sharepointmicrosoft-graph-apisharepointframework

Generate MS Graph Outlook Task Access Token from Sharepoint


I want to read all the Outlook Task assigned to the logged in user from with an Office365 web part (SPFX), But I do not want the user to sign in again or do any such operation, Ideally what I want is to use SharePoint context to be used to authenticate the user.

I came across the GraphHttpClient which uses /_api/SP.OAuth.Token/Acquire to acquire an access token which can be used with Microsoft Graph but, by default, this method only issue Group.ReadWrite.All and Reports.Read.All permission.

I need to grant it Tasks.Read permission.

I was wondering if there is any way to pass the Scope into the method to get an updated token?

I have already tried passing Scope as a query string to URL and as a header, both yielded me no result. Any suggestions on how to tackle this issue will be helpful.


Solution

  • The GraphHttpClient has been deprecated, you want to use the new MSGraphClient instead.

    By default, MSGraphClient doesn't have any permission scopes applied other than User.Read. It does, however, support requesting additional permission scopes from the tenant administrator. The overview for how this works can be found at Connect to Azure AD-secured APIs in SharePoint Framework solutions.