0

In my app I want to integrate Azure loging and get the email id and send to my server. I have done this so far and from this I can get the access token.

- (void)acquireTokenInteractive:(id)sender
 {
ADTestAppSettings* settings = [ADTestAppSettings settings];
NSString* authority = [settings authority];
NSString* resource = [settings resource];
NSString* clientId = [settings clientId];
NSURL* redirectUri = [settings redirectUri];
ADUserIdentifier* identifier = [self identifier];
ADCredentialsType credType = [self credType];

BOOL validateAuthority = _validateAuthority.selectedSegmentIndex == 0;

ADAuthenticationError* error = nil;
ADAuthenticationContext* context = [[ADAuthenticationContext alloc] initWithAuthority:authority
                                                                    validateAuthority:validateAuthority
                                                                                error:&error];
if (!context)
{
    NSString* resultText = [NSString stringWithFormat:@"Failed to create AuthenticationContext:\n%@", error];
    [_resultView setText:resultText];
    return;
}

[context setCredentialsType:credType];

if ([self embeddedWebView])
{
    [context setWebView:_webView];
    //[_authView setFrame:self.view.frame];

    [UIView animateWithDuration:0.5 animations:^{
        [_acquireSettingsView setHidden:YES];
        [_authView setHidden:NO];
    }];
}

__block BOOL fBlockHit = NO;

[context acquireTokenWithResource:resource
                         clientId:clientId
                      redirectUri:redirectUri
                   promptBehavior:[self promptBehavior]
                   userIdentifier:identifier
             extraQueryParameters:nil
                  completionBlock:^(ADAuthenticationResult *result)
{
    if (fBlockHit)
    {
        dispatch_async(dispatch_get_main_queue(), ^{
            UIAlertController* alert = [UIAlertController alertControllerWithTitle:@"Error!"
                                                                           message:@"Completion block was hit multiple times!"
                                                                    preferredStyle:UIAlertControllerStyleAlert];

            [self presentViewController:alert animated:YES completion:nil];
        });

        return;
    }
    fBlockHit = YES;



    dispatch_async(dispatch_get_main_queue(), ^{
        [self updateResultView:result];

        [_webView loadHTMLString:@"<html><head></head><body>done!</body></html>" baseURL:nil];
        [_authView setHidden:YES];
        [self.view setNeedsDisplay];

        [[NSNotificationCenter defaultCenter] postNotificationName:ADTestAppCacheChangeNotification object:self];
    });
}];

}

But how can I retrieve the email id of logged user. Please help me. Thanks

Adrian Hall
  • 7,990
  • 1
  • 18
  • 26
user1960169
  • 3,533
  • 12
  • 39
  • 61

1 Answers1

1

What is the resource you want to access via the access token ? If resource is https://graph.windows.net/,you could use Azure AD Graph API to get the email information of the signed-in user :

GET https://graph.windows.net/me?api-version=1.6
Authorization: Bearer yourAccessToken

If resource is https://graph.microsoft.com/,you could use Microsoft Graph API to get the email information of the signed-in user:

Get https://graph.microsoft.com/v1.0/me
Authorization: Bearer yourAccessToken

In response you could check UserPrincipalName claim value which is an email address that can receive emails

Nan Yu
  • 26,101
  • 9
  • 68
  • 148
  • Hello thank you so much . but im getting an error Access Token missing or malformed. myAccess token is 7 character string. – user1960169 Mar 02 '17 at 06:27
  • my resource is graph.windows.net – user1960169 Mar 02 '17 at 06:33
  • If your access token is only 7 characters long, then there is something wrong. It is a JWT token which is a base64 encoded, digitally signed JSON string which contains info about user ID, roles, scope, who granted the token etc. So it is much, much longer than 7 characters. (1000 bytes more likely). – RasmusW Mar 02 '17 at 08:02
  • 1
    @user1960169 , you could see more code samples [here](http://stackoverflow.com/questions/42538845/authorization-identitynotfound-error-ms-graph-api) – Nan Yu Mar 02 '17 at 10:09