To access Office365 Service such as Exchange, it’s useful to use Graph API.Graph API requires OAuth Access Token provided by Azure Active Directory.But id’s so difficult to treat OAuth.At first, we need to get authorization code by accessing authorization code to Authorization Endpoint and to generate Access Token by passing authorization code to Token Endpoint.In Addition, when access token got expired, regenerating Access Token by Refresh Token is required.
Token Binding saves the efforts to do many steps above-mentioned.Token Binding is a kind of HTTP Trigger Binding, Queue Trigger Binding and so on.
Let’s get started.I’ll try this by publishing C# code to Azure Portal from Visual Studio.
In this case, I assume that the registration of App to Azure Active Directory has been already completed.
At first, access Azure Functions Settings, click “Platform features” and click “Authentication / Authorization”.
Switch on “App Service Authentication” and click “Azure Active Directory” located below “Authentication Provider”.
In this case, Azure Active Directory which manages Azure differs from one which manages Office365.Click “Advanced”, type Client ID of Application registered to Azure Active Directory to “Client ID”, type Client Secret of Application registered to Azure Active Directory to “Client Secret”, type ”https://sts.windows.net/[TenantID]’ to “Issuer Uri”, and the click “OK”.
To use Token Binding, installing some libraries is required.Install “Microsoft.Azure.Webjobs.Extensions.AuthTokens” by NuGet Package Manager in Visual Studio.
See the following code which use Token Binding.
The following statement enables Token Binding.OAuth Access Token is set to the variable “graphToken“.
[Token(IdentityProvider = “AAD“, Resource = “https://graph.microsoft.com/“, Identity = TokenIdentityMode.ClientCredentials)]string graphToken
Publish this code to Azure Portal and execute one.You can see Access Token displayed after “Access Token:“.