How to get Microsoft graph access token from java spring

Question

I tried to get graph api token from postman UI and was able to get planner data. How to achieve same in java spring

I am not able to get access token for Microsoft graph api using java spring. I am able to get access token using postman.

I need to access planner API from one of the web application. As per Microsoft documentation I configured a app in azure active directory and got client key, secret key etc. I also configured required permission to get groups and users.

Very first time I used below from POSTMAN https://login.microsoftonline.com/ /oauth2/token with below data

client_id     : <client_id from configured app> 
client_secret : <client secret from configured app>
grant_type    : client_credentials
resource      : https://graph.microsoft.com

I got token, and I was able to get groups from https://graph.microsoft.com/v1.0/groups/

But same token was not valid for getting plans of group.

With lot of digging, I came to know that token accessed with client_credentials is not applicable to get data from planner API. So, next I used below details to get access token from UI of postman.

Grant Type  : authorization_code
Callback URL : https://www.getpostman.com/oauth2/callback
Auth URL   : https://login.microsoftonline.com/<tenant_id>/oauth2/authorize?resource=https://graph.microsoft.com 
Access Token URL  : https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token

client_id     : <client_id from configured app> 
client_secret : <client secret from configured app>

I got the Microsoft login screen, and after successful login, I got token. I could call planner API using this access token.

Now my question is how can I get this same token using java spring. Also, my web app will be having background service running in scheduler calling graph API daily. I do not want manual intervention here, but as told earlier, graph API will ask to login.

How to achieve above requirement.

Answer 1

private String getAuth() {
        ConfidentialClientApplication app = null;

        IClientCredential credential = ClientCredentialFactory.create(Appsecret);
        try {
            app = ConfidentialClientApplication.builder(MicrsoftAppId, credential).authority("https://login.microsoftonline.com/"+tenantId+"/").build();
        }catch(MalformedURLException e) {
            System.out.println(e.getMessage());
        }

        ClientCredentialParameters parameters = ClientCredentialParameters.builder(Collections.singleton("https://graph.microsoft.com/.default")).build();

        CompletableFuture<IAuthenticationResult> future = app.acquireToken(parameters);

        try {
            IAuthenticationResult result = future.get();
            return result.accessToken();
        }catch(ExecutionException e){
            System.out.println(e.getMessage());
        }catch(InterruptedException e) {
            System.out.println(e.getMessage());
        }
        return null;        
    }

Here you go! This code is made for application permission (so not delegated). It only requires your client Id and secret to operate. You will need the microsoft graph jar for it to work (and the many jars supporting it).