通过Exchange ActiveSync(EAS)将OAuth2用于Office365 [英] Utilizing OAuth2 for Office365, through Exchange ActiveSync (EAS)
问题描述
博客文章:
虽然不是EAS 16.1的一部分,但我们也要注意,Office 365和Outlook.com客户现在都可以使用OAuth 2.0协议通过EAS进行授权.
While not a part of EAS 16.1, we also want to note that both Office 365 and Outlook.com customers can now utilize the OAuth 2.0 protocol for authorization through EAS. 我的问题是:我应该在oauth请求中使用哪个作用域? My question is: which scope should I use in the oauth request? 是否有一个示例,也许是完整请求的示例? Is there an example, perhaps of the full request? 注意:关于使用OAuth for Office365和IMAP ,存在类似的问题,但是在这里我是专门问有关 ActiveSync 的问题.我在对该线程上的答案之一的注释中引用了此问题. Note: there was a similar question about using OAuth for Office365 with IMAP, but here I'm specifically asking about ActiveSync. I referenced this question in a comment to one of the answers on that thread. 次要问题: 由于Jason的回答和其他一些调整,我们设法使用 https://login来生成oauth令牌.windows.net/common/oauth2 ,但仅适用于office365用户(组织帐户),而不适用于Microsoft 用户帐户(实时,hotmail,outlook.com). ..) Thanks to Jason's answer and some additional tweaks, we managed to generate oauth token using https://login.windows.net/common/oauth2 but only for office365 users (Organization Accounts) and not to Microsoft users account (live, hotmail, outlook.com...) 令牌允许访问两个ActiveSync协议(通过 https://eas.outlook.com /Microsoft-Server-ActiveSync )和EWS API(通过 https://outlook .office365.com/EWS/Exchange.asmx ). The token allows access to both ActiveSync protocol (via https://eas.outlook.com/Microsoft-Server-ActiveSync) and for EWS API (via https://outlook.office365.com/EWS/Exchange.asmx). 不幸的是,我们找不到为Microsoft 在线帐户(hotmail,live,outlook.com)生成相同令牌的方法.我们尝试使用以下端点: https://login.live.com/oauth20_authorize.srf 其中仅允许activesync而不允许EWS. Unfortunately we cannot find a way to generate same token for Microsoft online accounts (hotmail, live, outlook.com). We tried using this endpoint: https://login.live.com/oauth20_authorize.srf which allow only activesync and not EWS. 是否可以在两种协议(ActiveSync和EWS)上为组织帐户和在线帐户使用相同的令牌? Is there a way to use the same token for both organization and online accounts on both protocols (ActiveSync and EWS)? 抱歉,这花了很长时间,但直到今天我才意识到这个问题:).您需要将应用程序注册为Azure Active Directory中的本机应用程序: Sorry this took so long, but I wasn't aware of this question until today :). You need to register your app as a native application in Azure Active Directory: 然后通过Exchange Web Services (在 Office 365 Exchange Online 下)作为登录用户添加 Access邮箱作为委派权限. Then add the Access mailboxes as the signed-in user via Exchange Web Services (under Office 365 Exchange Online) delegated permission. 注意::您不能在应用程序注册门户( https://apps.dev.microsoft.com ),则需要在Azure门户中进行注册( https://portal.azure.com/),则需要使用 NOTE: You cannot register this in the Application Registration Portal (https://apps.dev.microsoft.com), it needs to be registered in the Azure Portal (https://portal.azure.com/), and you need to use the v1 Azure auth endpoints for authorization and token requests. 这篇关于通过Exchange ActiveSync(EAS)将OAuth2用于Office365的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
推荐答案
