I have SharePoint 2010 foundation installed on a AWS (Amazaon Web Services) server. I also have office365 (Email Hosted Plan Accounts). Is it possible to link to office 365 for authentication when a user tries to access the SharePoint site? In other words, can I use Office365 as authentication provider similar to windows live id with in share point.
Any pointers will help.
Related
I have created WebApi and hosted it to Azure server, now I want to get data from Microsoft Dynamics CRM into this API with logged in Office 365 users credentials.
So when I call the WebApi from office 365 it takes Office 365 logged in user's credentials and get data from CRM of same user.
For getting Dynamics 365 data you need the access token which as you mentioned is granted by office 365 OAuth server. Assuming that you already registered your app in Azure active directory and gained your client Id and secret key, you need also give permission to your app to access Dynamics 365 (using Required permissions in Setting panel of app registration).
After setting up your app in Azure AD, then you can redirect your user to office 365 login page (OAuth 2.0 Authorization Endpoint) for getting the access token. there are different methods to do it. In my experience I used getting token using Authentication code, but generally you need to compose a url to login page with following param:
'https://login.windows.net/' + tenant + '/oauth2/authorize?response_type=code&client_id=<client_id>&redirect_uri=<redirect_uri>&state=<state>&resource=<resource>'
In case of Authentication code it returns a code which you can use to acquire token. Microsoft developed some drivers which does it for you. If you use node.js you can check out adal, for sure they have something similar for dot.net.
After getting your access token, you just need to call your Dynamics 365 (resource) to get the data.
I am making Office 365 add-in for Outlook web and SharePoint. As per the documentation, I need a developer account to register my add-in. The developer account for company is for $99.
I also wanted to authenticate user using his office 365 subscription. The documentation tells that an Azure account is needed for office 365 authentication, in which the app will be registered. Azure account is for $99 for company.
Now my question is that, as I have to register office 365 add-in and also enable authentication, do I need to buy both accounts each for $99 that cost $198. Or only one account serves my purpose ? It will be really helpful if any one having experience with office add-in can suggest some good resource to do this.
After you have the Office 365 developer account, you don't have to buy the Azure subscription to register the app to the Azure Active Directory. Because the Office 365 account already have a free subscription to Azure Active Directory.
And to activate this subscription and access the Azure management portal, you have to complete a one-time registration process. Afterward, you can access Azure AD from your Microsoft service that uses it(refer here about detail).
And it is recommend that you register the app through the Application Registration Portal at http://apps.dev.microsoft.com/ since it supports 'V2' which allow developers to write apps that accept sign-in from both Microsoft Accounts and Azure AD accounts, using a single auth endpoint(V2 endpoint).
I want to integrate one drive for business into my windows forms application in Visual Studio 2008. I have followed the link "https://dev.onedrive.com/auth/aad_oauth.htm" for registration in Azure and authentication into Office 365. I am able to get the "https://{tenant}-my.sharepoint.com/_api/v2.0/me" url for the logged in user and also the access token for calling one drive api's. But when I call the API to get the default drive or the files present at root level in the one drive business account, I get an unauthorized access error, Error:401. I have tried all the permutations and combinations of permissions (namely, Windows Azure Active Directory,Office 365 unified API, Office 365 Management APIs, Office 365 Sharepoint Online, Office 365 Exchange Online, Windows Azure Service Management API).
Please suggest what else could I be missing?
This person "Not able to use One Drive API for One Drive for Business" also had the same problem.
And I have the same problem, but it's a API bug.
I founded this on OneDrive for Business API item/file download content 401.
Thanks
I'm trying to generate, through the Windows Azure Management Console, an API key that will allow me to make requests for Exchange Calendar Data (I need access to the Office 365 Exchange Online API set).
I am trying to get to this - from a help post I saw. Unfortunately, I only have these options.
However, I don't have access to the Office 365 permissions set for the application I created, and I can't figure out how to get access. Do I have to have an Office 365 organization account?
A few more details: the application itself is in my default directory, and it isn't multi-tenant. Thanks.
In order to create an application with Azure AD that uses Office permissions, I had to register for an Office 365 account with the same account that I used to create the application in the Azure Management Console. You probably won't see those permissions unless you have signed up for Office 365.
I signed up for a free trial and let it expire, and I was still able to use the requisite application permissions for Office. My Azure free trial also expired, and I was still able to use AD as I had before, and my application can still make API calls.
Similar to the question here Accessing Office 365 user mail data with admin authorisation only
Currently i am implementing an application that will access a set of mailboxes on Office365 using a service account.
There is an MSDN blog post announcing oauth support for Office 365 http://blogs.msdn.com/b/exchangedev/archive/2014/03/25/using-oauth2-to-access-calendar-contact-and-mail-api-in-exchange-online-in-office-365.aspx
Can our app use the technique in that link and get authorization from the administrator for the set of mailboxes using the service account for this "group" of mailboxes ?
If you're using OAuth with the new REST APIs, an administrator can consent on behalf of their entire Office 365 organization. They cannot consent only on behalf of a subset of users.