When creating a new application registration in Azure USGov I do not have SharePoint Online as an option under required permissions. Only AAD, Graph, WASM, and O365 Management API's. What am I missing?
do you see "Office 365 SharePoint Online" as an option? Below is what I see as options.
Related
I am a bit confused with Office 365 subscriptions and the application I have created in Azure AD for OAuth.
I have programmatically created an Azure AD app for OAuth and have assigned it appropriate permissions for Graph API and EWS API. The app is working perfectly fine with the Dev tenant I have for my testing. I am able to programmatically access OneDrive and Mailboxes using the token created by this application.
Now I am not sure if I need to associate this app with Office 365 subscriptions. Currently, my dev tenant does not have any Azure / Office 365 subscriptions but users in the field may have Azure / Office 365 subscriptions.
I am not sure if I need to perform any specific checks for subscriptions and associate my app with any. Information I found on the net is confusing and I am unable to conclude anything from it.
Please let me know if you have any idea about this. I am a bit new to this whole thing so forgive my ignorance.
Access Graph API and EWS API only requires that you have O365 subscription.
But you don't need to do something like associating with O365 subscription.
Just make sure this Azure AD application is available in the corresponding tenant.
For example, we have a tenant #testTenant.onmicrosoft.com, and a user admin#testTenant.onmicrosoft.com.
You need to create the AAD application in this tenant #testTenant.onmicrosoft.com. And if admin#testTenant.onmicrosoft.com has O365 subscription with Exchange Online license, you can access its AAD user profile information and O365 mailbox with Graph and EWS. If the user doesn't have O365 subscription, you can also access its AAD user profile information. But the mailbox is not existing so you can't access the mailbox.
Does anyone know if Azure B2C works with SharePoint 2016 on-premises? This SharePoint environment in question is for external users not internal users. The objective is to move away from SQL Forms Based Authentication (FBA) to Azure.
As per this article below, in combination with Claims Provider, it is easy to configure:
https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/sharepoint-on-premises-tutorial
However, Microsoft's B2C FAQ says that:
"Azure AD B2C is not meant for the SharePoint external partner-sharing scenario; see Azure AD B2B instead". But Azure B2B is out of scope.
Azure AD B2C is not meant for the SharePoint external partner-sharing scenario. Please raise the new user voice or vote for similar user voice.
I am making Office 365 add-in for Outlook web and SharePoint. As per the documentation, I need a developer account to register my add-in. The developer account for company is for $99.
I also wanted to authenticate user using his office 365 subscription. The documentation tells that an Azure account is needed for office 365 authentication, in which the app will be registered. Azure account is for $99 for company.
Now my question is that, as I have to register office 365 add-in and also enable authentication, do I need to buy both accounts each for $99 that cost $198. Or only one account serves my purpose ? It will be really helpful if any one having experience with office add-in can suggest some good resource to do this.
After you have the Office 365 developer account, you don't have to buy the Azure subscription to register the app to the Azure Active Directory. Because the Office 365 account already have a free subscription to Azure Active Directory.
And to activate this subscription and access the Azure management portal, you have to complete a one-time registration process. Afterward, you can access Azure AD from your Microsoft service that uses it(refer here about detail).
And it is recommend that you register the app through the Application Registration Portal at http://apps.dev.microsoft.com/ since it supports 'V2' which allow developers to write apps that accept sign-in from both Microsoft Accounts and Azure AD accounts, using a single auth endpoint(V2 endpoint).
I need the token in order to use office api discovery service (https://api.office.com/discovery/) to find SharePoint root url.
Is it possible to get access to Azure AD token from add-ins (Outlook/Office)?
Edit(To make things more clear):
As I'm building a multi-tenant Azure hosted app that should be launched via add-ins, I will have to force users to log-in in popup and give consent for application. Login is mandatory since in office add-in's we cannot find out who the logged in user is.
You can follow the documentation here on how to retrieve an authorization token - https://graph.microsoft.io/en-us/docs/platform/rest from Azure AD for the use of finding the root URL - also you can use the Microsoft Graph, which is the newer version of the Discovery service (more details about it again at the link provided).
Can I use office 365 login/credentials as Single Sign On? Actually I need to sign in my web application using office 365 login details.
Further I want to use following url credentials for Single Sign On in my web application.
https://portal.office.com
Indeed. Office365 identities are backed by Azure Active Directory, and you can build WebApps, WebAPIs and mobile apps secured using Azure Active Directory, so that customers of Offic365 can SSO to your applications.
The various auth scenarios supported by Azure AD are here: http://msdn.microsoft.com/en-us/library/azure/dn499820.aspx. Code samples are here: http://msdn.microsoft.com/en-us/library/azure/dn646737.aspx.
Hope that helps.