Authentication Provider to connect with Client Id and Secret/Certificate #237
Comments
ghost
added
the
|
Hello @gjohncock I think you'll want to use the SharePoint specific wrapper of this client library. https://github.com/SharePoint/sp-dev-docs/blob/master/docs/spfx/use-msgraph.md. Please let us know if this is helpful. Michael |
Thanks for the reply michael, but I am looking for a pure JS solution. It looks like the link you provided requires a specific Node Project template and its method of connection is not with a client secret anyway. I have already created code that connects with this method, but it does not work in a sharepoint app (which is a pity because ideally we want the user authenticated to ensure they can only see what they are configured to see). I have found that info about connecting a Sharepoint App to MS graph quite sparse and the only thing I have been able to get from that info is that I need to connect with a client id and secret, not user credentials. Thats been my take on it so far but that could be off base too. I really need to engage with someone who understands the landscape much better than me. Cheers |
|
The MSAL JS library we use only supports Implicit Flow OAuth authorization because client-side JavaScript solutions cannot use Client Credentials flow because having a client secret in browser JavaScript would be insecure. I believe it is possible to take a Sharepoint token and convert it into something that Graph can use. I believe this is what the Microsoft Graph Toolkit does. I'm not quite sure how it works but the magic is here https://github.com/microsoftgraph/microsoft-graph-toolkit/blob/master/src/providers/SharePointProvider.ts |
|
I agree with this feature suggestion. I have an application which needs to get profile pictures from AD but I don't want to expose permissions via access token so users can make these requests client side. It would be secure to use the secret/cert of the app registration to make these requests and hydrate the user information. Many isomorphic applications support server-side only behaviour. It is easy to work out whether it is being run on a server or browser to restrict features too if you are worried about security. |
|
@sidhuko When MSAL for Node is released we will add support for confidential clients in the SDK. Hopefully, that will be later this year. |
|
This feature should be available after adding @azure/identity token credential support. |
ddyett
added
the
ADO to GitHub automation label
|
This feature will be released in 3.0.0 |
Feature Request
Wanting to connect to MS Graph from a Sharepoint App
Is your feature request related to a problem? Please describe
Limited info available but says can only connect with Client ID and Secret/Certificate
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Hoping for a sample on how to do this. The code must be pure Javascript to enable it to be added to a rather large Sharepoint App we are currently using
Describe the solution you'd like
Only need to be able to connect with this method, so I guess that would require some sort of Auth Provider and the corresponding code to make it work
A clear and concise description of what you want to happen.
I want to be able to make requests to MS Graph from our Sharepoint App (not a web part, but an app that runs in its own domain)
Describe alternatives you've considered
Currently using Sharepoint REST API but the functionality does not cover the features we want to build. MS Graph already does, or has the required features on the Road Map
A clear and concise description of any alternative solutions or features you've considered.
There arent any, MS Graph is the only source of the features we require, and should be simple to add into a Javascript code base
Additional context
Add any other context or screenshots about the feature request here.
AB#7544
The text was updated successfully, but these errors were encountered: