Share via

Obtaining user consent (Windows Runtime apps using JavaScript and HTML)

  • Article

This topic describes how a Windows Runtime app using JavaScript and HTML requests permission from the user to access data that the user has stored on Microsoft OneDrive.

In this article
Prerequisites
Request initial scopes
Request additional scopes
Get a list of current permissions

Before your Windows Runtime app using JavaScript and HTML can access a user's data, the signed-in user must consent to letting the app access that data. The Live SDK divides this consent into categories, called scopes. For more info about scopes, see Scopes and permissions.

Some common scopes that your app might want to request are:

  • wl.basic Allows access to a user's basic info.

  • wl.emails Allows access to a user's email addresses.

  • wl.photos Allows access to a OneDrive user's photos.

Note

We recommend that you limit the number of scopes you request at any given time to the smallest number necessary to perform a task.

If a user chooses to use a feature that requires a scope that your app doesn't currently have permission to access, your app must get consent for the new scope from the user.

The Live SDK use OAuth 2.0 to enable users to sign in and provide consent to your app. When a user signs in to your app, he or she is redirected to a window that is hosted by the Microsoft account authorization web service.

After the user grants permission to access his or her data, your app can begin working with the user's information.

Prerequisites

The user must be signed in with a Microsoft account. To learn how to sign users in from your app, see Signing users in.

Request initial scopes

Add the scope property to WL.init and then instantiate the sign-in control by calling WL.ui, as in this example.

WL.init({
    client_id: APP_CLIENT_ID,
    redirect_uri: REDIRECT_URL,
    scope: "wl.signin", 
    response_type: "token"
});

WL.ui({
    name: "signin",
    element: "signin"
});

Request additional scopes

If the user has not consented to the scopes needed to access specific info, your app can request additional scopes.

function moreScopes_onClick() {
    WL.login({
        scope: ["wl.signin", "wl.basic"]
    }).then(
        function (session) {
            document.getElementById("infoLabel").innerText = "Signed in.";
        },
        function (sessionError) {
            document.getElementById("infoLabel").innerText = 
                "Error signing in: " + sessionError.error_description;
        }
    );
}

Get a list of current permissions

This example returns a list of permissions, representing scopes that the user has already consented to.

function checkPermissions_onClick() {
    WL.login({
        scope: "wl.basic"
    }).then(
        function (response) {
            WL.api({
                path: "me/permissions",
                method: "GET"
            }).then(
                function (response) {
                    var message = "";
                    for (property in response.data[0]) {
                        if (response.data[0].hasOwnProperty(property))
                            message += "<br>" + property;
                    }
                    document.getElementById("infoLabel").innerHTML = result;
                },
                function (responseFailed) {
                    document.getElementById("inforLabel").innerText =
                        "Error calling API: " + responseFailed.error.message;
                }
            );
        },
        function (responseFailed) {
            document.getElementById("infoLabel").innerText = 
                "Error signing in: " + responseFailed.error_description;
        }
    );
}