From then on, your sever uses the id_token and refresh_token to operate without the user being online (this the term "offline_access").
The first time a user will need to authenticate and configure (i.e. A common example would be syncing calendars. Once you have an id_token and refresh_token, you can use these values to interact with O365 on the end-user's behalf. Refresh tokens can be used even if the end-user is off line (there is no UX involved). This will give you both an id_token that can be used to hit the Office APIs as well as a refresh_token that you can use to get a new id_token when the existing token expires. You should be executing an OAUTH Code Grant workflow and adding "openid" and "offline_access" to your scopes. Offline does not mean "disconnected from the internet" but rather that the end-user is "offline" from your app (not able to interact with a UX). This workflow requires the "offline_access" scope.
I assume you are looking to access a user's data via a backend process. Where prompted at the Microsoft sign in page, enter your new TU Dublin account user name (this is the same as your tudublin.ie email address) and click Next. As soon as you get into the business of storing credentials, you own responsibility for securing those credentials. The purpose of OAUTH is to protect both your and your users.
0 kommentar(er)
