Retrieve token when authenticated against Azure AD

Hi,


I hope somebody can help me with an issue I have at this moment. We already configured that the authentication should be based on Azure AD (OS 11): https://success.outsystems.com/Documentation/11/Developing_an_Application/Secure_the_Application/End_User_Management/End_Users_Authentication/Configure_Azure_AD_Authentication?utm_source=ost-outsystems+tools&utm_medium=ost-users&utm_campaign=ost-docrouter&utm_content=ost-helpid-30209&utm_term=ost-contextualhelp

 

The authentication part is working fine, but now we want to use our Azure AD authentication to make a REST call  to an SAP system. The question is how to retrieve the access token that can be used to execute the REST call.


I’ve read some blogs about the MicrosoftLoginConnector, but this seems overkill to me (as I am already authenticated). I tried to use this connector to get the token anyway, but then I get the message that the user has no token.

 

And now I’m confused… Because I’m authenticated, I expect that somewhere in my session there is a token which I can use.  I hope that somebody can explain me what I’m doing wrong.

 

Regards,

Peter


Hi, 


As far as i know, it is not possible to retrieve this token with the built-in Azure AD authentication. So your solution would be correct, to use the microsoft Login connector, which will supply a token after logging in.

The native authentication mechanism of OutSystems is via the SAML protocol. SAML doesn't allow to retrieve tokens for access to external systems. You need to authenticate with the oAuth2 protocol instead and that is something the Microsoft Login Connector allows. So in your use-case you will need to migrate from the OS native mechanism to something else.

You can read a bit more of the differences between the different protocols here: https://www.okta.com/identity-101/whats-the-difference-between-oauth-openid-connect-and-saml/