Obtaining access tokens for Outlook add-in that use Microsoft Graph API

Isora Dolage 16 Reputation points
2022-05-11T06:19:58.087+00:00

If getAccessToken(options) is not supported for add-ins that are loaded in Outlook.com and
getAccessTokenAsync(options, callback)/getAccessTokenAsync(callback) methods are also deprecated
what are the other solutions to obtain the access token for add-ins that are loaded in Outlook.com?

After obtaining the token, how to access Microsoft Graph API? and without using forMSGraphAccess how to test a SSO Outlook add-in that is sideloaded and needs Microsoft Graph scopes (not just Microsoft Graph profile scope)?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,723 questions
Office Development
Office Development
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Development: The process of researching, productizing, and refining new or existing technologies.
3,533 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Zehui Yao_MSFT 5,831 Reputation points
    2022-05-13T07:10:39.19+00:00

    Hello @Isora Dolage , I find a sample of building an Office Add-in for Excel that uses the Microsoft Graph API for your reference. It can be used as a reference for your Outlook add-in development

    To obtain the access token for Microsoft Graph, you need to register you application in Azure AD, make sure you provide right roles/permissions so that you can get a token. Using the token you can access a protected resource like Microsoft Graph API. You can get started quickly with the documentation on getting tokens and the tutorial on creating a simple application.

    The SSO authentication method uses the OAuth2 On-Behalf-Of flow provided by Azure Active Directory, which is also an authentication method using Microsoft Graph. It requires that the add-in register in the Application Registration Portal and specify any required Microsoft Graph scopes in its manifest. Here for your reference: https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/authentication

    Hope this helps you.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Isora Dolage 16 Reputation points
    2022-05-17T03:49:48.473+00:00

    Hi @Zehui Yao_MSFT ,

    Thank you for your answer. However, I still have some doubts

    1. The sample project you mentioned also uses getAccessToken() method Please refer image 1
    2. Requirement set for getAccessToken() method is IdentityAPI 1.3, according to Outlook client support it is not supported in many platforms, especially the mobile platforms and outlook.com
    3. Therefore, are there any other methods that I can use in a SSO add-in to get the access token other than the getAccessToken() method?
    4. If I'm using Exchange user identity token can I authenticate the user only using getUserIdentityTokenAsync() method and use that token to access Microsoft Graph?
    5. If (4) is possible, what is the requirement set for getUserIdentityTokenAsync()?
    6. If (4) is possible, can you please provide me a link to a sample project template?
    0 comments