Access personal accounts Onedrive with Azure AD Multi tenant
Question
I would like to create a daemon app on Azure that would allow to access multiple personal Microsoft accounts (not in same tenant). My idea: I create a multi tenant app in my tenant. Each user that authorizes access to his personal account, should give explicit consent.
I feel like it's possible when I read the doc but I'm not able to do it. What I currently did:
- Create a V2 Multi Tenant app in Azure AD
- Give Graph API: Files.Read.All and User.Read access on App permissions
Then I'm not sure how I should ask for the consent of users ? And then how can I get a token for a particular user to have daemon access ? (without explicitly having to ask again his consent)
Thanks for the help!
1 answers
solution1
1 2020-01-29 19:44:09
Even if it is not really clear out of the documentation of Microsoft as first it seems it's possible, I have the impression that it's not possible: Daemon applications can work only in Azure AD tenants. It wouldn't make sense to build a daemon application that attempts to manipulate Microsoft personal accounts. If you're a line-of-business (LOB) app developer, you'll create your daemon app in your tenant. If you're an ISV, you might want to create a multitenant daemon application. Each tenant admin will need to provide consent. ( https://docs.microsoft.com/bs-cyrl-ba/azure/active-directory/develop/scenario-daemon-overview )
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.