asp.net mvc - Microsoft Graph API auhetication for service apps -
we developing web application using microsoft graph, signed in user can, export calendar events third party calendar application. after initial export, need keep exported data in sync calendar changes via service app (a scheduled task running on server). need multi tenant application, people different organizations should able use service.
right did authentication using oauth 2.0 , openid connect described in this sample. later understood access token using method cannot used in service app without user interaction. considering our scenario best way achieve this?
i have read app-only authorization method this. if use authentication method, app need consented tenant administrator , these applications quite powerful in terms of data can access in office 365 organization. considering developing product used different organizations, feasible use method?
to use client credentials oauth2.0 flow (aka "app-only" or service account access depending on who's documentation you're reading) admin each tenancy need specify scopes daemon process can have users in tenancy. end users can't give these scoping rights code (as far know @ least).
one thing watch out graph api doesn't allow mess calendars attached office 365 groups if you're using client credentials flow. pain us, we've raised issue needs fixing in office 365 feedback system. if that's issue or else, please throw few votes @ gets more attention @ microsoft. :-)
Comments
Post a Comment