Remove From My Forums

How to use Oauth with PKCE for outlook.com

Question
0

Sign in to vote
Hi team,

I am trying to configure an outlook.com account with OAuth. I am able to configure if I use client id and client secret. But I want to use PKCE instead of using client secret. When I use AppAuth library with PKCE for the same end points then it doesn't work. Am I supposed to use some different endpoints for authentication or is there other configuration required for this?

Can you please help?
- Moved by Richard MuellerMVP Tuesday, March 12, 2019 1:13 PM Not a TechNet Wiki question
Tuesday, March 12, 2019 7:17 AM

Answers

0

Sign in to vote
This forum is for questions and discussions about the TechNet Wiki. I would ask here:

https://social.technet.microsoft.com/Forums/en-US/home?forum=outlook

Edit: Does this document help?

https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code

Richard Mueller - MVP Enterprise Mobility (Identity and Access)
- Edited by Richard MuellerMVP Tuesday, March 12, 2019 1:07 PM
- Proposed as answer by Dave PatrickMVP Tuesday, March 12, 2019 1:32 PM
- Marked as answer by Dave PatrickMVP Tuesday, March 19, 2019 3:12 PM
Tuesday, March 12, 2019 12:58 PM
0

Sign in to vote
For outlook.com I'd ask for help over here.

https://answers.microsoft.com/en-us/outlook_com/forum/osecurity

Regards, Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows Server] Datacenter Management

Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.
- Edited by Dave PatrickMVP Tuesday, March 12, 2019 1:55 PM
- Marked as answer by Dave PatrickMVP Tuesday, March 19, 2019 3:12 PM
Tuesday, March 12, 2019 1:32 PM

All replies

0

Sign in to vote
This forum is for questions and discussions about the TechNet Wiki. I would ask here:

https://social.technet.microsoft.com/Forums/en-US/home?forum=outlook

Edit: Does this document help?

https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code

Richard Mueller - MVP Enterprise Mobility (Identity and Access)
- Edited by Richard MuellerMVP Tuesday, March 12, 2019 1:07 PM
- Proposed as answer by Dave PatrickMVP Tuesday, March 12, 2019 1:32 PM
- Marked as answer by Dave PatrickMVP Tuesday, March 19, 2019 3:12 PM
Tuesday, March 12, 2019 12:58 PM
0

Sign in to vote
For outlook.com I'd ask for help over here.

https://answers.microsoft.com/en-us/outlook_com/forum/osecurity

Regards, Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows Server] Datacenter Management

Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.
- Edited by Dave PatrickMVP Tuesday, March 12, 2019 1:55 PM
- Marked as answer by Dave PatrickMVP Tuesday, March 19, 2019 3:12 PM
Tuesday, March 12, 2019 1:32 PM
0

Sign in to vote

Hey Richard,

Thank you for quick reply. Yes, this is what I want to implement as mentioned in the document.

But I see below error after entering email address and password in the WebView for authorization:

"Sign in Sorry, but we’re having trouble signing you in. AADSTS50020: User account ‘bob1bob098@outlook.com’ from identity provider ‘live.com’ does not exist in tenant ‘bob’ and cannot access the application (TestApp) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account."

After registering the application, I provided "Microsoft Graph" permissions to the app. Do you have any idea on what I am missing here?

Thanks in advance!

Thursday, March 14, 2019 8:45 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

How to use Oauth with PKCE for outlook.com

Question

Answers

All replies