outlook WEB Add-in执行getAccessTokenreturns状态码302
Outlook WEB Add-in execution of getAccessToken returns status code 302
我严格遵守this article to build an Outlook WEB Add-in, but when I execute getAccessToken我收到302:
Missing grant for this add-in.
姓名:
Preauthorization missing
这是为什么?我的加载项已在 portal 中注册。我还需要做其他事情吗?这个请求的授权类型是什么,我应该把它放在哪里?
$("#getAccessTokenBtn").click(function () {
Office.context.auth.getAccessTokenAsync(function (result) {
if ("succeeded" === result.status) {
// Use this token to call Web API
var ssoToken = result.value;
} else {
if (13003 === result.error.code) {
// SSO is not supported for domain user accounts, only
// work or school (Office 365) or Microsoft Account IDs.
} else {
// Handle error
}
}
});
});
这是我的清单:
<VersionOverrides xmlns="http://schemas.microsoft.com/office/mailappversionoverrides/1.1" xsi:type="VersionOverridesV1_1">
<Requirements>
<bt:Sets DefaultMinVersion="1.3">
<bt:Set Name="Mailbox" />
</bt:Sets>
</Requirements>
<Hosts>
<Host xsi:type="MailHost">
...
</Host>
</Hosts>
<Resources>
...
</Resources>
<WebApplicationInfo>
<Id>94x668mb-461c-4r4e-851n-fb9721222e31</Id>
<Resource>api://localhost:44374/94x668mb-461c-4r4e-851n-fb9721222e31</Resource>
<Scopes>
<Scope>profile</Scope>
<Scope>user.read</Scope>
</Scopes>
</WebApplicationInfo>
</VersionOverrides>
我发现 troubleshooting page 提示错误 13005 如下:
13005
Invalid Grant. This usually means that Office has not been pre-authorized to the add-in's web service. For more information, see Create the service application and Register the add-in with Azure AD v2.0 endpoint (ASP.NET) or Register the add-in with Azure AD v2.0 endpoint (Node JS). This also may happen if the user has not granted your service application permissions to their profile.
这到底是什么意思?
在我请求访问令牌之前,我是否应该通过导航到下面的 URL 来同意跟随 this documentation?
https://login.microsoftonline.com/common/adminconsent?client_id=94x668mb-461c-4r4e-851n-fb9721222e31
是的。开发时,您必须按照 here 所述授予管理员同意。
您收到该错误的另一种可能是您没有预先授权 Outlook 访问插件。使用 AAD 2.0 注册加载项时,请确保您已完成本文的第 10 步:Register SSO add-in with AAD 2.0. Finally, if you haven't already, check out this article for any special factors that apply to Outlook addins: Authenticate (Outlook) user with an SSO token
我严格遵守this article to build an Outlook WEB Add-in, but when I execute getAccessToken我收到302:
Missing grant for this add-in.
姓名:
Preauthorization missing
这是为什么?我的加载项已在 portal 中注册。我还需要做其他事情吗?这个请求的授权类型是什么,我应该把它放在哪里?
$("#getAccessTokenBtn").click(function () {
Office.context.auth.getAccessTokenAsync(function (result) {
if ("succeeded" === result.status) {
// Use this token to call Web API
var ssoToken = result.value;
} else {
if (13003 === result.error.code) {
// SSO is not supported for domain user accounts, only
// work or school (Office 365) or Microsoft Account IDs.
} else {
// Handle error
}
}
});
});
这是我的清单:
<VersionOverrides xmlns="http://schemas.microsoft.com/office/mailappversionoverrides/1.1" xsi:type="VersionOverridesV1_1">
<Requirements>
<bt:Sets DefaultMinVersion="1.3">
<bt:Set Name="Mailbox" />
</bt:Sets>
</Requirements>
<Hosts>
<Host xsi:type="MailHost">
...
</Host>
</Hosts>
<Resources>
...
</Resources>
<WebApplicationInfo>
<Id>94x668mb-461c-4r4e-851n-fb9721222e31</Id>
<Resource>api://localhost:44374/94x668mb-461c-4r4e-851n-fb9721222e31</Resource>
<Scopes>
<Scope>profile</Scope>
<Scope>user.read</Scope>
</Scopes>
</WebApplicationInfo>
</VersionOverrides>
我发现 troubleshooting page 提示错误 13005 如下:
13005 Invalid Grant. This usually means that Office has not been pre-authorized to the add-in's web service. For more information, see Create the service application and Register the add-in with Azure AD v2.0 endpoint (ASP.NET) or Register the add-in with Azure AD v2.0 endpoint (Node JS). This also may happen if the user has not granted your service application permissions to their profile.
这到底是什么意思?
在我请求访问令牌之前,我是否应该通过导航到下面的 URL 来同意跟随 this documentation?
https://login.microsoftonline.com/common/adminconsent?client_id=94x668mb-461c-4r4e-851n-fb9721222e31
是的。开发时,您必须按照 here 所述授予管理员同意。
您收到该错误的另一种可能是您没有预先授权 Outlook 访问插件。使用 AAD 2.0 注册加载项时,请确保您已完成本文的第 10 步:Register SSO add-in with AAD 2.0. Finally, if you haven't already, check out this article for any special factors that apply to Outlook addins: Authenticate (Outlook) user with an SSO token