I strictly follow this article to build an Outlook WEB Add-in, but when I execute getAccessToken I receive 302:
Missing grant for this add-in.
with name:
Preauthorization missing
Why is that? My Add-in is well registered in the portal . Do I need to do anything else? What is the grant type for this request and where should I put it in?
$("#getAccessTokenBtn").click(function () {
Office.context.auth.getAccessTokenAsync(function (result) {
if ("succeeded" === result.status) {
// Use this token to call Web API
var ssoToken = result.value;
} else {
if (13003 === result.error.code) {
// SSO is not supported for domain user accounts, only
// work or school (Office 365) or Microsoft Account IDs.
} else {
// Handle error
}
}
});
});
This is my manifest:
<VersionOverrides xmlns="http://schemas.microsoft.com/office/mailappversionoverrides/1.1" xsi:type="VersionOverridesV1_1">
<Requirements>
<bt:Sets DefaultMinVersion="1.3">
<bt:Set Name="Mailbox" />
</bt:Sets>
</Requirements>
<Hosts>
<Host xsi:type="MailHost">
...
</Host>
</Hosts>
<Resources>
...
</Resources>
<WebApplicationInfo>
<Id>94x668mb-461c-4r4e-851n-fb9721222e31</Id>
<Resource>api://localhost:44374/94x668mb-461c-4r4e-851n-fb9721222e31</Resource>
<Scopes>
<Scope>profile</Scope>
<Scope>user.read</Scope>
</Scopes>
</WebApplicationInfo>
</VersionOverrides>
I found the troubleshooting page that suggests for error 13005 the following:
13005 Invalid Grant. This usually means that Office has not been pre-authorized to the add-in's web service. For more information, see Create the service application and Register the add-in with Azure AD v2.0 endpoint (ASP.NET) or Register the add-in with Azure AD v2.0 endpoint (Node JS). This also may happen if the user has not granted your service application permissions to their profile .
What does that even mean?
Before I ask for Access Token, should I consent following this documentation , by just navigating to the the URL below?
https://login.microsoftonline.com/common/adminconsent?client_id=94x668mb-461c-4r4e-851n-fb9721222e31
Yes. When developing, you have to grant admin consent as described here .
Another possibility for why you are getting that error is that you haven't preauthorized Outlook to the addin. When you register the add-in with AAD 2.0, be sure that you've done step 10 of this article: Register SSO add-in with AAD 2.0 . Finally, if you haven't already, check out this article for any special factors that apply to Outlook addins: Authenticate (Outlook) user with an SSO token
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.