9,605 questions
Hi @Nofar
Try enabling public client flow for your app:
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.
Authorization process in Node.js is not working
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 97%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Nofar
0
Reputation points
Hello,
I want to connect to the Outlook Calendar API to read, create, update, and delete events. For this, I need to ask the user for consent.
The first thing I'm doing is to generate the login URL like this:
const msalConfig = {
auth: {
clientId: process.env.OUTLOOK_CLIENT_ID,
authority: `https://login.microsoftonline.com/${process.env.OUTLOOK_TENANT_ID}`,
redirectUri: process.env.REDIRECT_URL_DEVELOPMENT,
},
};
const pca = new PublicClientApplication(msalConfig);
const ccaConfig = {
auth: {
clientId: process.env.OUTLOOK_CLIENT_ID,
authority: `https://login.microsoftonline.com/${process.env.OUTLOOK_TENANT_ID}`,
clientSecret: process.env.OUTLOOK_CLIENT_SECRET_VALUE,
},
};
const cca = new ConfidentialClientApplication(ccaConfig);
const scopes = process.env.OUTLOOK_SCOPES || 'https://graph.microsoft.com/.default';
const authCodeUrlParameters = {
scopes: scopes.split(','),
redirectUri: process.env.REDIRECT_URL_DEVELOPMENT,
};
const url = await pca.getAuthCodeUrl(authCodeUrlParameters);
return url;
Then, I redirect the user to the URL link that I generated. After the user grants consent, I get a code to use to get the Access Token.
So this is the code I'm using to get the Access Token:
const scopes = process.env.OUTLOOK_SCOPES || 'https://graph.microsoft.com/.default';
const tokenRequest = {
code: req.body.code,
scopes: scopes.split(','),
redirectUri: process.env.REDIRECT_URL_DEVELOPMENT,
};
let result;
try {
result = await pca.acquireTokenByCode(tokenRequest);
//accessToken
console.log(result.accessToken);
} catch (e) {
console.log(e.message);
}
So here I'm getting an error of: "invalid_client: The request body must contain the following parameter: 'client_assertion' or 'client_secret'."
Then, I tried to add the 'client_secret' to the tokenRequest, but I still got the same error.
Why am I getting this error and how can I fix it?
Hope someone can help!
Outlook | Windows | Classic Outlook for Windows | For business
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,080 questions
Microsoft Security | Microsoft Graph
13,722 questions
1 answer
Sort by: Most helpful
-
CarlZhao-MSFT 46,371 Reputation points2024-04-29T03:09:08.89+00:00 -
Nofar 0 Reputation points
2024-04-29T07:44:17.9466667+00:00 Hi,
Thanks for your answer.
I already did it, but it is not working. The error I mentioned in the previous message occurred after I enabled public client flow.
I also tried to exchange the authorization code for an access token in a different way instead of using this:
const scopes = process.env.OUTLOOK_SCOPES || 'https://graph.microsoft.com/.default'; const tokenRequest = { code: req.body.code, scopes: scopes.split(','), redirectUri: process.env.REDIRECT_URL_DEVELOPMENT, }; let result; try { result = await pca.acquireTokenByCode(tokenRequest); //accessToken console.log(result.accessToken); } catch (e) { console.log(e.message); }I tried this way:
const response = await fetch(`https://login.microsoftonline.com/${process.env.OUTLOOK_TENANT_ID}/oauth2/v2.0/token`, { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: new URLSearchParams({ client_id: process.env.OUTLOOK_CLIENT_ID, client_secret: process.env.OUTLOOK_CLIENT_SECRET_VALUE, code: code, redirect_uri: process.env.REDIRECT_URL_DEVELOPMENT, grant_type: 'authorization_code', scope: 'https://graph.microsoft.com/Calendars.ReadWrite offline_access' }) }); const data = await response.json(); console.log(data);This way I did get the "access_token" and the "refresh_token" but then I wanted to get all the events from the calendar but I got a 401 error without an error message in this code:
const client = Client.init({ authProvider: (done) => { done(null, data.access_token); }, }); try { const events = await client.api('/me/calendar').get(); console.log(events); } catch (e) { console.log(e.message); }I can't understand what am I doing wrong?
-
CarlZhao-MSFT 46,371 Reputation points
2024-04-29T08:31:03.1766667+00:00 You mean, it will cause 401 errors when you call the
/me/carendar/eventsAPI?const events = await client.api('/me/calendar/events').get(); console.log(events); -
Nofar 0 Reputation points
2024-04-29T08:55:53.55+00:00 Yes exactly. After calling the
/me/calendar/eventsAPI, I'm getting a 401 error with no error message:try { const events = await client.api('/me/calendar/events').get(); console.log(events); } catch (e) { console.log(e); } -
Nofar 0 Reputation points
2024-04-29T08:56:53.89+00:00 Yes exactly. After calling the /me/calendar/events API, I'm getting a 401 error with no error message:
try { const events = await client.api('/me/calendar/events').get(); console.log(events); } catch (e) { console.log(e.message); } -
CarlZhao-MSFT 46,371 Reputation points
2024-04-29T09:08:38.1066667+00:00 Can you use jwt.ms to decode your access token and share screenshots?
-
Nofar 0 Reputation points
2024-04-29T09:45:56.6366667+00:00 Here is a screenshot from my decode access token:
Sign in to comment -