(JavaScript) Azure AD Service-to-service access token request

Send an Azure AD service-to-service token request to get an access token using a shared secret.

For more information, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow#service-to-service-access-token-request

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var http = new CkHttp();

// To see the exact HTTP request sent and the response, set the SessionLogFilename property:
http.SessionLogFilename = "qa_output/chilkatHttpLog.txt";

var req = new CkHttpRequest();

// Set the following request params:
// grant_type 	required 	Specifies the requested grant type. In a Client Credentials Grant flow, the value must be client_credentials.
// 
// client_id 	required 	Specifies the Azure AD client id of the calling web service. 
//     To find the calling application's client ID, in the Azure portal, click Azure Active Directory, click App registrations, click the application. 
//     The client_id is the Application ID
// 
// client_secret 	required 	Enter a key registered for the calling web service or daemon application in Azure AD. 
//     To create a key, in the Azure portal, click Azure Active Directory, click App registrations, click the application, click Settings, click Keys, and add a Key.
//     URL-encode this secret when providing it.
// 
// resource 	required 	Enter the App ID URI of the receiving web service. To find the App ID URI, in the Azure portal, click Azure Active Directory, 
//     click App registrations, click the service application, and then click Settings and Properties.

req.AddParam("grant_type","client_credentials");
req.AddParam("client_id","MY_CLIENT_ID");
req.AddParam("client_secret","MY_CLIENT_SECRET");
req.AddParam("resource","https://service.contoso.com/");

req.HttpVerb = "POST";
req.ContentType = "application/x-www-form-urlencoded";

var resp = new CkHttpResponse();
success = http.HttpReq("https://login.microsoftonline.com/<tenant_id>/oauth2/token",req,resp);
if (success == false) {
    console.log(http.LastErrorText);
    return;
}

var respStatusCode = resp.StatusCode;
console.log("Response Status Code = " + respStatusCode);

var json = new CkJsonObject();
json.EmitCompact = false;
json.Load(resp.BodyStr);
console.log("Response JSON:");
console.log(json.Emit());

if (respStatusCode >= 400) {
    console.log("Response Header:");
    console.log(resp.Header);
    console.log("Failed.");
    return;
}

// Sample response:

// {
//   "token_type": "Bearer",
//   "expires_in": "3599",
//   "ext_expires_in": "3599",
//   "expires_on": "1570059833",
//   "not_before": "1570055933",
//   "resource": "https://adminchilkatsoft.onmicrosoft.com/eb1b8ced-76b7-4845-aec5-d3e91776e345",
//   "access_token": "eyJ0eXAiO ... pmgw"
// }

// To get the items from the JSON....
var token_type = json.StringOf("token_type");
var expires_in = json.StringOf("expires_in");
var ext_expires_in = json.StringOf("ext_expires_in");
var expires_on = json.StringOf("expires_on");
var not_before = json.StringOf("not_before");
var resource = json.StringOf("resource");
var access_token = json.StringOf("access_token");