asp.net-coreauthenticationmicrosoft-graph-apimicrosoft-graph-sdksmicrosoft-graph-calendar
How to authenticate microsoft graph api?
Am trying to configure the graphseviceclient to get the outlook calendar events of other user in the same organization.Here am using the below code in program.cs,
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Identity.Web;
using Microsoft.OpenApi.Models;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi()
.AddMicrosoftGraph(builder.Configuration.GetSection("MicrosoftGraph"))
.AddInMemoryTokenCaches();
builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Title = "OutlookEvents",
Version = "v1"
});
c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows()
{
Implicit = new OpenApiOAuthFlow()
{
AuthorizationUrl = new Uri("xxx"),
TokenUrl = new Uri("xxx"),
Scopes = new Dictionary<string, string>
{
{
"api://xxx/xxx",
"xxx"
}
}
}
}
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement() {
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "oauth2"
},
Scheme = "oauth2",
Name = "oauth2",
In = ParameterLocation.Header
},
new List < string > ()
}});
});
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "OutlookEvents v1");
c.OAuthClientId("xxx");
c.OAuthClientSecret("xxx");
c.OAuthUseBasicAuthenticationWithAccessCodeGrant();
});
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
and my appssettings.json looks like this,
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "xxx.com",
"TenantId": "xxx",
"ClientId": "xxx",
"Scopes": "access_as_user",
"CallbackPath": "/signin-oidc",
"ClientSecret": "Client secret from app-registration. Check user secrets/azure portal.",
"ClientCertificates": []
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"MicrosoftGraph": {
"BaseUrl": "https://graph.microsoft.com/v1.0",
"Scopes": [
"user.read",
"Calendars.Read",
"Calendars.ReadWrite",
"User.Read.All",
"User.ReadWrite.All",
"Application.Read.All",
"Profile"
]
}
}
But still am not getting the other user details,may be there is a problem with generation of token.
I need to get valid token with proper scopes.
Solution
this is the graph api for getting user calendar events.
Since you want to use this api in a web api application and query other users' calendar events, you should use client credential flow for providing authorization and this flow is used for daemon app like console app or web api app. So you need to give application type of api permission Calendars.Read, Calendars.ReadWrite.
Then use this code in your controller:
using Microsoft.Graph;
using Azure.Identity;
var scopes = new[] { "https://graph.microsoft.com/.default" };
var tenantId = "tenant_name.onmicrosoft.com";
var clientId = "aad_app_id";
var clientSecret = "client_secret";
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var events = await graphClient.Users["[email protected]"].Calendar.Events.Request().GetAsync();
- How to pass js function argument to inline c# in cshtml?
- Blazor: Implementing 404 not found page
- How to tell when a self-hosted ASP.NET Core application is ready to receive requests?
- What kind of commands/queries can be created with MediatR?
- C# HttpRequestMessage - Host ignores the Content-Type Header I send it and complains that I am sending the wrong Content Type
- User.Identity.IsAuthenticated is false in a non-auth methods after successful login in asp.net core
- InvalidOperationException: Cannot find compilation library location for package 'System.Security.Cryptography.Pkcs'
- How to validate uploaded files in ASP.Net MVC
- .Net Core [Authorize] - Or instead of And for permission test
- NSwag produces incorrect output for IFromFile in Minimal API when file parameter is wrapped in model class
- Get individual error messages from modelstate
- Property Injection in ASP.NET Core
- ASP.NET Core 3.1 Azure AD Authentication throws OptionsValidationException
- Confirm form resubmission - ASP.NET 5 MVC
- Serialise HTML Form with time/text input type and validation of time fields
- How to show loading progress while wasm part being loaded (.NET 8, no pre-render)
- How to merge multiple arrays from ASP.Net Core configuration files?
- ASP.NET Core EF Identity Roles while using JWT Bearer Scheme
- Pass the selected value of a dropdown in to a URL.Action so that a modal form is displayed on a button click
- Why I am getting Cascade delete cycle error when updating the database
- To have different session timeout for different users
- How to setup a beta versioning in Swagger endpoint?
- Is there a way to have dynamic regex strings in a RegularExpression attribute?
- Is there a way to have the Identity Library cookies be tied to the root domain?
- How to access Microsoft.AspNetCore.Routing namespace
- What is the difference between regular and Async methods (OnGet vs OnGetAsync)
- Changing property in Razor @ref component does not update its usage in HTML element
- Visual Studio Project doesn't load after changing folder name
- Web Push via Azure Notification Hubs: JSON value could not be converted to Microsoft.NotificationHubs.Contracts.LegacyModels.BrowserPushSubscription
- Unable to create new .NET Core projects in Visual Studio