I am trying to remove dependence on adal.js and adal-angular.js from my project as the CMS I am using already provides support Azure authentication.
I did a bit of work to update the login provider to v2.0:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
https://login.microsoftonline.com/common/oauth2/v2.0/token
This allowed me to leverage Graph API. While I can access OneNote notebooks:
https://graph.microsoft.com/beta/me/onenote/notebooks
I find myself lacking the ability to distinguish between personal, class and staff notebooks.
https://www.onenote.com/api/v1.0/me/notes/classnotebooks
https://www.onenote.com/api/v1.0/me/notes/staffnotebooks
I am also lacking the ability to see/manage members (teachers, students, leaders, members respectively).
Prior to the update, I used an angular code example to test OneNote API and integration. But the main issue was that I had to use adal to obtain an access token. In other words, the user was forced to log in a second time despite already being signed in in order to use OneNote component. And I was hoping to do away with this extra step.
As per title, I am looking for a way to use the access/refresh token(s) obtained from Azure v2.0 auth process to silently exchange/obtain OneNote access token.
Is it even possible? And if not is there a more user-friendly workaround?
Reference:
Link to Graph OneNote endpoin
Link to OneNote ClassNotebooks endpoint
Link to OneNote StaffNotebooks endpoint
I am looking at this and think to myself why was the OneNote API not working for me before I switched to Azure v2.0? I have the right scopes too Notes.Read and Notes.Create.
ps: If I had all the necessary endpoints in Graph OneNote API I would not bother with OneNote API.
pss: In case this is of importance the front end is implemented using AngularJS which in turn leverages Graph API using Web API framework.
psss: To get a better idea of what I am talking about here a link to Graph Explorer
Sorry but the OneNote ClassNotebooks and StaffNotebooks endpoints are not yet supported in Microsoft Graph. But it is in the plans, so we will let you know when it is ready
Also, currently it is not possible to use the Azure v2.0 token for OneNote API endpoints.
Related
I am using the Docusign Authorization Code example (https://github.com/docusign/code-examples-csharp) to create a C# application connected to Docusign (which is already configured with our Single Sign On).
I also have another Azure App Registration to invoke my Custom API from Azure and I need to successfully get a token to invoke it.
I have successfully used MSAL javascript to invoke the custom API.
However, I am not sure if this is the safest or should i go with MSAL.NET (to do everything server side).
Anyone got ideas how to incorporate this additional MSAL.Net auth to my existing Docusign based C# code.
Thanks in advance !
I think both MSAL js, and MASL.NET are secure, but there are some limitations to what you can do with the former. If all you need is a token to invoke an API - you should be good, but Microsoft support more things that you may need the server side code for.
This article has a table that tells you all the different authentication flows Microsoft supports, and the different features each of them supports.
I read the OneNote Api Documentation https://dev.onenote.com/docs
But I don´t understand how to make a request to the OneNote API with c# web application in order to get all the pages in my OneNote.
I already got the Application Id, Application Secret Id and Redirect URL, but i don´t know where do I have to use them, because I have never done and http request and the documentation only provide the following: https://www.onenote.com/api/v1.0/me/notes/pages, so I don´t know how to send the id´s, redirect url and Authorization: Bearer.
Could you provide me the specific code to get a successful connection to OneNote API using Application Id, Application Secret Id and Redirect URL.
And the code structure to make a http request in order to get all the pages, notebooks, etc
I would appreciate if you could help me with this.
I would recommend using Microsoft Graph instead of the standalone OneNote API. Microsoft Graph includes support for OneNote. There is also an SDK for .NET available. There are also code samples for ASP.NET, UWP and Xamarin.
Before you can use the Graph API (or most any REST API for that matter), you will need to obtain an authorization token (i.e. the bearer token you referred to in your question). There are libraries available for simplifying this process. Behind the scenes, these libraries are executing an OAUTH 2.0 flow. You can read about what is going on under the covers here.
I believe the link they have on the OneNote Dev page is broken. The team has put together a public repository that contains a bunch of sample code in a myriad of languages including C#.
This is the main repo
Web API (ASP.NET Core) Repo
I believe the easiest way to understand these concepts is to look at sample code that does authentication. I recommend this sample:
https://github.com/OneNoteDev/MsGraph_OneNoteApiSampleAspNetCore
Btw - the demo is here: https://onenoteapisamplegraph.azurewebsites.net
Thank you everyone I have Checked all the links that you provided me and they were very useful, I did a connection to Microsoft Graph with the authorization token and I got access to my OneNote pages.
Thank you for your help.
We are in the process of rolling out a major application to members of staff, it has been setup to use Azure AD/SSO and we currently have to manually set each user to have access to the application through Azure AD -> Applications -> Users. We have a small c# web application that we use to manage AD users are looking to use the new Microsoft Graph API to set users to allowed access when they are created but can't find the correct endpoint/api call to use.
We have tried the following but the documentation/errors returned are quite lacking.
https://graph.microsoft.com/beta/servicePrincipals
https://graph.microsoft.com/beta/groups/{id}/members
Which endpoint/api call should we use to accomplish this?
It looks like you are looking to try and set appRoleAssignments. This is currently only exposed on the Microsoft Graph /beta version. The /beta documentation needs a little love and attention as you've discovered. However this pretty much should work as it does in AAD Graph (so you could reference the AAD Graph API reference), but with the different root of https://graph.microsoft.com/beta. This blog post also has some examples https://blogs.msdn.microsoft.com/aadgraphteam/2014/12/12/announcing-the-new-version-of-graph-api-api-version1-5/.
Are there any specific challenges that you are facing? What operations and errors are you seeing?
Hope this helps,
It's unclear to me how I can do an API request to retrieve data for the YouTube API.
I used this code (http://zavitax.wordpress.com/2012/12/17/logging-in-with-google-service-account-in-c-jwt/) to get an access token. The next step is: https://developers.google.com/youtube/v3/guides/authentication?hl=en#OAuth2_Calling_a_Google_API. I don't know how to use www.googleapis.com/youtube/v3/video?access_token=ACCESS_TOKEN in my application to retrieve data. How can I use my access token to request data from the API?
The recommendation is to use the Google APIs Client Library for .NET. As the webpage for the client library states, it's still undergoing active development and isn't as far along as the client libraries for some of the other languages. It still should be usable, though.
There are specific generated classes to use with the YouTube Analytics API and the YouTube Data API v3. You'll need to download those
Our C# sample code is unfortunately scarce, but there is one example of doing a video search. Hopefully that is enough to get you started.
To do anything with the Analytics API, and any write operations with the Data API, you'll need to be authenticated with OAuth 2. There's an explanation of how to do that in the client library docs.
The client library is maintained by a team within Google, but it's not the YouTube API team, so the best way to follow up with the maintainers with any issues you find is to use the public issue tracker.
Does anyone have any examples or advice for how to go about using oAuth to provide the authentication mechanism for an API that should be publicly exposed?
Specifically I'm talking about being an oAuth provider for my own API, not integrating or authenticating with anyone else's API.
For example, I wish to be able to issue API keys to developers that they can use to authenticate and access my API, much in the same way Flickr does, and as far as I believe oAuth can support this, but I'm not sure how the solution would be structured?
It appears that DotNetOpenAuth has an example by the way of the OAuthSeviceProvider project in the Samples folder included in the distribution. It's written in WinForms and isn't cleanly written but definitely serves as a good starting point.