Authenticating against the Azure AD of my 365 tenant - want to use office 365 sso authentication for my app

Patrick Rote 101 Reputation points
2020-08-03T11:23:54.5+00:00

Hi All,
Not sure if this is the right place to ask this question.
I have a web application using just html/js etc.. but would like to use graph api/rest api sharepoint data as the back-end.

Further I want to use following url credentials for Single Sign On in my web application.
I would like the web app to to be integrated with office 365 after login in to SharePoint online / portal.office.com

The question is what will be the process of authentication?
Do i need to look in into the adal.js?

Thanks in advance

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,094 questions
0 comments No comments
{count} votes

Accepted answer
  1. Shashi Shailaj 7,581 Reputation points Microsoft Employee
    2020-08-03T14:44:59.97+00:00

    Hello @Patrick Rote ,

    ADAL.js is an old library and it is better to use MSAL.js now. You would need to go through the developer guidance and register your web application to the Azure AD . You can use the MSAL.js library for integrating the JS web application for single signon to your Azure AD tenant and then calling Sharepoint data in the back-end by using graph API . I am not sure about your exact scenario on how you have designed the application but you can review the authentication flow article and decide on one of the flows depending on your requirements. You can use the auth code flow to signin users and call the Microsoft Grpah API from your Javascript single page app . Once the user is authenticated, your application can request consent from the user and get access to user's information using the Graph API for SharePoint sites on behalf of the user.

    The sharepoint sites Graph API v1.0 provides support for the following scenarios. There are other scenarios which the beta endpoint for Graph API may support but we don't recommend using the same in production.

    • Access to SharePoint sites, lists, and drives (document libraries)
    • Read-only support for site resources (no ability to create new sites)
    • Read-write support for lists, listItems, and driveItems
    • Address resources by SharePoint ID, URL, or relative path

    The site resource type has multiple types of methods available. Every method requires some permissions that needs to be setup before-hand for your application on the application in azure AD and the same can be found by traversing the page for the method .

    15136-image.png

    I have provided links to the related articles and quick-starts . I would suggest you to go through them and it will help you understand how to design the application authentication flow. I would suggest you to create a test application using the tutorial for the JavaScript app and this tutorial talks about calling Graph API and getting the details from users resources (sites/calender etc.)

    When you say that you want the we app to be integrated with Office365 after logon to portal.office.com/Sharepoint online, I assume that you mean to see the app in Office 365 app launcher . You can add your app to your organisations Office 365 portal app launcher experience by adding custom tiles to app launcher.

    I have included multiple links as this is a vast topic and going through each of the links in the order they appear would give you a better idea. Hope the above explanation helps you with information that you need and guides you to the right path. If you have any other queries , please let us know and we will be happy to help . In case the information is useful , please do accept the post as answer so that its helpful to other members of the community searching for similar answers.

    Thank you.


0 additional answers

Sort by: Most helpful