OfficeRuntime.auth.getAccessToken() method fallback method #5292
Assignees
Labels
Area: authentication
Issue related to authentication
Type: product question
Question about the Office Add-ins platform or Office JavaScript APIs
Comments
microsoft-github-policy-service
bot
added
the
Needs: triage 🔍
keyur32
added
Area: authentication
|
Thank you for your auth question. Assigning to @mattgeim to take a look. |
|
Have you explored using Nested App Auth? https://learn.microsoft.com/en-us/office/dev/add-ins/develop/enable-nested-app-authentication-in-your-add-in It supports SPA flows, unlike the office.js OBO-based getAccessToken SSO method. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have implemented SPA authorization as a fallback mechanism, for the OfficeRuntime.auth.getAccessToken() method, when silent authorization fails, which involves opening a popup for user consent. While this method allows us to successfully retrieve the access token, we encounter an issue when users switch mail accounts and the add-in is not pinned. In this scenario, the add-in reloads, causing us to lose the previously obtained access token. As a result, the popup must be reopened to reauthorize, creating a repetitive and inconvenient process for users.
We would like to know if there is a caching or storage solution, such as roaming settings for add-ins, that would allow us to store the access token obtained during SPA authorization. Alternatively, if there are other fallback methods for unsupported platforms, we would appreciate your suggestions. This is crucial for improving user experience, as the current flow will lead to unnecessary delays and repeated consent requests.
Could you kindly propose an alternative approach for securely storing and reusing the token, eliminating the need for users to reauthorize each time they access the add-in?
The text was updated successfully, but these errors were encountered: