Using SAML 2.0 assertion to get access token for Microsoft graph api

Question

We are using a .net mvc application which uses SAML 2.0 SSO login to authenticate user to the application and it's working fine. Now we need an access token on behalf of the authenticated user to access Microsoft graph api ( access to share point ). I am new to SAML 2.0 and wondering if we can use the assertion received as SAML response to SSO login to get an access token.

Thanks in advance!!

score 0 · Answer 1 · answered Oct 12 '22 at 19:17

If you want to access token on behalf of the authenticated user ,you have to use MSAL , On-behalf-of provider , when your application calls a service/web API which in turns calls the Microsoft Graph API.

please see the doc for more info - https://learn.microsoft.com/en-us/graph/sdks/choose-authentication-providers?tabs=CS#on-behalf-of-provider

Hope this helps

thanks

Using SAML 2.0 assertion to get access token for Microsoft graph api

1 Answers1