2

I am trying to integrate Microsoft Graph authentication and access sharepoint and User's Graph Profile & Pic. I had followed their document https://developer.microsoft.com/en-us/graph/docs/authorization/app_authorization
I am able to achieve first step Authenticate a user and get app authorized , but not Acquire an access token. I have checked it in Postman, able to get response of access token. Same way I'm trying to do it using Jquery Ajax but getting

XMLHttpRequest cannot load https://login.microsoftonline.com/common/oauth2/token. No 'Access-Control-Allow-Origin' header is present on the requested resource.

$.ajax({ type:"POST",headers: {
    'Content-Type':'application/x-www-form-urlencoded'
},
crossOrigin: true,url: "https://login.microsoftonline.com/common/oauth2/token",data:$.param({grant_type: "authorization_code",redirect_uri:"http://localhost:92",client_id:"8c907c91-1b21-4468-825e-116a4f663249",client_secret:"xxxxxxxxx+=",code:"AQABAAIAAABnfiG-mA6NTae7CdWW7QfdkHvUMGWjMMTjOGwaac7c-pFOjLqj98r37uhB1a1XqjnCL-nK5HcvRIYLhLSUQJZeY9ybZLgWfSl4U0CNdZkwIvee_r6-hPC0Wts0ULDWzkg_nHWLHrquAjJ67T84vuIUv8525xTVdm1Ej07EPRttlske50jy1lruaLX0Wzdj72VnAQ0iRHB_VKwEA-1YB7VOt6qh9756XYkDUfzJMZTxTawT5PVQFyv2joy0TbUYljkyT8RgzdhgT6YV6Rum3cQZg3Amso-0-6umF_1ECfdjmXXxdkscAmsGJHZPrZ1HE8W9zhfsGKlc57QI8J3Qkz-Wfkw8lxcfpp84wHmKnA28jWrww7szXVjjsYmtNsRpSYIvq393QoUZnWN-t0D71510pVAYswr6R3_rR80SMrMvolIpoXeIvPDoOkLszgYEeNRkGAcjVYD5XS4aajyrWqCSUz3xzNt8Vb6x9QBCWxw9xAottQM5ZZIbWc9zrKmmPL8sqkEpJ7Z95QdJjgkFy0qT5c_GQwKNoAiF96iVhyLiULvjwlFYsV9d84QGnz_a5NIt6mMbhgJoY32snEJN7kMyK9uzTHdglkkl-9UgJNnpArN5D8hywaERMN4Fy7RZxnqx9Mt4UnnfK9-RnjvaIE6TIAA",resource:"https://graph.microsoft.com/"}), success: function(result){
    $("#div1").html(result);
},
error: function(){

    $("#div1").html("Error");
}});

But in Console, I can see the response form the post method, because for 'Acces-origin' issue, I couldn't get response in my Ajax Success part. But in Console, I can see the response for POST Method

Praveen R
  • 699
  • 2
  • 7
  • 23

1 Answers1

-1

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy.So the browser is blocking it as it usually allows a request in the same origin for security reasons. Postman wil work because they are not restricted by this policy .

To integrate AAD in javascript, we suggest you to use azure-activedirectory-library-for-js which is a library in javascript for frontend to integrate AAD with a ease ,by using implicit grant flow ,It also has the advantage of eliminating any requirements for cross origin calls, which are necessary if the JavaScript application is required to contact the token endpoint. Here is a thread which discuss same topic and show more about how to use ADAL.JS , please refer to that .

Community
  • 1
  • 1
Nan Yu
  • 26,101
  • 9
  • 68
  • 148
  • Is there any official Adal Component available for Angular 2? – Praveen R May 03 '17 at 05:26
  • 1
    @PraveenR, Currently there is no official Adal Component available for Angular 2 , please refer to [this discussion](https://github.com/AzureAD/azure-activedirectory-library-for-js/issues/194), but you could refer to the code sample mentioned (https://github.com/sureshchahal/angular2-adal) in that discussion . – Nan Yu May 03 '17 at 05:46
  • using that single token, can I get Sharepoint and Office Graph details? Doubt,Generally to access particular resource we should use different token for each resource (as per document). like resource: https://xxxx.sharepoint.com/ – Praveen R May 03 '17 at 05:52
  • Yes , you could get access token for [Microsoft Graph APi ](https://developer.microsoft.com/en-us/graph/) and use that token to access related resources with microsoft graph api . – Nan Yu May 03 '17 at 05:55
  • Microsoft Graph exposes multiple APIs from Office 365 and other Microsoft cloud services through a single endpoint: https://graph.microsoft.com – Nan Yu May 03 '17 at 05:56
  • Actually, I had tried same. It's authenticated the user,but using that token it was failed to get resource details because the token generated is not matched with AD. generated token is for AD2.0 . I was not sure about, but let me try one more time. – Praveen R May 03 '17 at 05:59
  • You need to check whether audience of token is graph api (https://graph.microsoft.com) and you have enough scope in token to access o365 resources . – Nan Yu May 03 '17 at 06:05
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/143251/discussion-between-praveen-r-and-nan-yu-msft). – Praveen R May 03 '17 at 09:07