Forum Discussion

shakila_jayarathne's avatar
shakila_jayarathne
Copper Contributor
Aug 04, 2020

Getting User based bearer token

How can i create a user based bearer token using username of the user.

I created it following way. But for that it needs user password. i need to do it using only user name.

 

           

private string GetUserAccessToken()
        {
            string clientId = "XXXX";
            string appKey = "XXXX";
            string tenantId = "XXXX";

            string accessToken = string.Empty;
            string apiEndpoint = "https://login.microsoftonline.com/" + tenantId + "/oauth2/v2.0/token";
            WebRequest accessTokenRequest = WebRequest.Create(apiEndpoint);
            accessTokenRequest.Method = "POST";
            accessTokenRequest.ContentType = "application/x-www-form-urlencoded";

            string requestParams = "grant_type=password&client_id=" + clientId + "&client_secret=" + appKey + "&scope=https://graph.microsoft.com/.default" + "&userName=XXXX&password=XXXX";
            byte[] byteArray = Encoding.UTF8.GetBytes(requestParams);
            accessTokenRequest.ContentLength = byteArray.Length;
            Stream dataStream = accessTokenRequest.GetRequestStream();
            dataStream.Write(byteArray, 0, byteArray.Length);
            dataStream.Close();
            using (WebResponse response = accessTokenRequest.GetResponse())
            {
                string json = string.Empty;
                using (StreamReader reader = new StreamReader(response.GetResponseStream()))
                {
                    json = reader.ReadToEnd();
                }
                O365AccessTokenModel accessTokenModel = JsonConvert.DeserializeObject<O365AccessTokenModel>(json);
                accessToken = accessTokenModel.access_token;
            }
            return accessToken;
        }

 

But i need to do it without password. is there ant possible way to do it.

  • MrCoups's avatar
    MrCoups
    Copper Contributor

    shakila_jayarathne you can't, the OAuth model doesn't allow you to interact with the API without providing valid credentials. A client ID and secret would be used for an app connecting to the service on behalf of the browsing user. Can I ask what you are trying to achieve?

    • shakila_jayarathne's avatar
      shakila_jayarathne
      Copper Contributor

      MrCoups 

       

      I'm trying to call this "https://graph.microsoft.com/v1.0/me/onlineMeetings" api. To call this, i need user based bearer token.

       

      Here is reference "https://docs.microsoft.com/en-us/graph/api/application-post-onlinemeetings?view=graph-rest-1.0&tabs=http"

       

      Here is what i try

       

      private string AddOnlineMeeting(string accessToken,string meetingName)
      {

      string webUrl = string.Empty;
      try
      {
      var data = new
      {
      startDateTime = "2020-07-13T14:30:34.2444915-07:00",
      endDateTime = "2020-07-14T14:30:34.2444915-07:00",
      subject = meetingName
      };

      var serializer = new JavaScriptSerializer();
      var json = serializer.Serialize(data);

      WebRequest createGroupRequest = WebRequest.Create("https://graph.microsoft.com/v1.0/me/onlineMeetings");

      createGroupRequest.Method = "POST";
      createGroupRequest.ContentType = "application/json";
      createGroupRequest.Headers.Add("Authorization", "Bearer " + accessToken);
      byte[] byteArray = Encoding.UTF8.GetBytes(json);
      createGroupRequest.ContentLength = byteArray.Length;
      Stream dataStream = createGroupRequest.GetRequestStream();
      dataStream.Write(byteArray, 0, byteArray.Length);
      dataStream.Close();

      using (WebResponse response = createGroupRequest.GetResponse())
      {
      string jsonR = string.Empty;
      using (StreamReader reader = new StreamReader(response.GetResponseStream()))
      {
      jsonR = reader.ReadToEnd();
      }

      CreateMeetingResponse meetingRes = JsonConvert.DeserializeObject<CreateMeetingResponse>(jsonR);
      webUrl = meetingRes.joinWebUrl;
      }
      }
      catch(Exception ex)
      {

      }

      return webUrl;
      }

Resources