Graph is a single API spanning many domains; io-msgraph covers them incrementally and feature-gates each so consumers compile only what they use. This table tracks what is implemented today.
| Domain | Coverage | Status |
|---|---|---|
mail folders (list, get, create, update, delete); messages (list, get, get raw MIME, create draft from JSON or MIME, update, delete, move, copy, send); attachments (list, get raw content, delete); sendMail (JSON and MIME); signed-in user (me) |
Supported | |
| Calendar | events and calendars | Soon |
| Contacts | contacts and contact folders | Soon |
I/O Microsoft Graph can be consumed three ways, depending on how much of the I/O stack you want to own. Each mode is gated by cargo features.
Tip
I/O Microsoft Graph is written in Rust and uses cargo features to gate the client layers. The default feature set is declared in Cargo.toml or on docs.rs.
If you want a ready-to-use, standard, blocking client with TCP connection and TLS negociation managed for you:
[dependencies]
io-msgraph = "0.0.1" # rustls-ring is enabled by defaultuse io_msgraph::v1::client::MsgraphClientStd;
let mut client = MsgraphClientStd::connect("token", Default::default()).unwrap();
let out = client.me().unwrap();
println!("User: {:?}", out.response.user_principal_name);
let out = client.mail_folders_list(&Default::default()).unwrap();
for folder in &out.response.value {
println!("{}: {}", folder.id, folder.display_name);
}If you still want a standard, blocking client but you want to manage TCP and TLS on your own:
[dependencies]
io-msgraph = { version = "0.0.1", default-features = false, features = ["client"] }
rustls = "0.23"
rustls-platform-verifier = "0.7"use std::{net::TcpStream, sync::Arc};
use io_msgraph::v1::client::MsgraphClientStd;
use rustls::{ClientConfig, ClientConnection, StreamOwned};
use rustls_platform_verifier::ConfigVerifierExt;
// TLS config
let config = ClientConfig::with_platform_verifier().unwrap();
let server_name = "graph.microsoft.com".try_into().unwrap();
let conn = ClientConnection::new(Arc::new(config), server_name).unwrap();
let tcp = TcpStream::connect(("graph.microsoft.com", 443)).unwrap();
let stream = StreamOwned::new(conn, tcp);
// Standard, blocking client
let mut client = MsgraphClientStd::new(stream, "token", Default::default());
let out = client.me().unwrap();
println!("User: {:?}", out.response.user_principal_name);Otherwise you can build your own client using I/O-free coroutines directly:
[dependencies]
io-msgraph = { version = "0.0.1", default-features = false }Important
For such advanced usage, it is preferable to read the architecture guide.
Have a look at real-world projects built on top of this library:
- io-email: Email client library
- Himalaya CLI: CLI to manage emails
This project is developed with AI assistance. This section documents how, so users and downstream packagers can make informed decisions.
- Tools: Claude Code (Anthropic), Opus 4.8, invoked locally with a persistent project-scoped memory and a small set of repo-specific rules.
- Used for: Refactors, mechanical multi-file edits, boilerplate (feature gates, error enums, derive macros, trait impls), test scaffolding, doc polish, exploratory design conversations.
- Not used for: Engineering, critical code, git manipulation (commit, merge, rebase…), real-world tests.
- Verification: Every AI-assisted change is read, compiled, tested, and formatted before commit (
nix develop --command cargo check / cargo test / cargo fmt). Behavioural correctness is verified against the Microsoft Graph API reference, not assumed from the model output. Tests are never adjusted to fit AI-generated code; the code is adjusted to fit correct behaviour. - Limitations: AI models occasionally produce code that compiles and passes tests but is subtly wrong: off-by-one errors, missed edge cases, plausible but nonexistent APIs, stale spec references. The verification workflow catches most of this; it does not catch all of it. Bug reports are welcome and taken seriously.
- Last reviewed: 17/06/2026
This project is licensed under either of:
at your option.
- Chat on Matrix
- News on Mastodon or RSS
- Mail at pimalaya.org@posteo.net
Special thanks to the NLnet foundation and the European Commission that have been financially supporting the project for years:
- 2022 → 2023: NGI Assure
- 2023 → 2024: NGI Zero Entrust
- 2024 → 2026: NGI Zero Core
- 2027 in preparation…
If you appreciate the project, feel free to donate using one of the following providers:
