Get access token from a Microsoft Graph API in jquery:
Token request:
You send a POST request to the /token identity platform endpoint to acquire an access token:
// Line breaks are for legibility only.
POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id= 535fb089-9ff3-47b6-9bfb-4f1264799865
scope= https://graph.microsoft.com/.default
client_secret= qWgdYAmab0YSkuL1qKv5bPX....
grant_type= client_credentials
Parameter Condition Description:
tenant Required The directory tenant that you want to request permission from. This can be in GUID or friendly name format.
client_id Required The Application ID that the Azure app registration portal assigned when you registered your app.
scope Required The value passed for the scope parameter in this request should be the resource identifier (Application ID URI) of the resource you want, affixed with the .default suffix. For Microsoft Graph, the value is https://graph.microsoft.com/.default. This value informs the Microsoft identity platform endpoint that of all the application permissions you have configured for your app, it should issue a token for the ones associated with the resource you want to use.
client_secret Required The Application Secret that you generated for your app in the app registration portal.
grant_type Required Must be client_credentials.
Token response
A successful response looks like this:
JSON
{
"token_type": "Bearer",
"expires_in": 3599,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBP..."
}
Parameter Description
access_token The requested access token. Your app can use this token in calls to Microsoft Graph.
token_type Indicates the token type value. The only type that Azure AD supports is bearer.
expires_in How long the access token is valid (in seconds).
function requestToken() {
$.ajax({
"async": true,
"crossDomain": true,
"url": "https://cors-anywhere.herokuapp.com/https://login.microsoftonline.com/*********/oauth2/v2.0/token", // Pass your tenant id instead of **********
"method": "POST",
"headers": {
"content-type": "application/x-www-form-urlencoded"
},
"data": {
"grant_type": "client_credentials",
"client_id ": "cds54a2c-3s1df-4d71-s58d-6d6fdf2f", //Pass your app id
"client_secret": "*************", //Pass your client secret genereated from registered app
"scope ": "https://graph.microsoft.com/.default"
},
success: function (response) {
console.log(response);
console.log(res.access_token);//token valid for 1 hour
},
error: function (e) {
console.log(e);
}
});
}
requestToken();
Token request:
You send a POST request to the /token identity platform endpoint to acquire an access token:
// Line breaks are for legibility only.
POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id= 535fb089-9ff3-47b6-9bfb-4f1264799865
scope= https://graph.microsoft.com/.default
client_secret= qWgdYAmab0YSkuL1qKv5bPX....
grant_type= client_credentials
Parameter Condition Description:
tenant Required The directory tenant that you want to request permission from. This can be in GUID or friendly name format.
client_id Required The Application ID that the Azure app registration portal assigned when you registered your app.
scope Required The value passed for the scope parameter in this request should be the resource identifier (Application ID URI) of the resource you want, affixed with the .default suffix. For Microsoft Graph, the value is https://graph.microsoft.com/.default. This value informs the Microsoft identity platform endpoint that of all the application permissions you have configured for your app, it should issue a token for the ones associated with the resource you want to use.
client_secret Required The Application Secret that you generated for your app in the app registration portal.
grant_type Required Must be client_credentials.
Token response
A successful response looks like this:
JSON
{
"token_type": "Bearer",
"expires_in": 3599,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBP..."
}
Parameter Description
access_token The requested access token. Your app can use this token in calls to Microsoft Graph.
token_type Indicates the token type value. The only type that Azure AD supports is bearer.
expires_in How long the access token is valid (in seconds).
function requestToken() {
$.ajax({
"async": true,
"crossDomain": true,
"url": "https://cors-anywhere.herokuapp.com/https://login.microsoftonline.com/*********/oauth2/v2.0/token", // Pass your tenant id instead of **********
"method": "POST",
"headers": {
"content-type": "application/x-www-form-urlencoded"
},
"data": {
"grant_type": "client_credentials",
"client_id ": "cds54a2c-3s1df-4d71-s58d-6d6fdf2f", //Pass your app id
"client_secret": "*************", //Pass your client secret genereated from registered app
"scope ": "https://graph.microsoft.com/.default"
},
success: function (response) {
console.log(response);
console.log(res.access_token);//token valid for 1 hour
},
error: function (e) {
console.log(e);
}
});
}
requestToken();
Comments
Post a Comment