How to get users from azure active directory to azure function

0
votes

I am developing a server less application using azure functions using Node js. Function app auth via azure active directory. My scenario is I want to get particular user data ex(email,username etc) by using his email or username during execution of one of http trigger function. There are several options that I already checked (ad and activedirectory libraries. These library seems not updated and I want to know is there any way to do this by using azure's Node Js SDK?

I am seeking a solution for without JWT. because, when 'function' need to get some user information function doesn't have any token.here user data requested by the function app not the user.Hence user data only use by the function app those info not exposed to user.

for Example: We can get user data by 'querying' user table when we need to get user data inside of some application running MySQL. If we specify email we can query.

I am asking same thing by using azure active directory.

1
node.jsazureauthenticationazure-active-directoryazure-functions
Do you understand the meaning of without any token ? It means the data is publically available to anyone. AAD doesn't work like that. You need to pass an identifier. In your case you can pass your App Id after registering your App in the AAD.Geek
I am sorry.Edited the question Yes. I have to pass identification. I have registered my app in AD then?ireshan pathirana
Create an Application for yourself in AAD. Register that App with AAD account. Whitelist this App on the tenant to read client information. Use this Apps identifier to read user information.Geek
Thank you very much @Geek for your time.ireshan pathirana

1 Answers

3
votes

You can get the access token using client credential flow(not related to specific user) in your function. 

const APP_ID = '[COPIED_APP_ID]';
const APP_SECERET = '[COPIED_APP_SECRET]';
const TOKEN_ENDPOINT ='https://login.microsoftonline.com/[COPIED_TENANT_ID]/oauth2/v2.0/token';
const MS_GRAPH_SCOPE = 'https://graph.microsoft.com/.default';

const axios = require('axios');
const qs = require('qs');

const postData = {
  client_id: APP_ID,
  scope: MS_GRAPH_SCOPE,
  client_secret: APP_SECERET,
  grant_type: 'client_credentials'
};

axios.defaults.headers.post['Content-Type'] =
  'application/x-www-form-urlencoded';

let token = '';

axios
  .post(TOKEN_ENDPOINT, qs.stringify(postData))
  .then(response => {
    console.log(response.data);
  })
  .catch(error => {
    console.log(error);
  });

Reference:

HOW TO — Get an Access Token for Microsoft Graph API using Node.JS

Then you can use this token to call Microsoft Graph API.

enter image description here