I am new to Azure and Office Add in. I want to migrate one of my Office add in authentication mechanism. currently the authentication is implemented using Office-JS-helpers. I want to replace this library with any other alternative. Could anyone share the best way to migrate.
Application : Office Add in (Word and Outlook)
Add in is written using React 16+ version
App hosted on service fabric in azure
Authentication enabled using Azure AD
Note : I am Looking for SSO Authentication mechanism.
The Overview of authentication and authorization in Office Add-ins section in MSDN explains how to build and configure Office Add-ins to successfully implement authentication and authorization. You are interested in the following - Enable single sign-on (SSO) in an Office Add-in.
Related
Is there a way to use Sharepoint Framework Client side Webpart to use on classic Sharepoint Page ? I want to use Graph API. and it looks like i can use that using SpFx (without Azure AD App) but wondering if SpFx webpart can be added on classic SharePoint page (Project Online).
Also, I do not want to create Azure AD App to acquire access token and then use Graph APIs.
It looks like I have only following options:
Option 1: Use SpFx to create Webpart to use Graph API without registering App to Azure
Option 2: Use Azure AD App to access graph api access token and then use that token hit APIs
Is there anything else i can do ? 😁
SPFx web parts can be added to both classic and modern pages. See here: SPFx web parts can be added to both classic and modern pages.
And by using SharePoint Framework, you don't need to explicitly create Azure Active Directory applications to manage your permissions for your solutions.istead, you can request the needed permissions in your solution package, and Microsoft 365 tenant administrator can then grant the requested permissions in general for all solutions or for this specific solution (isolated solution). Read this article for more: https://learn.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/get-started/using-microsoft-graph-apis
I am currently looking to connect ADFS with GLPI or Centreon , but I found that I can't because these two apps don't use SAML .
I am now focused on how can I connect GLPI or Centreon to Azure AD using Application Proxy to authenticate with tenant Azure AD account.
But after configuration I can't log in to the application itself ..
my main question is of GLPI or centreon are planned to work with Azure AD.
Has someone has worked on this kind of project? It will help me out to have more info.
Centreon doesn't manage Azure AD so far.
No enhancement is visible in the roadmap for this.
However, Centreon supports LemonLDAP::NG as a frontal.
There are 2 plugins available for GLPI that enable SAML authentication.
https://plugins.glpi-project.org/#/plugin/fpsaml
https://plugins.glpi-project.org/#/plugin/phpsaml
I struggled with fpsaml, the configuration was overly complex and required editing configuration files that could be overwritten IIRC. The plugin has not been updated in some time and it was last compatible with GLPI 9.1.3.
I ended up writing the phpsaml plugin using the Onelogin SAML Toolkit. Using phpsaml you can configure all SAML settings from the plugin configuration page. It is compatible up to GLPI 9.6.
You can find more info on github at
https://github.com/derricksmith/phpsaml.
I don't have previous experience in this kind of projects, but I know SAML is supported by GLPI as external auth.
You'll need to setup your apache (or whatever web server you're using to support it and GLPI config would be quite easy.
I am trying to run the application for my study on using microsoft graph rest api in outlook web add-in. I found this link.They have asked to Enable OAuth 2.0 implicit flow capability for the Azure AD application in the setup instructions. I would appreciate if you can help me with this. Additional links related to using microsoft graph API would be much appreciated. Thank you in advance
In terms of just enabling implicit flow on an Azure AD / Microsoft Graph application, you can do it in the App Registration portal.
After you login, look inside Platforms > Web, and check the Allow Implicit Flow button. If you don't see the Web platform, you can click Add platform and configure the app.
I am developing a office add-in.
This office Add-In is supposed to retrieve the term store from SharePoint.
By following this tutorial:
https://learn.microsoft.com/en-us/office/dev/add-ins/develop/create-sso-office-add-ins-aspnet
I managed to get an access token to be used for Graph api. However the Graph does not expose any way of getting the term store. Is there a way we can generate an access token to be used with SharePoint and maintain the SSO?
It might be possible by registering an Azure AD v1 app but I could not find any documentation describing that.
I have a similar requirement, but in my research I wasn't able to find a good solution for this scenario.
I think it is probably possible to use a provider hosted SharePoint add-in. And then use the Authorization Code flow for obtaining an access token. Since the SharePoint add-in is trusted it will not require user login.
Of course this does mean the add-in needs to be deployed in SharePoint. If your Office add-in is distributed through the store this isn't really a great solution.
Hopefully there are other ways of achieving the same.
You could call SharePoint Online APIs (via REST or CSOM) with Azure Active Directory Apps. To call APIs secured by Azure AD, your app must acquire an access token from Azure Active Directory.
Please first refer to this document for integrating applications with Azure Active Directory. Then use Azure Active Directory Authentication Library (ADAL) to easily authenticate users to cloud or on-premises Active Directory (AD), and obtain access tokens for securing API calls.
Scenario: I need to configure a WPF application to send credentials from integrated security to an ADFS server and receive tokens back. I can't find guides describing in detail how to do this. The focus seems to be on web applications, web services, & WCF.
What are the steps to configure a WPF client? Is it possible to setup through a config file the same way a web app is configured?
You want to implement an Active WS-Trust scenario. Follow Lab 4 - Federation with ADFS with "active" clients" from here: http://claimsid.codeplex.com/releases/view/68061 .
If you chose to call ADFS manually to get tokens follow WIF, ADFS 2 and WCF Article Series by Dominick Baier here: http://leastprivilege.com/2010/10/14/wif-adfs-2-and-wcfpart-5-service-client-more-flexibility-with-wstrustchannelfactory/
Both of those resources have helped me to implement Active WIF Scenario.