3

I have recently implemented Microsoft OAuth2 to retrieve data from the Graph API (and more). Now I wan't to integrate with some of the social functions in the Yammer API but I can't find any info whether this is possible.

It seems unnecessary for me to have to force the user to auth against two different OAuth endpoints when judging from Yammer Embed, the Microsoft SSO is enough to authenticate in (Microsoft-owned!) Yammer as well.

Maybe I'm just not understanding OAuth enough, but it does mean that I will have to authenticate first against MS OAuth2, then to Yammer OAuth2.

EDIT: Just after I posted this, I found the "Yammer impersonation" page which I missed earlier: https://developer.yammer.com/docs/impersonation It is very short on details, is this a viable way to avoid the user actively having to sign in to Yammer?

We have a paid Microsoft service including most applications, btw.

Further EDIT: I mainly want to use the API to get some statistics on nr of likes on a post etc., not really any personal info at this point.

Jonas Eriksson
  • 171
  • 2
  • 12

1 Answers1

1

If you register your app with AzureAD you can require scopes for the Graph API and the Yammer API at the same time. There will be then only one OAuth flow and one consent screen.

Benoit Patra
  • 4,355
  • 5
  • 30
  • 53
  • Thank you! Exactly what I wanted to hear! I don't have access to the company AzureAD configuration personally and my trial Azure subscription did not include Yammer. Couldn't find anything on it online, so thank you! I'll ask the guy in charge to open up for yammer access. – Jonas Eriksson Feb 12 '16 at 12:44
  • @JonasEriksson did you manage to make this work? I've been trying to do the same. We have defined scopes for user.read and user.allbasic.read, the app also has the Office 365 Yammer delegated permission. However when we obtain the access tokens and codes we cannot use them on Yammer API, as they're not recognised by it. Help! – Lievcin Jul 06 '16 at 15:49
  • @Lievcin Sorry for the late reply! Yes, we got it to work, but not entirely without problems. Do you get other endpoints such as (graph.microsoft.com or graph.windowsazure.com) to work with the acccess tokens provided by ADAL? What more can you tell me about the error? – Jonas Eriksson Jul 11 '16 at 08:38
  • Hi @JonasEriksson thanks for the reply, we tried mixing some scopes but when we tried with graph and yammers unless it said was invalid. On the other side there's the yammer app directory which seems completely separate from any ad app directory... Tried to get the access token from Azad app in yammer but is not recognised either – Lievcin Jul 11 '16 at 18:21
  • Will try to remember to post a gist when I'm home later tonight with a very simple ADAL.js app that successfully authenticates against Yammer. – Jonas Eriksson Jul 12 '16 at 11:51
  • Is this possible with the new v2 app registration? – empz Jul 22 '16 at 04:03
  • So sorry I forgot to post the gist above, but check this out for a very basic but working ADAL.js implementation. Note however that we do not receive the correct CORS headers (i.e. Access-Control-Allow-Origin) when running locally or on any other webserver than hosted in Sharepoint. Locally this can be avoided using --disable-web-security in Chrome. https://gist.github.com/jonaseriksson84/40e0148c0ff22f2d5289815028594fe2 – Jonas Eriksson Jul 27 '16 at 08:16