Skip to main content

Search

Graph API Authentication

Comments

5 comments

  • okachmar

    Hello Manuel Habert,

     

    Could you provide more details:

    1. Where are you going to make calls to Graph API in RichForms app?

    2. Why do you need current logged user for authorization to Graph API?

     

    As for Rich Forms app, it works just as a web part and doesn't store any information like current logged in user.

     

    Best Regards,

    Oleg Kachmar

    0
  • Manuel Habert

    Hi Oleg Kachmar

     

    I'd like to create an Office 365 Group after creation of a list item. My solution is to call the Graph Rest API to create a new group. However, I need a bearer token to authorize the request.

    1. Where are you going to make calls to Graph API in RichForms app?

    I thought when the save button is clicked.

    2. Why do you need current logged user for authorization to Graph API?

    Because as mentioned above I need to create a Office 365 Group from the user context.

     

    I don't know how the rich forms work, but maybe you have already used a bearer token inside your code. Maybe you could serve the token in the solution studio or there is another solution to create Office 365 Groups.

     

    Best Regards,

    Manuel Habert

    0
  • Daniel Wyss

    Hi Manuel

     

    The only authorization/bearer token you can retrieve on classic SharePoint pages is actually what's used for the SharePoint client context (i.e. used in CSOM). Rich Forms uses this. This is issued by Azure ACS though and as far as I know, these tokens won't be accepted by the Microsoft Graph API, which requires an access token from Azure AD. So your only way is using something like the ADAL library to get an access token you can use to call Microsoft Graph API. And sadly that won't be easy.

     

    Best Regards

    Dany Wyss

    0
  • Manuel Habert

    Hi everyone

     

    I found a solution for this problem with custom code.

    You need to do the following steps:

    1. Register your app at https://apps.dev.microsoft.com/ to get a client id
    2. Import the following javascript to your website: https://secure.aadcdn.microsoftonline-p.com/lib/0.1.1/js/msal.min.js
    3. With this code you can get your authentication token:
      var userAgentApplication = new Msal.UserAgentApplication('<ClientId of your registration before>', null, function (errorDes, token, error, tokenType) {
          // this callback is called after loginRedirect OR acquireTokenRedirect. It's not used with loginPopup,  acquireTokenPopup.
          if (error) {
              console.log(error + ": " + errorDes);
          }
          else
              console.log("Token type = " + tokenType);
      })
      userAgentApplication.loginPopup(["user.read"]).then(function (token) {
          var user = userAgentApplication.getUser();
          if (user) {
              console.log("signed in sucessfully");
              // get an access token
              userAgentApplication.acquireTokenSilent(["user.read"]).then(function (token) {
                  console.log("Success acquiring access token");
              }, function (error) {
                  // interaction required
                  if (error.indexOf("interaction_required" != -1)) {
                      userAgentApplication.acquireTokenPopup(["user.read"]).then(function (token) {
                          console.log("Success acquiring access token");
                      }, function (error) {
                          console.log("Failure acquiring token: " + error);
                      });
                  }
              });
          } else {
              console.log("signed in failure");
          }
      }, function (error) {
          console.log("error: " + error);
          });
    0
  • Manuel Habert

    Hi Daniel Wyss

     

    Thanks for your reply. As I already replied to this post, I found a solution with the MSAL framework and custom coding in Skybow.

     

    Best Regards

    Manuel Habert

    0

Please sign in to leave a comment.