Graph API authentication skips over sign in steps

Question

Graph API authentication skips over sign in steps

Dan 1

Hi there,

I have creating an api connection with graph, specifically to get the refresh token.

When i send out the call for authorization it just skips over the sign-in steps. It returns a code but no token.

I followed 2 separate online tutorials and I have the same issue with both. Is it some settings that i am missing?

any help would be appreciated, thank you.

Dan

Dan 1 Reputation point

2022-06-09T17:05:13.013+00:00

Here are my urls

and here is the code

1 answer

Your answer

Dan 1 Reputation point

2022-06-09T17:05:13.013+00:00

Here are my urls

and here is the code

Answer 1

Hi @Dan

The official sample does not provide you with a web view to log in the user. You need to complete the user interaction flow in the browser to obtain the authorization code.

The part of OAuth 2.0 authorization flow is as below:

If you want to get an access token, I recommend you to use the graph SDK. However from my testing MSAL doesn't seem to expose refresh_token to developers, it only refreshes the token for you when your access token expires.

using Microsoft.Identity.Client;  
using Microsoft.Graph.Auth;  
  
namespace test1 {  

    class Program  
  
    {      
        static async System.Threading.Tasks.Task Main(string[] args)  
        {  
                        string clientId = "{client id}";  
                        string clientSecret = "client secret";  
                        string redirectUri = "redirect url";  
                        string authority = "https://login.microsoftonline.com/{tenant id}";  
                        string authorizationCode = "auth code";  
  
                        string[] scopes = new string[] { "Mail.Read openid profile email offline_access" };  
  
                        IConfidentialClientApplication app = ConfidentialClientApplicationBuilder  
                            .Create(clientId)  
                            .WithRedirectUri(redirectUri)  
                            .WithClientSecret(clientSecret)  
                            .WithAuthority(authority)  
                            .Build();  
                          
                       AuthorizationCodeProvider auth = new AuthorizationCodeProvider(app, scopes);  
  
            var authResult = await app.AcquireTokenByAuthorizationCode(scopes, authorizationCode).ExecuteAsync();  
  
            Console.WriteLine(authResult.AccessToken);  
             
        }  
  
    };  
}

Of course you can use postman to request the /token endpoint to get the refresh token.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Dan 1 Reputation point

2022-06-10T14:10:39.907+00:00

Thanks for the reply CarlZhao,
Unfortunately the refresh token is more important than the access token in my context. I need it to make another call to sharepoint afterwards. I'm a bit confused, cause all tutorials that i have been following, the user is sent automatically to the login with the /authorization endpoint. If this is an extra step i need to complete how can i do so, I am not finding any documentation for a redirect to the login page.

Thank you so much for your help! Much appreciated!
CarlZhao-MSFT 46,366 Reputation points

2022-06-15T10:17:57.457+00:00

Hi @Dan
This is a required step, in fact, this step is used to log in the user and complete the authentication interaction, after logging in you will get an authorization code, which you then need to use to redeem access token. https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code

Share via

Graph API authentication skips over sign in steps

1 answer

Your answer