My add in has been set up on Azure for Application authentication , but i am having problems writing this in javascript to get my authentication token to then call the Graph API without the need for the user to sign in via the pop up modal that appears (i had previously written it so the pop up modal appears, the user signs in and all Graph API calls work ok, but a scenario where a user doesnt have to sign in is much smoother and a better user experience. Previous way included below)
const msalConfig = {
auth: {
clientId: "cID", // Client Id of the registered application
redirectUri: "https://localhost:111", // debug
}
};
const graphScopes = ["user.read", "user.readWrite", "mail.send", "mail.send.shared", "mail.readWrite"/*, "files.readWrite.All"*/]; // An array of graph scopes
const msalApplication = new Msal.UserAgentApplication(msalConfig);
const options = new MicrosoftGraph.MSALAuthenticationProviderOptions(graphScopes);
const authProvider = new MicrosoftGraph.ImplicitMSALAuthenticationProvider(msalApplication, options);
const options2 = {
authProvider // An instance created from previous step
};
const Client = MicrosoftGraph.Client;
var client = Client.initWithMiddleware(options2);
I am looking through some microsoft docs, and they say in order to get this working without the need for user sign in, i am to include the client secret in my POST to get the authentication token? Am i looking into the wrong docs because that is something i cannot include in the JS for security reasons surely?
See below the doc im following
https://learn.microsoft.com/en-us/graph/auth-v2-user
Any insight is much appreciated, thanks!
