on 11-29-2023 3:26 PM
Hello all,
I am currently changing the underlying infrastructure of a CAP / UI5 application that used the node package "passport" for authentication and authorization with the passport-azure-ad-oauth2 flow. With this token I could use the Microsoft Graph API to send an E-Mail as the current user (which is a needed feature).
Now the infrastructure changed. I now use an approuter with a XSUAA instance for authentication with a route to the underlying CAP application. Additionally, Azure was configured as identity provider instead of the default identity provider.
With this setup the token acquired after a successful login does not suffice / work for neither direct usage of the Microsoft Graph API or generating a new token using the "onBehalfOf"-Functionality of the "@azure/msal-node"-Package.
So far I have tried:I want to use the currently signed in user to send the mail and avoid further authorization flows done by the user. I would consider using a technical user as fallback option if required.
If anyone has any ideas on how to solve this issues or had similar use-cases in the past, I am grateful for any information or approach.
I'll gladly provide further information if needed.
I think you should try this setup:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
68 | |
8 | |
7 | |
6 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.