Open jenniferestrada opened 3 years ago
I have the same issue
In the meanwhile I have solved my issue, let me know if you are still looking for an answer.
Hi @ivarvh - may we know how did you solve your issue?
In our case we had to set the authorityUrl and we had to set the scopes to ['
In our case we had to set the authorityUrl and we had to set the scopes to ['/.default'] Hello @ivarvh I tried setting the scopes to default and I am getting following error.
ERROR: Server returned less scopes than requested Can you please let me know what can be the issue.
Hi Team-
Can someone help me understand how to add access scopes for APIs to this code? I have tried adding scopes via the scopes array, the protectedResourceMap (as in other instances of MSAL) and the otherScopesToAuthorize array as shown in the screen shot below. In my token, the scopes are always applied towards the MS Graph API in each case. Can you tell me the correct way to add scopes for accessing APIs? You will see my decoded token below, where the scope is applied for the Graph API only.
Thank you
Hi I am also facing the same issue. Could you please help if you have resolved it.
Thank you.
I am also facing the same issue.
Hi I'd really like to be able to do the same thing. I need to be able to acess the graph and also our own APIs. Bascially I need to be able to access multiple scopes. I know this means getting multiple tokens but Im not sure how to get the other token
In the meanwhile I have solved my issue, let me know if you are still looking for an answer.
I'd like to understand how you did this.
I am not using the graph api. once authentication is done I get the OID filed and I use that in the application. I only use single scope to read my api.
Ok we have found the solution. It's brutal but it works:
document.addEventListener('deviceready', onDeviceReady, false);
function onDeviceReady() { // Cordova is now initialized. Have fun!
console.log('Running cordova-' + cordova.platformId + '@' + cordova.version);
if (typeof (cordova.plugins.msalPlugin) !== "undefined") {
let options = {
authorities: [
{
type: 'AAD',
audience: 'AzureADMyOrg',
authorityUrl: '',
cloudInstance: 'MSALAzurePublicCloudInstance',
default: true
}
],
authorizationUserAgent: 'DEFAULT',
multipleCloudsSupported: false,
brokerRedirectUri: false,
accountMode: 'SINGLE',
scopes: ['User.Read', 'Mail.Send'],
}
window.cordova.plugins.msalPlugin.msalInit(function () {
window.cordova.plugins.msalPlugin.signInInteractive(
function (jwt) {
console.log("TOKEN GRAPH:", jwt);
//CHANGE THE SCOPE AND RI INIT
options.scopes = ['api://XYZ-TYU-ERT/APIM_APP'];
// THIS TIME LOGIN SILENT
window.cordova.plugins.msalPlugin.msalInit(function () {
window.cordova.plugins.msalPlugin.signInSilent(
function(resp) {
console.log("TOKEN API:", resp);
},
function(err) {
console.log(err);
}
);
},
function (err) {
console.log(err);
}, options);
},
function (err) {
console.log(err);
}
);
},
function (err) {
console.log(err);
}, options);
}
}
Thank you very much. It will surely help many people
Ok we have found the solution. It's brutal but it works:
document.addEventListener('deviceready', onDeviceReady, false);
function onDeviceReady() { // Cordova is now initialized. Have fun!
console.log('Running cordova-' + cordova.platformId + '@' + cordova.version); if (typeof (cordova.plugins.msalPlugin) !== "undefined") { let options = { authorities: [ { type: 'AAD', audience: 'AzureADMyOrg', authorityUrl: '', cloudInstance: 'MSALAzurePublicCloudInstance', default: true } ], authorizationUserAgent: 'DEFAULT', multipleCloudsSupported: false, brokerRedirectUri: false, accountMode: 'SINGLE', scopes: ['User.Read', 'Mail.Send'], } window.cordova.plugins.msalPlugin.msalInit(function () { window.cordova.plugins.msalPlugin.signInInteractive( function (jwt) { console.log("TOKEN GRAPH:", jwt); //CHANGE THE SCOPE AND RI INIT options.scopes = ['api://XYZ-TYU-ERT/APIM_APP']; // THIS TIME LOGIN SILENT window.cordova.plugins.msalPlugin.msalInit(function () { window.cordova.plugins.msalPlugin.signInSilent( function(resp) { console.log("TOKEN API:", resp); }, function(err) { console.log(err); } ); }, function (err) { console.log(err); }, options); }, function (err) { console.log(err); } ); }, function (err) { console.log(err); }, options); }
}
@dbarn - Above solution not working. I have 5 API and each need different tokens. Please help me on this.
Hi Team-
Can someone help me understand how to add access scopes for APIs to this code? I have tried adding scopes via the scopes array, the protectedResourceMap (as in other instances of MSAL) and the otherScopesToAuthorize array as shown in the screen shot below. In my token, the scopes are always applied towards the MS Graph API in each case.
Can you tell me the correct way to add scopes for accessing APIs?
You will see my decoded token below, where the scope is applied for the Graph API only.
Thank you