How to get a user identity/access token in Sharepoint to pass to iframe?

Question

How to get a user identity/access token in Sharepoint to pass to iframe?

Eugen 1

Hello,

We are embedding https://iframe.example.com in a SharePoint page: https://contoso.sharepoint.com/sites/xxx

We managed to include it and display it.

The app at iframe.example.com has it's own authentication implemented.

We want to allow users authenticated at the sharepoint page https://contoso.sharepoint.com/sites/xxx to this app.

What is the best way to achieve this integration ?

How should we convert the identity of Sharepoint users to our users?

My guess would be to use JS and fetch a user identity token then pass this token to a service / our service and validate the token on the app side. By token, in this context I understand a signed JWT token.

Initially asked https://answers.microsoft.com/en-us/msoffice/forum/msoffice_sharepoint-msoffice_unknown-mso_subother/how-to-get-a-user-identityaccess-token-in/6ecefa3e-923c-4a2c-bd4e-08811d0e6eda?messageId=92dfc095-fb8d-45f7-93cc-ac44dfea318a .

Regards,

Eugen

1 answer

Your answer

Answer 1

Hi @Eugen
You need to pass TenantID, Client ID, Client Secret and resource details to get the access token. Please refer to following code

$.ajax({  
    type: 'POST',  
    crossDomain: true,  
    url: 'https://accounts.accesscontrol.windows.net/<tenantID>/tokens/OAuth/2',  
    headers: {  
        "content-type": "application/x-www-form-urlencoded"  
    },  
    data: {  
        "grant_type": "client_credentials",  
        "client_id": "<ClientID>@<TenantID>",  
        "client_secret": "<ClientSecret>",  
        "resource": "00000003-0000-0ff1-ce00-000000000000/<sitename>.sharepoint.com@<TenantID>"  
    },  
    success: function(data) {  
        //data.token_type returns "Bearer"  
        //data.access_token returns < AccessToken >  
        var at = data.token_type + " " + data.access_token;  
      //caal the REST API with the at variable in header  
  
    },  
    error: function(data, errorThrown, status) {  
  
    }  
});

Then you can use getElementbyId to pass values to iFrame like this

<script type="text/javascript">  
    var params = "xxxxxxxxxxxxxxxxxxxxx";  
    document.getElementById("myIframe").src = 'https://iframe.example.com/?' + params;  
</script>  
  
<iframe id="myIframe" src="https://iframe.example.com" width="80%"></iframe>

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

RaytheonXie_MSFT 40,471 Reputation points Microsoft External Staff

2022-11-21T07:29:56.667+00:00

Hi @Eugen
Have you tried the solution I proposed?

If you have any questions or progress, you can contact me in time.

Looking forward to your reply

Have a lucky day!

Thanks,
Raytheon Xie
Kantilal Jadav 0 Reputation points

2023-06-21T14:06:00.1633333+00:00

On above ajax call I am getting following error:

Access to XMLHttpRequest at 'https://accounts.accesscontrol.windows.net/xxxxxx/tokens/OAuth/2' from origin 'https://abc.sharepoint.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Can you help on this?
Francesca 0 Reputation points

2023-08-18T12:45:13.0966667+00:00

I made some test calls in Postman using the form body that was provided in this answer. I get a token as a result but when I pass it as header to a subsequent GET call to a sharepoint API I get 401:unauthorized error. Any ideas what I might be missing?

Share via

How to get a user identity/access token in Sharepoint to pass to iframe?

1 answer

Your answer