getAccessToken的Outlook WEB加载项执行返回状态码302 [英] Outlook WEB Add-in execution of getAccessToken returns status code 302
问题描述
我严格遵循 getAccessToken 我收到302:
I strictly follow this article to build an Outlook WEB Add-in, but when I execute getAccessToken I receive 302:
此外接程序缺少授权.
Missing grant for this add-in.
名称:
缺少预授权
那是为什么?我的加载项已在门户中进行了很好的注册.我还需要做其他事情吗?此请求的授予类型是什么,我应该放在哪里?
Why is that? My Add-in is well registered in the portal. Do I need to do anything else? What is the grant type for this request and where should I put it in?
$("#getAccessTokenBtn").click(function () {
Office.context.auth.getAccessTokenAsync(function (result) {
if ("succeeded" === result.status) {
// Use this token to call Web API
var ssoToken = result.value;
} else {
if (13003 === result.error.code) {
// SSO is not supported for domain user accounts, only
// work or school (Office 365) or Microsoft Account IDs.
} else {
// Handle error
}
}
});
});
这是我的清单:
<VersionOverrides xmlns="http://schemas.microsoft.com/office/mailappversionoverrides/1.1" xsi:type="VersionOverridesV1_1">
<Requirements>
<bt:Sets DefaultMinVersion="1.3">
<bt:Set Name="Mailbox" />
</bt:Sets>
</Requirements>
<Hosts>
<Host xsi:type="MailHost">
...
</Host>
</Hosts>
<Resources>
...
</Resources>
<WebApplicationInfo>
<Id>94x668mb-461c-4r4e-851n-fb9721222e31</Id>
<Resource>api://localhost:44374/94x668mb-461c-4r4e-851n-fb9721222e31</Resource>
<Scopes>
<Scope>profile</Scope>
<Scope>user.read</Scope>
</Scopes>
</WebApplicationInfo>
</VersionOverrides>
我发现了问题排查页面,其中提示错误13005的内容如下:
I found the troubleshooting page that suggests for error 13005 the following:
13005 无效的赠款.这通常意味着Office尚未被预授权加载项的Web服务.有关更多信息,请参见创建服务应用程序并将加载项注册到Azure AD v2.0终结点(节点JS).如果用户未授予您的服务应用程序对其配置文件的权限,也会发生这种情况.
13005 Invalid Grant. This usually means that Office has not been pre-authorized to the add-in's web service. For more information, see Create the service application and Register the add-in with Azure AD v2.0 endpoint (ASP.NET) or Register the add-in with Azure AD v2.0 endpoint (Node JS). This also may happen if the user has not granted your service application permissions to their profile.
那甚至意味着什么?
Before I ask for Access Token, should I consent following this documentation, by just navigating to the the URL below?
https://login.microsoftonline.com/common/adminconsent?client_id=94x668mb-461c-4r4e-851n-fb9721222e31
推荐答案
是.开发时,您必须按照此处.
Yes. When developing, you have to grant admin consent as described here.
出现此错误的另一种可能性是您没有对Outlook插件进行预授权.当您使用AAD 2.0注册加载项时,请确保已完成本文的步骤10:使用SSO令牌对(Outlook)用户进行身份验证
Another possibility for why you are getting that error is that you haven't preauthorized Outlook to the addin. When you register the add-in with AAD 2.0, be sure that you've done step 10 of this article: Register SSO add-in with AAD 2.0. Finally, if you haven't already, check out this article for any special factors that apply to Outlook addins: Authenticate (Outlook) user with an SSO token
这篇关于getAccessToken的Outlook WEB加载项执行返回状态码302的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!