Office 365 Discovery services - Part 4

The Office 365 APIs contain multiple endpoints such as contacts, calendar, mail, files and there’s even a way to talk to the SharePoint REST API. Discovery service helps in discover the office 365 API endpoints for you applications. It returns a list of all the office 365 API services the user has access.
For the basics and authentication of office 365, refer the link Office 365 Authentication details
 
Office 365 Discovery services is used for the following reasons

1. We must know the endpoint’s unique ID which is called the Resource ID. This is the unique ID of the resource endpoint that you use when asking the Azure token endpoint for an access token in the authentication process.
2. We must know the endpoint of the resource called the Resource URL. Some services have the same endpoint URL, for instance the contacts, calendar and mail endpoints all share the same Exchange Online endpoint of https://outlook.office365.com. However others may be different, like the files endpoint includes some stuff in the URL about the specific user. 
3. To check if that permission has been granted by the user instead of trying to issue the request and checking if you get a  ccess denied

If you are building apps for the particular tenant,the Office 365 team makes it easier for us to build Single Page Applications that leverage Office 365 with the support of CORS

If you are building apps for the Multi tenant,then we need  to find the name of the Office 365 tenant that it should connect to your application which is done using the Discovery services 

We will see the discovery service in action in fiddler 

• Create a office 365 app and configure the same with the permissions as shown.

• Issue an Get request in fiddler on Authorization code end point to get the authorization code

https://login.microsoftonline.com/5b532de2-3c90-4e6b-bf85-db0ed9cf5b48/oauth2/authorize
?response_type=code
&client_id=9c91f218-b649-41e3-9933-4b77c67b2ef7
&redirect_uri=https://manage.windowsazure.com

• Issue an Post request in fiddler on Token code end point to get the access token

https://login.microsoftonline.com/5b532de2-3c90-4e6b-bf85-db0ed9cf5b48/oauth2/token
grant_type=authorization_code
&client_id=9c91f218-b649-41e3-9933-4b77c67b2ef7
&code=AAABAAAAiL9Kn2Z27UubvWFPbm0gLdsKG0x_efGz_zoZ2hMpeTYaeMg0-acp6S_VNVToAd3DTbovPz7WwwMaeYknE5r-4EbmmL1yaGp7yvBnQAKor6T7nTk8W5hafwJNWY7JfncdI_vEB2Ck4W34orCwz91MzDrD_SJqshdqFHJH386zvE8T9Oebg5soWlG7TcIQ_tw2qk2EQUSoUVpnmB0ydhMEAOm8Yx6RHcBnu_6E9kHZP0Dm4B-i4wincgnXMtR5GHlRWQXNsheXLuz73NudYlMwV-Ik3Le41aU3-_bLEVp5Ub_lWqZ2EWr2C293NYWOq1OLK-0Ia8gZmkMyj9AIRfyiroO6M6oSt6cSTkvK1pSbtmiw1vwfY1q5XIJn_i1REwuzuGBqyQalXoeaSHaOaYpU27uez2IDGsXvSNHN819XA0v4AES-2F3oF7IEFBMNljInfWJueXw_fW2wTe7bZSQ8Bm8m7sBakDr_U6ER34z7C7Q9AebAi5IDWH2irFND1GB8FA5TDOE5dZx9n8zFcjpZ0X94fZLHV8Kr21MqJUUfIdXfcCSuBGSvvlNZ3NDfAC8FIAA
&redirect_uri=https://manage.windowsazure.com
&resource=https://api.office.com/discovery/
&client_secret=RON%2FU4MWDzUu45AQaJDqMDbxL8ysDtq986AsYM5qJzg%3D

• Issue an Get request in fiddler for discovery service passing the access token as shown

https://api.office.com/discovery/v1.0/me/services

There are a few challenges when working with these Office 365 APIs as there are a few things you must know prior to calling them from within your code ( for accessing a resource (Mail,Contact and files) we need to get the access token for every resource and then call the service).

We will use the Office 365 Unified API which is in Preview .With the unified API , we need to get only a single access token and only have one single end point to get all the data from office 365 API. We will look into the details of the Unified API in the next blog.