none
How to authorize App for Outlook Add-in RRS feed

  • Question

  • Hi there,

    Sorry for the newbie question. This is the first time that we're creating an Office Add-in so please bear with me.

    I'm creating an Outlook Add-in for my organization and need to allow users to connect to our web app (not hosted on Azure) directly from the add-in. This is similar to what DocuSign or Xero enables from their add-in. I've been having a hard time navigating through the available documentation and not quite sure what the best practices are or how to do this. For the most part, I've gathered that we need to authenticate via OAuth through a pop-up and establish a socket connection...or not.

    Also, do we need to register our web app with Azure AD to do this? Seems to be some inconsistencies in the documentation on this. Please advise. 

    thanks!

    -clfryan

     

       

    Saturday, March 5, 2016 2:07 AM

Answers

  • Hi clfryan,

    >> do we need to register our web app with Azure AD to do this?

    If you don’t need to access resource that needs the token (e.g. outlook, OneDrive), you don’t need to that.

    If you just need to access the resource of your server through your web app, you could achieve that through OAuth pattern. For example, send a request to your server to get Authorization code, then base on this code to get access token for specific resource, after that based on this token to request the resource. (this data could be store in your database)

    Regards

    Starain


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, March 7, 2016 8:58 AM
    Moderator

All replies

  • Hi clfryan,

    >> do we need to register our web app with Azure AD to do this?

    If you don’t need to access resource that needs the token (e.g. outlook, OneDrive), you don’t need to that.

    If you just need to access the resource of your server through your web app, you could achieve that through OAuth pattern. For example, send a request to your server to get Authorization code, then base on this code to get access token for specific resource, after that based on this token to request the resource. (this data could be store in your database)

    Regards

    Starain


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, March 7, 2016 8:58 AM
    Moderator
  • Hi Starain

    Thanks for the quick reply. We will eventually like to access data from Outlook and OneDrive, so sounds like we do need to register our web app with AAD.

    Also, would you happen to know recommendations on how the Add-in should determine when the access token is available? I've seen web sockets and long-polling as different approaches to this, but not sure which is preferred. 

    Thanks again for your help

    -clfryan

    Monday, March 7, 2016 7:27 PM
  • Hi clfryan,

    The token has the expire time, you could check the response data after you request Access Token. If Access Token expired and we use it to request the resource, It will returns a 401 access denied (invalid token), then we could use refresh token to get a new access token and retry the request.

    On the other hand, I'd suggest asking separate questions in new forum threads. Thus, forum readers may recognize questions and answers easily.

    Regards

    Starain


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, March 8, 2016 5:06 AM
    Moderator