Microsoft Graph Authentication

I am using UiPath to automate processes within our company. Since UiPath supports the DotNet Framework, I am trying to send a REST Request from UiPath to our Rest API, which runs on Azure.

To create the Request i therefore need to authenticate the user with the Microsoft Graph Authenticator. Since I am very new to online Services, I take my information from here (Get access on behalf of a user - Microsoft Graph | Microsoft Learn). Because I am using UiPath I can not use any functions, therefore I have 2 activities, which create an authentication request to generate the authentication code. After this, the authentication code is used to generate my access token.

The Problem is, that UiPath natively does not open the authentication dialog, when I want to fetch my authentication code. Is there a way to force to open the Microsoft Graph Authenticator and return the authentication code in UiPath?

My Activities look like this:

var authCodeClient = new RestClient("https://login.microsoftonline.com/{tenant-id}/oauth2/authorize?resource={resource-id}");
var authCodeRequest = new RestRequest(Method.POST);
authCodeRequest.AddHeader("Content-Type", "application/x-www-form-urlencoded");

authCodeRequest.AddParameter("client_id", "{client-id}");
authCodeRequest.AddParameter("redirect_uri", "{callback-uri}");
authCodeRequest.AddParameter("response_mode", "query");
authCodeRequest.AddParameter("response_type", "code");

IRestResponse authCodeResponse= authCodeClient.Execute(authCodeRequest);
Code = authCodeResponse.Content.Code;
Console.WriteLine(Code);

And:

var tokenClient = new RestClient("https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token");
var tokenRequest = new RestRequest(Method.POST);
tokenRequest.AddHeader("Content-Type", "application/x-www-form-urlencoded");
tokenRequest.AddHeader("Host", "login.microsoftonline.com");

tokenRequest.AddParameter("client_id", "{client-id}");
tokenRequest.AddParameter("code", Code);
tokenRequest.AddParameter("redirect_uri", "{callback-uri}");
tokenRequest.AddParameter("client_secret", "{client-secret}");
tokenRequest.AddParameter("grant_type", "authorization_code");


IRestResponse token = tokenClient.Execute(tokenRequest);
dynamic data = JObject.Parse(token.Content);
Bearer = data.access_token;
Console.WriteLine(Bearer);

Currently the Response from the first activity returns the HTML for the Authentication, but I did not find a way to directly display this information AND return the needed code. The Request works in Postman, so the only problem I have is the integration in UiPath.

For Reference: This (Microsoft Office 365 - RPA Component | UiPath Marketplace) Component does not support API calls such a manner.

I hope someone can help me, thank you!

Hey Zumpel,

you should actually use the Microsoft Office 365 Activities to do so. Gives you way more interaction capability and you don’t have to maintain it yourself.

Unfortunately they do not provide a setting for the Application Secret in their Microsoft Office 365 Scope. This is a problem for me. But I don’t see you using it. So go ahead

Regards,
Bob

any solution of this question???

I used an Invoke Code in C# and I managed to make it work to run unattended with no user interaction, but the user needs to consent first (it can be via browser, see my URL in the post) or an Admin can grant content to all users to that App.

This is my code used in UiPath:

Code inside:

string[] scopes = new string[] {
scope
 };
 var app = Microsoft.Identity.Client.PublicClientApplicationBuilder.Create(clientId)
   .WithTenantId(tenantId)
   .Build();
 Microsoft.Identity.Client.AuthenticationResult result =  app.AcquireTokenByIntegratedWindowsAuth(scopes)
   .ExecuteAsync().Result;
accessToken = result.AccessToken;
expiresOn = result.ExpiresOn;

my scope is = https://graph.microsoft.com/.default
and arguments used:

image711×232 10.8 KB

my setup in Azure, configured together with an Administrator of Azure:

• redirect URLs for UiPath (mandatory) and for Postman (optional)
  
• allow public client
  
  

  image813×525 24.1 KB
• all needed permissions granted by the Admin:
  
  

  image849×294 16 KB

To be able to run it unattended the user has to consent it for the first time.
To do that the user can put in the browser the following URL.

https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize?client_id={clientid}&response_type=code&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient&response_mode=query&scope=https://graph.microsoft.com/.default&state=12345

You will notice the authorization code generated in the url if authentication was successful. That code can be used for generating an access token.

image726×142 8.39 KB

You can run both requests even easier from Postman, but you have to import their collection Use Postman with the Microsoft Graph API - Microsoft Graph | Microsoft Learn.

@Vishnu_Pradhaban - Did you try https://docs.uipath.com/activities/other/latest/productivity/microsoft-office-365-scope? it is also using the GraphAPI integration to connect to all 365 related activity. You can use Client ID, Application ID and Client Secret ID and it will not ask for any authentication while at run time. So you can use this for unattended automation.

Let me know if you have any question.