Abstract image of a woman sitting on books and studying on a laptop

O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azure AD - Waldek Mastykarz

NCCOMMS, profile picture
NCCOMMS

This document discusses securing APIs with Azure Active Directory (AD) authentication from SharePoint Framework (SPFx) solutions. It introduces the AadHttpClient SDK that can be used to call APIs secured with Azure AD without dealing with OAuth flows directly. The SDK handles retrieving access tokens automatically based on the permissions configured for the calling web part in the Azure AD tenant. The document provides an overview of how AadHttpClient works and links to additional resources on setting up API permissions and enabling cross-origin resource sharing (CORS) for APIs.

Technology
Related topics:
Microsoft Teams Insights
1 of 13
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azure AD - Waldek Mastykarz
Connect SharePoint Framework solutions to APIs secured with Azure AD
Authenticationisdifficult
rencore.com Calling API secured with Azure AD prerequisites What is OAuth? Which flow do I need? Which type of Azure AD app to create? Which URLs to enter as Reply URLs? …but I don’t know where users will put my web part or extension Is there an SDK I can use? Does it work in TypeScript? What if I add another web part to the page? What if two web parts request token at the same time? … …so what do I enter in Reply URLs?
AadHttpClient 👍
rencore.com Calling API secured with Azure AD prerequisites What is OAuth? Which flow do I need? Which type of Azure AD app to create? Which URLs to enter as Reply URLs? …but I don’t know where users will put my web part or extension Is there an SDK I can use? Does it work in TypeScript? What if I add another web part to the page? What if two web parts request token at the same time? … …so what do I enter in Reply URLs?
It.Just.Works.
rencore.com Connect to Azure AD-secured APIs from SPFx without headaches Demo
rencore.com Connect to Azure AD-secured APIs using the AadHttpClient SharePoint Online Client-side web part Azure Active Directory "SharePoint Online Client“ Permissions - xyz Tenant administrator configures what scopes are available for the MSGraphClient and AadHttpClient by configuring permissions to specific pre-provisioned application in the Azure Active Directory. 1 3 2 Configured access tokens automatically included in the call with needed permissions Request access tokens from the Azure AD side for the used application Custom API
rencore.com • Use the AadHttpClient class to access Azure AD-secured APIs wldk.nl/spconnect01 • Don’t pass web part context into React components wldk.nl/spconnect02 • Enable CORS for your API wldk.nl/spconnect03 • Setup API permissions in your tenant wldk.nl/spconnect01 • Each piece of JavaScript can access approved APIs wldk.nl/spconnect04 • Setup API permissions without packages wldk.nl/spconnect05 • Additional configuration required for multi-tenant apps wldk.nl/spconnect06 • Isolated web parts wldk.nl/spconnect07 Takeaways
Waldek Mastykarz Head of Product SharePoint MVP https://blog.mastykarz.nl @waldekm
Secure. Modernize. Empower.
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azure AD - Waldek Mastykarz

More Related Content

PDF
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
NCCOMMS
 
PDF
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
NCCOMMS
 
PDF
SPUnite17 Who Are You and What Do You Want
NCCOMMS
 
PDF
SPUnite17 Introduction to Azure Web Applications
NCCOMMS
 
PPTX
Azure functions serverless
Udaiappa Ramachandran
 
PPTX
Building a document e-signing workflow with Azure Durable Functions
Joonas Westlin
 
PPTX
Azure Web Apps Advanced Security
Udaiappa Ramachandran
 
PPTX
ECS 2018: Introduction to Azure Web Applications
Eric Shupps
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
NCCOMMS
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
NCCOMMS
 
SPUnite17 Who Are You and What Do You Want
NCCOMMS
 
SPUnite17 Introduction to Azure Web Applications
NCCOMMS
 
Azure functions serverless
Udaiappa Ramachandran
 
Building a document e-signing workflow with Azure Durable Functions
Joonas Westlin
 
Azure Web Apps Advanced Security
Udaiappa Ramachandran
 
ECS 2018: Introduction to Azure Web Applications
Eric Shupps
 

What's hot (20)

PPTX
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Eric Shupps
 
PPTX
Windows azure active directory
Krunal Trivedi
 
PPTX
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
BlueMetalInc
 
PPTX
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Roy Kim
 
PPTX
Introduction to Azure Web Applications for Office and SharePoint Developers
Eric Shupps
 
PPTX
Windows Azure Active Directory
Pavel Revenkov
 
PPTX
Azure staticwebapps
Udaiappa Ramachandran
 
PDF
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
Eric Shupps
 
PPTX
Azure App Service Deep Dive
Azure Riyadh User Group
 
PPTX
Integrating your on-premises Active Directory with Azure and Office 365
nelmedia
 
PPTX
Building Apps for SharePoint 2013 by Andrew Connell - SPTechCon
SPTechCon
 
PPTX
Building Push Triggers for Logic Apps
BizTalk360
 
PPTX
Identity and o365 on Azure
Mostafa
 
PPTX
AAD with MVC App
Sasha Rosenbaum
 
PPTX
Securing SharePoint Apps with OAuth
Kashif Imran
 
PDF
O365Con18 - PowerApps build custom forms for SharePoint with Azure Maps - Bra...
NCCOMMS
 
PPTX
SharePoint and Office Development Workshop
Eric Shupps
 
PPTX
Logic apps and PowerApps - Integrate across your APIs
Sriram Hariharan
 
PPTX
Deep Dive Mobile Development with Office 365
Chakkaradeep Chandran
 
PPTX
Azure Bot Service
Azure Riyadh User Group
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Eric Shupps
 
Windows azure active directory
Krunal Trivedi
 
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
BlueMetalInc
 
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Roy Kim
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Eric Shupps
 
Windows Azure Active Directory
Pavel Revenkov
 
Azure staticwebapps
Udaiappa Ramachandran
 
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
Eric Shupps
 
Azure App Service Deep Dive
Azure Riyadh User Group
 
Integrating your on-premises Active Directory with Azure and Office 365
nelmedia
 
Building Apps for SharePoint 2013 by Andrew Connell - SPTechCon
SPTechCon
 
Building Push Triggers for Logic Apps
BizTalk360
 
Identity and o365 on Azure
Mostafa
 
AAD with MVC App
Sasha Rosenbaum
 
Securing SharePoint Apps with OAuth
Kashif Imran
 
O365Con18 - PowerApps build custom forms for SharePoint with Azure Maps - Bra...
NCCOMMS
 
SharePoint and Office Development Workshop
Eric Shupps
 
Logic apps and PowerApps - Integrate across your APIs
Sriram Hariharan
 
Deep Dive Mobile Development with Office 365
Chakkaradeep Chandran
 
Azure Bot Service
Azure Riyadh User Group
 
Ad

Similar to O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azure AD - Waldek Mastykarz (20)

PPTX
Connect SharePoint Framework solutions to APIs secured with Azure AD
BIWUG
 
PPTX
Developing Apps with Azure AD
SharePointRadi
 
PPTX
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
Jenkins NS
 
PPTX
SPFx Webinar Loading SharePoint data in a SPFx Webpart
Jenkins NS
 
PDF
Leveraging APIs from SharePoint Framework solutions
Dragan Panjkov
 
PPTX
SPConnect2014 Office 365 APIs
Wes Hackett
 
PDF
24032022 Zero Trust for Developers Pub.pdf
Tomasz Kopacz
 
PPTX
SharePoint Conference 2018 - APIs, APIs everywhere!
Sébastien Levert
 
PPTX
ECS 19 - Chris O'Brien - The hit list - Office 365 dev techniques you should ...
European Collaboration Summit
 
PPTX
APIs, APIs Everywhere!
BIWUG
 
PPTX
SharePoint Saturday Belgium 2018 - APIs, APIs everywhere!
Sébastien Levert
 
PPTX
Calling APIs with SharePoint Framework
Giuseppe Marchi
 
PPTX
Azure AD for browser-based application developers
Bob German
 
PPTX
Mastering Modern Authentication and Authorization Techniques for SharePoint, ...
Eric Shupps
 
PPTX
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
Vincent Biret
 
PPTX
Chris OBrien - Weaving Enterprise Solutions into Office Products
Chris O'Brien
 
PPTX
Deep dive into Salesforce Connected App
Dhanik Sahni
 
PPTX
Handling Cross-Domain calls & authentication in SharePoint 2013
BIWUG
 
PPTX
#Techorama belgium 2018 vincent biret deep dive with the #MicrosoftGraph
Vincent Biret
 
PDF
Spca2014 office365 ap is full hackett obrien
NCCOMMS
 
Connect SharePoint Framework solutions to APIs secured with Azure AD
BIWUG
 
Developing Apps with Azure AD
SharePointRadi
 
harePoint Framework Webinar Series: Consume Graph APIs in SharePoint Framework
Jenkins NS
 
SPFx Webinar Loading SharePoint data in a SPFx Webpart
Jenkins NS
 
Leveraging APIs from SharePoint Framework solutions
Dragan Panjkov
 
SPConnect2014 Office 365 APIs
Wes Hackett
 
24032022 Zero Trust for Developers Pub.pdf
Tomasz Kopacz
 
SharePoint Conference 2018 - APIs, APIs everywhere!
Sébastien Levert
 
ECS 19 - Chris O'Brien - The hit list - Office 365 dev techniques you should ...
European Collaboration Summit
 
APIs, APIs Everywhere!
BIWUG
 
SharePoint Saturday Belgium 2018 - APIs, APIs everywhere!
Sébastien Levert
 
Calling APIs with SharePoint Framework
Giuseppe Marchi
 
Azure AD for browser-based application developers
Bob German
 
Mastering Modern Authentication and Authorization Techniques for SharePoint, ...
Eric Shupps
 
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
Vincent Biret
 
Chris OBrien - Weaving Enterprise Solutions into Office Products
Chris O'Brien
 
Deep dive into Salesforce Connected App
Dhanik Sahni
 
Handling Cross-Domain calls & authentication in SharePoint 2013
BIWUG
 
#Techorama belgium 2018 vincent biret deep dive with the #MicrosoftGraph
Vincent Biret
 
Spca2014 office365 ap is full hackett obrien
NCCOMMS
 
Ad

More from NCCOMMS (20)

PDF
O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
NCCOMMS
 
PDF
O365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
NCCOMMS
 
PDF
O365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
NCCOMMS
 
PDF
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
NCCOMMS
 
PDF
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
NCCOMMS
 
PDF
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
NCCOMMS
 
PDF
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
NCCOMMS
 
PDF
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
NCCOMMS
 
PDF
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
NCCOMMS
 
PDF
O365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
NCCOMMS
 
PDF
O365Con19 - Azure Blackbelt - Jussi Roine
NCCOMMS
 
PDF
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
NCCOMMS
 
PDF
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
NCCOMMS
 
PDF
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
NCCOMMS
 
PDF
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
PDF
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
NCCOMMS
 
PDF
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
NCCOMMS
 
PDF
O365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
NCCOMMS
 
PDF
O365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
NCCOMMS
 
PDF
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
NCCOMMS
 
O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
NCCOMMS
 
O365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
NCCOMMS
 
O365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
NCCOMMS
 
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
NCCOMMS
 
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
NCCOMMS
 
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
NCCOMMS
 
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
NCCOMMS
 
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
NCCOMMS
 
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
NCCOMMS
 
O365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
NCCOMMS
 
O365Con19 - Azure Blackbelt - Jussi Roine
NCCOMMS
 
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
NCCOMMS
 
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
NCCOMMS
 
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
NCCOMMS
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
NCCOMMS
 
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
NCCOMMS
 
O365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
NCCOMMS
 
O365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
NCCOMMS
 
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
NCCOMMS
 

Recently uploaded (20)

PDF
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
PDF
CXOs-Are-you-still-doing-manual-DevOps-in-the-age-of-AI.pdf
Kalilur Rahman
 
PDF
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
PDF
Improvisation in detection of pomegranate leaf disease using transfer learni...
IAESIJAI
 
PDF
Comparative analysis of machine learning models for fake news detection in so...
IAESIJAI
 
PDF
Statistics on Ai - sourced from AIPRM.pdf
AmelynLeeMeira
 
PDF
4 layer Arch & Reference Arch of IoT.pdf
sendilkumar66
 
PPTX
future_of_ai_comprehensive_20250822032121.pptx
forrandomuse090
 
PDF
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
PPTX
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
PPTX
Internet of Everything -Basic concepts details
sendilkumar66
 
PDF
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
PDF
Consumable AI The What, Why & How for Small Teams.pdf
Vivek Sai
 
PDF
Transform-Quality-Engineering-with-AI-A-60-Day-Blueprint-for-Digital-Success.pdf
Kalilur Rahman
 
PDF
Auditboard EB SOX Playbook 2023 edition.
DROK2
 
PDF
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
PPTX
Build Your First AI Agent with UiPath.pptx
suhanisingh58689
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
PDF
INTERSPEECH 2025 「Recent Advances and Future Directions in Voice Conversion」
NU_I_TODALAB
 
PDF
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
CXOs-Are-you-still-doing-manual-DevOps-in-the-age-of-AI.pdf
Kalilur Rahman
 
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
Improvisation in detection of pomegranate leaf disease using transfer learni...
IAESIJAI
 
Comparative analysis of machine learning models for fake news detection in so...
IAESIJAI
 
Statistics on Ai - sourced from AIPRM.pdf
AmelynLeeMeira
 
4 layer Arch & Reference Arch of IoT.pdf
sendilkumar66
 
future_of_ai_comprehensive_20250822032121.pptx
forrandomuse090
 
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
Internet of Everything -Basic concepts details
sendilkumar66
 
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
Consumable AI The What, Why & How for Small Teams.pdf
Vivek Sai
 
Transform-Quality-Engineering-with-AI-A-60-Day-Blueprint-for-Digital-Success.pdf
Kalilur Rahman
 
Auditboard EB SOX Playbook 2023 edition.
DROK2
 
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
Build Your First AI Agent with UiPath.pptx
suhanisingh58689
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 
INTERSPEECH 2025 「Recent Advances and Future Directions in Voice Conversion」
NU_I_TODALAB
 
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 

O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azure AD - Waldek Mastykarz

  • 2. Connect SharePoint Framework solutions to APIs secured with Azure AD
  • 4. rencore.com Calling API secured with Azure AD prerequisites What is OAuth? Which flow do I need? Which type of Azure AD app to create? Which URLs to enter as Reply URLs? …but I don’t know where users will put my web part or extension Is there an SDK I can use? Does it work in TypeScript? What if I add another web part to the page? What if two web parts request token at the same time? … …so what do I enter in Reply URLs?
  • 6. rencore.com Calling API secured with Azure AD prerequisites What is OAuth? Which flow do I need? Which type of Azure AD app to create? Which URLs to enter as Reply URLs? …but I don’t know where users will put my web part or extension Is there an SDK I can use? Does it work in TypeScript? What if I add another web part to the page? What if two web parts request token at the same time? … …so what do I enter in Reply URLs?
  • 8. rencore.com Connect to Azure AD-secured APIs from SPFx without headaches Demo
  • 9. rencore.com Connect to Azure AD-secured APIs using the AadHttpClient SharePoint Online Client-side web part Azure Active Directory "SharePoint Online Client“ Permissions - xyz Tenant administrator configures what scopes are available for the MSGraphClient and AadHttpClient by configuring permissions to specific pre-provisioned application in the Azure Active Directory. 1 3 2 Configured access tokens automatically included in the call with needed permissions Request access tokens from the Azure AD side for the used application Custom API
  • 10. rencore.com • Use the AadHttpClient class to access Azure AD-secured APIs wldk.nl/spconnect01 • Don’t pass web part context into React components wldk.nl/spconnect02 • Enable CORS for your API wldk.nl/spconnect03 • Setup API permissions in your tenant wldk.nl/spconnect01 • Each piece of JavaScript can access approved APIs wldk.nl/spconnect04 • Setup API permissions without packages wldk.nl/spconnect05 • Additional configuration required for multi-tenant apps wldk.nl/spconnect06 • Isolated web parts wldk.nl/spconnect07 Takeaways
  • 11. Waldek Mastykarz Head of Product SharePoint MVP https://blog.mastykarz.nl @waldekm