Get Access Token with OneDrive API

Question

I am trying to authenticate and to sign to in OneDrive for business in order to get an access token.

I have registered my application in Azure Active Directory and I have got my client_Id and my Client_Secret. Base on the OneDrive API Documentation the next step is to login to get the authorization code that will be used to get the access token. I am able to get the code successfully but the next step is a POST with the following parameters:

POST https://login.microsoftonline.com/common/oauth2/token

Content-Type: application/x-www-form-urlencoded

Parameters:

client_id:  
redirect_uri:   
client_secret:
code:   
resource:   The resource you want to access.  ????

At this point how I am going to know the resource to access, it is not clear what value to send for this parameter.

I am leaving it empty and I am getting a "Access-Control-Allow-Origin" error:

XMLHttpRequest cannot load https://login.microsoftonline.com/common/oauth2/token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:23320' is therefore not allowed access. The response had HTTP status code 400.

This is my code:

 var bodyInfo = {
        client_id: {client_id},
        redirect_uri: {redirect_uri},
        client_secret: {client_secret},
        code: {code},
        grant_type: 'authorization_code',
        resource:?????

    };

    $.ajax({
        url: "https://login.microsoftonline.com/common/oauth2/token",
        type: "POST",
        data: bodyInfo,
        success: function (data, textStatus, jqXHR) {
            window.alert("Saved successfully!");
        },
        error: function (jqXHR, textStatus, errorThrown) {

        }
    });

I would really appreciate any help.

Answer 1

To know the resource you need you should firs use office's discover api (and authenticate to it first):

In most cases, the OneDrive for Business API endpoint URL will not be known. To discovery the endpoint URL, you need to make a call to the Office 365 Discovery API. To authenticate with the discovery API, you need to request an access token for resource https://api.office.com/discovery/. Make sure to include the trailing / character, otherwise your app will be denied access to the discovery API.

Then you need to get the service data (step 3)

GET https://api.office.com/discovery/v2.0/me/services
Authorization: Bearer {access_token}

The access token should be on the response for step 2.

The response should be like this:

{
  "@odata.context": "https:\/\/api.office.com\/discovery\/v1.0\/me\/$metadata#allServices",
  "value": [
    {
      "@odata.type": "#Microsoft.DiscoveryServices.ServiceInfo",
      "capability": "MyFiles",
      "serviceApiVersion": "v2.0",
      "serviceEndpointUri": "https:\/\/contoso-my.sharepoint.com\/_api\/v2.0",
      "serviceResourceId": "https:\/\/contoso-my.sharepoint.com\/"
    }
  ]
}

An then you should find the serviceResourceId (inside the json object on the value array), and use it to get the proper token for one drive (step 4).