Forum Discussion
Solved
JSOM - Access Web API secured with Azure AD
Any sample code on how to access an Azure AD secured web api from JSOM? I have see the samples with ADAL and those are mostly SPA applications. I want to access this from a script embedded in a scrip...
- This is something that will not work as you expect. ADAL relies on that the domains SharePoint site, your web API, (ADFS, ) as well as the login.windows.net are all in the same zone (for internet explorer). This is most often not the case. Users want SharePoint domains etc to be in the intranet zone so that you get the single-sign-on experience with ADFS, Open with Explorer and other, and you do not want login.windows.net to be in the intranet zone, since that will in the end require you to have all Microsoft sites/services in the intranet zone. So, at the moment there is not way to get it to work properly. Unless you can assume all users use Chrome, they don't want SSO and they don't use Open With Explorer.
This is something that will not work as you expect. ADAL relies on that the domains SharePoint site, your web API, (ADFS, ) as well as the login.windows.net are all in the same zone (for internet explorer). This is most often not the case. Users want SharePoint domains etc to be in the intranet zone so that you get the single-sign-on experience with ADFS, Open with Explorer and other, and you do not want login.windows.net to be in the intranet zone, since that will in the end require you to have all Microsoft sites/services in the intranet zone. So, at the moment there is not way to get it to work properly. Unless you can assume all users use Chrome, they don't want SSO and they don't use Open With Explorer.
Thanks Wictor for the response. This is a real pain when migrating on-prem solutions which require integrations to on-prem systems. Not all wants to maintain an on-prem SharePoint server or use additional Azure paid services :)