Add support for MS Graph to getCallbackTokenAsync in office-js Outlook API

Add support for MS Graph to getCallbackTokenAsync in office-js Outlook API



 Apr 19 2021
2 Comments (2 New)

The office-js API for add-ins provides a method to get a token that can be used for authorization on EWS or Outlook REST API calls - getCallbackTokenAsync.


This integration is convenient for add-ins looking to utilize these APIs to obtain more information for the add-in about current email. It avoids forcing additional UI interaction onto the user to authenticate, especially since they will be using the add-in from an already signed in location so a second sign in may create confusion (OWA, Outlook Desktop).


Request is to add support for generating tokens that can be used to call MS Graph to this method. Currently to achieve the same UI less authorization you would need to follow the SSO implementation instructions of creating a server that can obtain the authorization token for MS Graph when passed the access token the add-in can retrieve. However this adds additional technical overhead and complexity for an add-in used across multiple organizations as it would be necessary to create infrastructure for users to register and manage the client secret with the server once they configure the Azure application. It would be convenient to instead supports an 'isMsGraph' flag on getCallbackTokenAsync, the add-in then proceeding to issue Graph API calls.

Brass Contributor

Graph has access to other/more/different Event attributes than the JS API does so this would give people a quick way to work around the JS API limitations.  This would possibly also address some security issues where App Registration permissions are not granular enough but getting an Impersonation token would inherit user-level permissions.

Copper Contributor

This is the very same thing I would like to achieve. The additional technical overhead/complexity is something we would like to avoid. We just want to keep it simple. @Christian175 any updates from microsoft? Thanks.