[Microsoft Login Connector Management] Passing scope while adding new application
Forge component by Vincent Koning
Application Type
Reactive

I am trying to get oAUTH based Azure AD authentication working in my reactive application within Outsystems. I have followed the steps and added the application to the MS Login Connector Management UI. However, the validation of the token is failing when validated by an upstream system due to the fact that "scope" wasn't sent while fetching the token.

I could see that this forge component does have scope as an attribute however no corresponding field on the UI to set it. 

Please advise.

Hi Rakesh, there is a Scope input parameter for the LoginButton. Hope this is what you are looking for.

ScopeImage.png

Hi Ahmad,

What I am trying to do is, while fetching the access token , send the scope as well. From what I could see, the scope is an attribute of MS Login connector management UI. Finally in the MS Login connector core, i could see an entity TokenRequest which seems to have "User.Read" as the scope. However the scope provided by Azure seems to be api://XXXXXXXXXXX/access-as-user. So unsure on how to set it .

Also, I am unable to find the LoginButton block in my LoginConnectorReactive module.

Hi Rakesh,

There is no login button widget for the Reactive version. You will need to build the login process yourself. This is very easy. Just use the GetOAuthAuthenticationURL action. Use the following setup;

Then use the RedirectToURL widget and let it use the returned URL. Like this;


The total flow should look like this;


This will let you login users via oAuth. Note that there is no Scope property since the version of oAuth we are using only supports one Scope so it is hard coded (for now). 

Hope this helps.

Greetings,

Vincent

Hi Vincent,

Thanks a lot for the info. Is there a way to pass scope configured on Azure AD using this plugin or would you be able to help with an alternate option ?

Regards

Rakesh.V

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.