stackoom
  简体   繁体   中英

MSAL-angular asking for additional premissions

 原文  2020-10-31 16:34:44       angular/ azure/ microsoft-graph-api/ msal/ msal.js

Question

I'm new to MSAL and having trouble for something that seems rather simple.

Im currently making a dashboard app that can read a tenants information trough the Microsoft Graph. So far I've added new tenants by making an app registration trough Azure portal. Now I would like to automate this process by letting the user login and have the app create the registration for him.

I used this tutorial to get started with MSAL and everything works fine until the point I try to ask for more premissions

The way I understand it is that I would need to add premissions I need to the consentscope in MsalModule

 MsalModule.forRoot(
      {
        auth: {
          clientId: "c91b9c1f-662c-491c-870c-fff04dd9b065",
          redirectUri: "https://parigxprz.github.stackblitz.io"
        },
        cache: {
          cacheLocation: "localStorage",
          storeAuthStateInCookie: isIE // set to true for IE 11
        }
      },
      {
        popUp: !isIE,
        //adding extra premissions here
        consentScopes: ["user.read", "openid", "profile", "calendar.read","mail.read"],
        protectedResourceMap: [
          ['https://graph.microsoft.com/v1.0/me', ['user.read']],
        ],
        unprotectedResources: [],
        extraQueryParameters: {}
      }
    )

And that it would show up in here

在此处输入图片说明

Now unfortunately that doesnt seem to be the case for me as it only asks for the premission to read the basic profile and not the calendar or the mail. Ive also tried adding it to the loginpopup call like so

 this.authService.loginPopup({
        extraScopesToConsent: ["user.read", "openid", "profile", "calendar.read","mail.read"]
      });

But that doesnt really seem to change much.

Here's a stackblitz using the sample app from the azure sample github.

https://stackblitz.com/edit/github-o6tcvk?file=src%2Fapp%2Fapp.component.ts

Any help would be appreciated.

1 answers

solution1
 0  2020-10-31 17:47:59

You need to configure this in the app registration in the Azure portal. Look at the apis section and select the appropriate permissions under the graph api. You may have to grant admin consent before your users can approve access.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question MetaData version mismatch for @azure/msal-angular How to get user's AAD memberships with @azure/msal-angular How do you read Roles/Permissions using MSAL-ANGULAR How do I listen for MSAL-Angular token reauthentiation requests? Does the @azure/msal-angular package automatically refresh token? MSAL-Angular is there any event or callback available for signup completed? How to use forceRefresh: true in msal-angular config? Msal-angular always opens popup while I prefer redirection How to get username after logged in?.I am trying with MSAL (@azure/msal-angular) for Azure Signin Get azure ad user group by @azure/msal-angular library in angular 8
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM