Hi Vivekananthan/Thulasika, In this typical OAUTH flow you mentioned, there is an user interaction.
But for SAAS app use cases MS has provided Admin Consent to access the api. IMO we should have both the options in our connectors. [1] https://blogs.msdn.microsoft.com/exchangedev/2014/06/05/managing-user-consent-for-applications-using-office-365-apis/ [2] https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks [3] https://msdn.microsoft.com/en-us/library/office/dn707383.aspx On Thu, Mar 17, 2016 at 1:00 AM, Vivekananthan Sivanayagam < [email protected]> wrote: > Hi All, > > I am going to implement a connector for Microsoft office Outllook Mail, > for that I did a research on authentication part first and I have shared > below what I understood during the initial research. > > The Office 365 API[1] services use Azure Active Directory (Azure AD) to > provide secure authentication to users' Office 365 data. To access the > Office 365 APIs, we need to register our app with Azure AD[2]. At run time, > created app can continue to use Azure AD and OAuth to authenticate > application requests[3]. > > Authorization Code Grant Flow Diagram > > [image: Inline image 1] > > 1. The client application starts the flow by redirecting the user > agent to the Azure AD authorization endpoint. The user authenticates and > consents, if consent is required. > 2. The Azure AD authorization endpoint redirects the user agent back > to the client application with an authorization code. The user agent > returns authorization code to the client application’s redirect URI. > 3. The client application requests an access token from the Azure AD > token issuance endpoint. It presents the authorization code to prove that > the user has consented. > 4. The Azure AD token issuance endpoint returns an access token and a > refresh token. The refresh token can be used to request additional access > tokens. > 5. The client application uses the access token to authenticate to the > Web API. > 6. After authenticating the client application, the web API returns > the requested data [4]. > > [1] > https://msdn.microsoft.com/en-us/office/office365/howto/rest-api-overview > <https://msdn.microsoft.com/en-us/office/office365/howto/rest-api-overview> > [2] > https://azure.microsoft.com/en-us/documentation/articles/active-directory-integrating-applications/#BKMK_Native > [3] https://msdn.microsoft.com/en-us/library/azure/dn645543.aspx > <https://msdn.microsoft.com/en-us/library/azure/dn645543.aspx> > [4] https://www.youtube.com/watch?v=TjuJE7Zc1Qk > > > > > *Thank youVivekananthan Sivanayagam* > > *Associate Software Engineer | WSO2* > > *E:[email protected] <e%[email protected]>* > *M:+94752786138 <%2B94752786138>* > -- Best Regards, Malaka Silva Senior Tech Lead M: +94 777 219 791 Tel : 94 11 214 5345 Fax :94 11 2145300 Skype : malaka.sampath.silva LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 Blog : http://mrmalakasilva.blogspot.com/ WSO2, Inc. lean . enterprise . middleware http://www.wso2.com/ http://www.wso2.com/about/team/malaka-silva/ <http://wso2.com/about/team/malaka-silva/> https://store.wso2.com/store/ Save a tree -Conserve nature & Save the world for your future. Print this email only if it is absolutely necessary.
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
