none
Outlook WebApp - Token based Authentication with Exchange Server 2013 RRS feed

  • Question

  • Hi,

    I am using Exchange Web Service(EWS) API for some of Exchange related operations in outlook web Addin(Angular based). Can I pass Exchange Identity token in AddIn to Exchange Server through EWS  instead of using impersonation or passing user credentials?  Is Token based Authentication supported in with Exchange Server 2013? I

    Thanks,

    Raghav

    Wednesday, November 29, 2017 4:49 AM

All replies

  • Hello,

    According to Authentication options in Outlook add-ins:

    Exchange user identity tokens provide a way for your add-in to establish the identity of the user. By verifying the user's identity, you can then perform a one-time authentication into your back-end system, then accept the user identity token as an authorization for future requests. Consider using user identity tokens if your add-in:

    • Is used primarily by Exchange on-premises users
    • Needs access to a non-Microsoft service that you control

    You could use getUserIdentityTokenAsync method to obtain the Exchange user identity token. Please visit Authenticate a user with an identity token for Exchange for detail information.

    Regards,

    Celeste


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, November 30, 2017 2:25 AM
    Moderator
  • Thanks for the reply. Can I use Exchange user identity token fetched through getUserIdentityTokenAsync method  and pass it to another application API(ASP.NET webAPI)  to connect to Exchange server 2013 through EWS? Currently I am using service account to impersonate users to connect to EWS and perform Exchange related operations .

    I am looking at the options of using Token based authentication with Exchange server 2013 as there are concerns with impersonation. 

    Regards,

    Raghav

    Friday, December 1, 2017 9:41 AM
  • Hi Raghav,

    >> Can I pass Exchange Identity token in AddIn to Exchange Server through EWS  instead of using impersonation or passing user credentials?  Is Token based Authentication supported in with Exchange Server 2013?

    For EWS client, it is usually passing user credentials.

    For token-based, EWS api could use OAuth. But, OAuth authentication for EWS is only available in Exchange as part of Office 365.

    # How to: Authenticate an EWS application by using OAuth

    https://msdn.microsoft.com/EN-US/library/office/dn903761(v=exchg.150).aspx

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, December 4, 2017 5:58 AM