Always call getAccessToken when you need an access token. Never cache or store the access token in your client-side code. Requirements and Best Practices Don't cache the access token Because the access token contains identity claims, the server can store information associated with the user's identity such as the user's preferences. Optionally, the add-in can use the token as an access token to make authenticated HTTPS requests to APIs on the server-side.You can use it as an identity token to parse and examine claims about the user, such as the user's name and email address. The token is both an access token and an identity token.The Office host application returns the access token to the add-in as part of the result object returned by the getAccessToken call.Office will cache the token on your behalf so that future calls to getAccessToken simply return the cached token. The Microsoft identity platform returns the access token to Office.The Office host application requests the access token from the Microsoft identity platform for the current user.If this is the first time the current user has used your add-in, they are prompted to consent.Office redirects to the Microsoft identity platform to complete the sign-in process.
If the user is already signed in to Office, the Office host will return the access token with the claims of the signed in user.
0 kommentar(er)
