app-only authentication
bilik opened this issue · 4 comments
Is it possible to use the library to login the application? For example: https://docs.microsoft.com/cs-cz/graph/tutorials/php?WT.mc_id=Portal-Microsoft_AAD_RegisteredApps&tabs=aad&tutorial-step=8
Thans.
There are a few differences from the basic procedure:
- "client_credentials" must be supplemented with the "scope" parameter:
$scope = "$baseGraphUri/.default"; $token = self::$provider->getAccessToken('client_credentials', ['scope' => $scope]);
- [BUG] -
public function getRootMicrosoftGraphUri($accessToken)
function crashes on this token. There is a bug in field lookup and it is necessary to pass null instead of token.
$tenant = array_key_exists('tid', $idTokenClaims) ? $idTokenClaims['tid'] : $this->tenant; $version = array_key_exists('ver', $idTokenClaims) ? $idTokenClaims['ver'] : $this->defaultEndPointVersion;
If "$idTokenClaims" is null, which is a valid value, the array_key_exists function will throw an exception.
Hello, sorry for late reply.
I believe it should be possible - see sample here: https://github.com/TheNetworg/DreamSpark-SSO/blob/master/cron.php#L25
I understand that you are trying to use v2.0 endpoint with Microsoft Graph which requires scope, there might be some changes required to enable this behavior.