ADAL JS is a library which allows to write javascript code which interacts with Azure AD via MS Graph API. It uses OAuth2 flow for authenticating user against Azure AD and getting access token which then can be used for using Graph API. Samples and prerequisites for using ADAL JS are available on its GitHub page. Briefly you need to create new app in Azure AD (Azure portal > Active directory > Applications) and then update its app manifest to change oauth2AllowImplicitFlow property from default false value to true (see e.g. Azure AD OAuth2 implicit grant). But when you will try to launch the code you may get various AADSTS* errors. One of them is:
AADSTS65001: The user or administrator has not consented to use the application with ID '…'. Send an interactive authorization request for this user and resource
If you encountered with this error go to Azure AD app configuration page and set Delegated permission like shown on the picture below for scenario when we need to list O365 groups where user is a member (you will need to choose permissions appropriate for your case of course):
After that error should disappear.
No comments:
Post a Comment