Getting Unauthorized access when using SPFX and ADAL.

Sunny Sohotra · ‎Jun 05 2017

I'm trying to call the Graph API from a client side web part. Currently, just trying to make a very simple call: https://graph.microsoft.com/v1.0/me?$select=displayName

What I can confirm so far:

I have a valid access token returned, able to print it to the console.
Using chrome browser, don't see issues in security zone as mentioned docs related to IE only.
Using adal-angular@1.0.14
Granted the following application permissions in AAD:
1. Sign in and read user profiles
2. Read and write access to user profiles
3. Read all users' basic profiles
4. Have full access to user files
5. Sign users in
6. Access user's data anytime

Expecting that this would work in Workbench, as I have seens others mention that it works. Since it is not https, maybe that has something to do with it?

Luis Mañez · ‎Jun 06 2017

That scenario is not an easy one, and MS is working in some kind of spHttpGraphClient to allow it.

I didn't succeed with AdalAngular. The most far I got was using Hello.js and this sample: https://github.com/SharePoint/sp-dev-fx-webparts/tree/dev/samples/angular-msgraph
However, the sample is using Azure AD V2 endpoint, and if you registered your App using Azure portal, it needs the V1 endpoint, but you can change that in the "aad.js" file, with the auth and grant endpoint URLs (you can get the URLs from Azure portal, something like: https://login.windows.net/common/oauth2/authorize).

Anyway, although I made it work, I've never used it in a production scenario, and I saw some issues with the renegotiation of the token once it expires...

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Getting Unauthorized access when using SPFX and ADAL.

Getting Unauthorized access when using SPFX and ADAL.

Re: Getting Unauthorized access when using SPFX and ADAL.