topic: sample products:
Note: This repo is archived and no longer actively maintained. Security vulnerabilities may exist in the project, or its dependencies. If you plan to reuse or run any code from this repo, be sure to perform appropriate security checks on the code or dependencies first. Do not use this project as the starting point of a production Office Add-in. Always start your production code by using the Office/SharePoint development workload in Visual Studio, or the Yeoman generator for Office Add-ins, and follow security best practices as you develop the add-in.
The goal of Office Add-ins is to improve user productivity. You can achieve this goal with the help of third-party services. This sample is a Word add-in demonstrating client-side OAuth using AngularJS and ADAL for Angular.
This add-in does not require any server-side techniques or web sockets. In Office 2016 we now have the ability to use the dialog framework from the Office UI Namespace to pop up a window and communicate back and forth between the pop up window and an Office Add-in task pane window.
npm install -g bower gulp
.npm install
.Register a web application in Azure Management portal with the following configuration: Use this guide to register an application.
Parameter | Value |
---|---|
Name | add-in-word-client-oauthweb |
Type | Web application and/or web API |
Sign-on URL | https://localhost:8443/Auth.html |
App ID URI | https://[your azure ad tenant name].onmicrosoft.com/Add-In-Word-Client-OAuthWeb |
Reply URL | https://localhost:8443/index.html, https://localhost:8443/Auth.html |
Add the following permissions:
Application | Delegated Permissions |
---|---|
Microsoft Graph | Read User Calendars |
Microsoft Azure Active Directory | Sign in and read user profile |
Save the application and make note of the client ID.
For this application written in AngularJS, Azure AD supports the OAuth 2.0 Implicit Grant flow. The implicit flow is described in the OAuth 2.0 Specification. Its primary benefit is that it allows the app to get tokens from Azure AD without performing a backend server credential exchange. This allows the app to sign in the user, maintain session, and get tokens to other web APIs all within the client JavaScript code. More details can be found on the Azure AD site.
oauth2AllowImplicitFlow
value to true
.clientId: '[Insert client ID here]'
with the value from your Azure AD application.gulp serve-static
.We'd love to get your feedback about this sample. You can send your questions and suggestions to us in the Issues section of this repository.
Questions about Office 365 development in general should be posted to Stack Overflow. Make sure that your questions or comments are tagged with [office-addins].
Copyright (c) 2016 Microsoft Corporation. All rights reserved.
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.