4,374 questions
Integrate Oracle OAM Web SSO Authentication In JavaScript Outlook Add-In
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 89%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Arun Singh
5
Reputation points
Requirement/Goal
We want to authenticate users in the new, Web-based JavaScript, Outlook Add-In using Oracle’s OAM (Oracle Access Manager) Web SSO (hosted on a different Server/domain than our Add-In itself).
Details
- We have our self-hosted Oracle Database which holds users accounts. And we are using Oracle’s Web SSO for user-authentication.
- We have our self-hosted Web site on the same server/domain that has our Oracle Database.
- And we also have our RESTful web APIs on the same server/domain that has our Oracle Database.
- So, if you try to access any resource (web site or API) on that Server/URL, you get REDIRECTED to an authentication page where you enter your username and credentials.
- For instance –
- Suppose this is the Server/URL where we have our Oracle Database and our Website:
https://solutionsr12mob.cmicpaas.com/cmictest- In a browser, you try to access our API with a URL “https://solutionsr12mob.cmicpaas.com/cmictest/cmic-field-rest-api/jersey/v1/login”, You will be REDIRECTED to our following authentication page, protected by Oracle’s OAM WebSSO:
- After you are successfully authenticated, your original call to the API https://solutionsr12mob.cmicpaas.com/cmictest/cmic-field-rest-api/jersey/v1/login will be successfully complete and you will see the desired response in your same browser window.
- After you are successfully authenticated, your original call to the API https://solutionsr12mob.cmicpaas.com/cmictest/cmic-field-rest-api/jersey/v1/login will be successfully complete and you will see the desired response in your same browser window.
- In a browser, you try to access our API with a URL “https://solutionsr12mob.cmicpaas.com/cmictest/cmic-field-rest-api/jersey/v1/login”, You will be REDIRECTED to our following authentication page, protected by Oracle’s OAM WebSSO:
6. For this, our web-site makes use of OAM user-session-cookies – created and maintained by Oracle OAM Web SSO.
Now comes the part which is related to Outlook Add-In
- We have a web-based Outlook Add-In, built using JavaScript and React JS, which is hosted on a different Server/domain than our Oracle database, web-site and REST APIs. Now, we want the Add-In to connect to this system for consuming the REST APIs. And for that, users are required to authenticate themselves, first.
- Now, we also don’t want our Add-In to receive and store user credentials anywhere within itself, like in a settings screen. Therefore, we want to authenticate users (to Oracle database) within our Outlook Add-In but using our Oracle OAM Web SSO mechanism that we explained above. Prime difference being, the Outlook Add-In will launch that sign-in page within it’s own scope – may be in a web-view like component, and not in the system’s web browser.
We want our Outlook Add-In to open our web-site’s login page (hosted on a different domain than the Add-In itself), users sign-in with credentials and “somehow” make the Add-In get those cookies. So that we can then make subsequent calls to our REST APIs.
The only approach, recommended by Microsoft, to achieve the same is to use “Authenticate and authorize with the Office dialog API” but this is primarily for OAuth2.0 and probably that’s why is not working for us.
https://learn.microsoft.com/en-us/office/dev/add-ins/develop/auth-with-office-dialog-api
Microsoft 365 and Office Development Other
Sign in to answer