I am new to Office 365 API. We have a requirement of developing a Web API, that will access office 365 APIs for accessing calendar information, send emails etc. I have an Azure account with Administrative access. I also have a Office 365 tenant with a system account. I have the following queries:

1) I am using Visual Studio 2017. What packages do I need to install for accessing office 365 API.

2) Besides registering the Web API in Azure Active Directory what else I need to do. I read in a web site that I need to register Office 365 tenant in Azure AD as well. Is this necessary?

3) I am already authenticating the user through ADAL.js. Can I use the same token to authenticate to Office 365 API?

4) I read from the internet that Microsoft Graph should be preferred over O365 API. Is there any big change in the approach with Microsoft Graph?

I have a ASP.net Web API, that I am trying to host on IIS 10 (Windows 10 Pro). If I access this Web API form Angular 2 app, I get the following error

XMLHttpRequest cannot load http://172.26.50.17:8085/api/library. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 500.

But, If I host the same Web API on the IIS 7 (Windows 7), I do not get the above error. Could someone please help me understand this problem. Why do I need to do on IIS 10 to get rid of this error.