Sharepoint SSO with Iframe embed in react app

Question

Sharepoint SSO with Iframe embed in react app

Monika Patel [C] 0

I am using iframe to embed SharePoint files in my react-app. I want to do SSO, so that Iframe not show Sharepoint login form. Is there any solution for that?

1 answer

Your answer

Answer 1

Anonymous

Hi @Monika Patel [C],

To achieve Single Sign-On (SSO) for SharePoint files embedded in an iframe within your React app, you can use the SharePoint OAuth authentication flow. Here's a general outline of the steps involved:

Register your application in Azure Active Directory (AAD): To enable SSO, you'll need to register your React app as an application in AAD and obtain the necessary client ID and client secret.

Configure the SharePoint API permissions: In the AAD application registration, you need to grant the required permissions to access SharePoint files on behalf of the user. Typically, you'll need the or permission.Files.ReadFiles.Read.All

Implement the authentication flow in your React app: a. On your React app's login page, provide a button or link to initiate the authentication process. b. When the user clicks on the login button, redirect them to the Azure AD login page, passing your registered client ID and the desired SharePoint site as the parameter. c. After successful authentication, Azure AD will redirect the user back to a specified redirect URL within your React app, along with an authorization code. d. Exchange the authorization code for an access token by making a request to Azure AD's token endpoint. Include the code, client ID, client secret, and the redirect URL used in the previous step. e. Once you receive the access token, you can store it securely (e.g., in a session or local storage) and use it to authenticate subsequent requests to SharePoint.resource

Embed SharePoint files in the iframe: When embedding SharePoint files in the iframe, pass the access token as an Authorization header in the request. This will authenticate the user and bypass the SharePoint login form within the iframe.

Note: Depending on the specific SharePoint configuration and authentication requirements, there might be additional considerations or adjustments needed. It's recommended to refer to the official Microsoft documentation or consult SharePoint development resources for detailed implementation guidance.

Keep in mind that implementing SSO requires careful handling of security considerations, such as protecting client secrets and properly securing access tokens.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Best Regards

Cheng Feng

Monika Patel [C] 0 Reputation points

2023-06-23T09:53:31.79+00:00

I can not understand the highlighted lines. We are using just iframe. we are not calling any API. so how can we use Authorization header in the request ?
I am taking embed html code from share point share option as shown in the screen short. If any other option to embed please share a document link.
Monika Patel [C] 0 Reputation points

2023-06-23T10:03:31.62+00:00

If you can provide me syntax of iframe with header token that would be very helpful.

Anonymous

Hi @Monika Patel [C],

Please try to set the parameter after getting the token after the URL, and then put the modified URL into SRC

iframeUrl = `https://your-sharepoint-site.com/path-to-your-file?access_token=${accessToken}`
<iframe src={iframeUrl} />

But the problem here is how to ensure that the token is up to date, we may need to use timer polling query to achieve.

// get token and set refresh timer
function authenticate() {
   // Get the token here and set it in the iframeUrl
   const iframeUrl = `https://your-sharepoint-site.com/path-to-your-file?access_token=${accessToken}`;
  
   // Set the iframe's src to the latest URL
   const iframe = document. getElementById('your-iframe-id');
   iframe.src = iframeUrl;
  
   // Set the timer to refresh the token before it expires
   const refreshTokenTimer = setTimeout(refreshToken, timeUntilExpiration);
}
// refresh token
function refreshToken() {
   // Perform the operation of refreshing the token here to get a new token
   // Update the value of the accessToken variable
  
   // Call the authenticate() method again to update the src of the iframe
   authenticate();
}
// Initialize authentication and token refresh when the component is mounted
componentDidMount() {
   authenticate();
}

This is an example, the implementation needs to be adjusted appropriately depending on the authentication library and framework you use

Monika Patel [C] 0 Reputation points

2023-06-27T17:40:47.81+00:00

Hi, I am using MSAL library for azure Auth. Am I going right way to generate a token for SharePoint?
Anonymous

2023-07-06T07:08:22.51+00:00

HI

Could you please provide the effect or error message after the test?
Nirmal Mudaliar 5 Reputation points

2025-06-12T12:49:30.02+00:00

Hi @Monika Patel [C],
Are you able to resolve this issue?

Share via

Sharepoint SSO with Iframe embed in react app

1 answer

Your answer