I am trying to use ucwa by authenticating users with Azure ID. I have tried to follow these informations : Authentication using Azure AD
Some steps didn't function verry well but I managed to get the application ressource link after resending an autodiscovery request with the bearer token.
The bearer token works when I send a get request to https://webdir1e.online.lync.com/autodiscover/autodiscoverservice.svc/root/oauth/user. So I receive a answer like this one :
HTTP/1.1 200 OK
{
"_links":{
"self":{"href":"https://webdirX.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user"},
"applications":{"href":"https://webpoolXY.infra.lync.com/ucwa/oauth/v1/applications"}
}
}
So I try to do a post request like this one :
POST https://webpoolXY.infra.lync.com/ucwa/oauth/v1/applications HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer <access-token>
...
{
"UserAgent":"UCWA Samples",
"EndpointId":"a917c6f4-976c-4cf3-847d-cdfffa28ccdf",
"Culture":"en-US",
}
But I have a 403 Forbidden answer, with
X-Ms-diagnostics:28055;source="DB41E07FES15.infra.lync.com";reason="The OAuth token is invalid.";faultcode="wsse:FailedAuthentication"
I use the same Bearer access-token for this request. Am I supposed to get a new token ?
Yes, you'll need to get a new token to access the applications resource before you can successfully POST to it.
In your example, pass https://webpoolXY.infra.lync.com/ as the resource to Azure AD and use the resulting token to perform your POST request.
I've created a C#-based sample application that performs UCWA Autodiscovery along with application creation, meeting create/list/delete, and presence management you can take a look at as a reference.