Proper Authentication for Outlook Add in using Microsoft Graph

0
votes

I'm trying to get familiar with Microsoft Graph API. I would like to create an Outlook Calendar add-in using the graph API. However, all of the articles I have read all seem to use the OAuth 2.0 model which requires manual sign in of the user. An add-in though, should not require a sign in by the user. If you are already using outlook, you should not have to authenticate manually in order to use the add-in. Can anyone suggest the correct authentication method for add-ins that still uses the Graph API?

I have read through this doc which appears to cover the entire scope of application types and their authentication method, but does not include add-ins. Is that because add-ins should not use Graph API?

1
azureoffice365office365apimicrosoft-graph-apioffice365-restapi

1 Answers

0
votes

At present, the Office add-in api is not able to provide the access token(it provides idToken and callback token) for the Microsoft Graph automatically. We still need to authenticate the user manually.

But we can call the EWS service directly in the Mail add-in. You may consider using the EWS to see whether it is helpful for your business.

Or you can use the client credential flow that could get the app-only token which doesn't need the users to interact in the authentication process.