I’ve opened a topic before for using the expo-app-auth package with Microsoft Azure Login but did not get any solution. Link to the previous topic: Sign in Azure AD using AppAuth package
But now I was able to get the package to work with Microsoft Provider (hotmail, outlook, live …)
The problem was that the Microsoft APIs were not updated to version 2. And here’s the code for the access token response:
This redirect URI is for the Expo Client apps (should be added also in the Azure App Redirect URIs), but in case of standalone apps, it is either the android.package (for Android) or ios.bundleIdentifier (for iOS) value from your app.json. Check the package documentation. The scopes also are according to the required access for your application.
If Microsoft doesn’t allow you to use that from their interface, edit the JSON in the Manifest with the redirect URL. (Microsoft doesn’t appear to allow the ‘@’ symbol)
I figured it out mostly through stubbornness and trial and error.
Not much of a methodology.
Take a look at the AuthSession documentation in the expo docs.
I had used that on another project. Familiarity with AuthSession gave me some insight.
As far as I experienced you will somehow need the user to input their username and password, because how can you sign in without knowing this?
There are options to do this silent or manually, but in the end the user would always need to give up their credentials… After that you can just keep refreshing the tokens in the background, but initially you will need a signin.
There is ways to do the SSO (single sign on) same as google and facebook , without to ask the user for username and passord and just go into the app without any asking.
I look for this sdk integration …i really want someone who had this before.
We implemented the same thing, but you will always need prior consent by the user, which is handled by the popup you can trigger with AuthSession or by implementing as the documentation states a Requesting individual user consent:
* The user of your application must have previously consented to use the application.
* Or, you've provided a way for users to consent to the application. For more information, see Requesting individual user consent.
If done that, you can simple do a POST to the MS AD endpoints to request tokens in the background and renew them.
I am attempting to authenticate via Azure AD via this module:
I have done all that is necessary by registering my app in the AzureAD portal, adding a scheme to my app.json, and such. The ADFS S.S.O. page loads, but after signing in, this page loads: