Forum Discussion
Is it possible to access Dataverse and Microsoft Graph api by single token using AAD auth?
Hi micheleariis
Actually, If I give scope like that way- scope: 'openid profile email offline_access Mail.Send $orgUrl/user_impersonation', then generated toen working for sending mail but not working for dataverse access. Or If I do this way - 'openid profile email offline_access $orgUrl/user_impersonation Mail.Send ' then it's working for dataverse but not for sending mail.
surigaurav179 Got your case 🙂 Azure AD allows you to use one token for only one resource at a time. To access both Microsoft Graph and Dataverse, you will need to request two separate tokens.
Hi micheleariis
When I am trying to make an API call to generate a token then getting CORS issue. Here is the code Future<String?> getAccessToken() async {
final String tenantId =
''; // Your Azure tenant ID
final String clientId =
''; // Your Azure application client ID
final String clientSecret =
''; // Your Azure application client secret
final String scope =
'https://graph.microsoft.com/.default'; // Use .default to request all permissions granted
final String tokenEndpoint =
'https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token';final response = await http.post(
Uri.parse(tokenEndpoint),
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Access-Control-Allow-Origin': "https://abc.in/",
'Access-Control-Allow-Credentials': "true",
'Access-Control-Allow-Methods': 'POST,OPTIONS',
'Access-Control-Allow-Headers': 'X-PINGOTHER, Content-Type',
'Access-Control-Max-Age': '86400'
},
body: {
'client_id': clientId,
'client_secret': clientSecret,
'grant_type': 'client_credentials', // Use client credentials flow
'scope': scope,
},
);if (response.statusCode == 200) {
final Map<String, dynamic> tokenResponse = jsonDecode(response.body);
print('tokenResponse==$tokenResponse');
return tokenResponse['access_token'];
} else {
print('Failed to generate token: ${response.body}');
return null;
}
}- Hi, have you considered that to solve the CORS problem and securely obtain access tokens in your Flutter web app, you could avoid using the client credentials flow and include the client secret in the client code? Instead, you could implement the authorization code flow with PKCE using an appropriate authentication library.
In flutter web app i am using this library aad_oauth to generate auth token. But I am trying to generate a separate access token for Graph api, through http request at this time getting CORS issue.