Can not get signed in email using Office 365 REST API

Asked 24/2, 2016 at 14:39 Answered 25/2, 2016 at 8:2

Solved outlook oauth-2.0 office365 office365api office365-restapi

I followed this post http://dev.office.com/code-samples-detail/2142 and Ruby to get user's email address. Here is the code:

# Parses an ID token and returns the user's email
def get_email_from_id_token(id_token)

  # JWT is in three parts, separated by a '.'
  token_parts = id_token.split('.')
  # Token content is in the second part
  encoded_token = token_parts[1]

  # It's base64, but may not be padded
  # Fix padding so Base64 module can decode
  leftovers = token_parts[1].length.modulo(4)
  if leftovers == 2
    encoded_token += '=='
  elsif leftovers == 3
    encoded_token += '='
  end

  # Base64 decode (urlsafe version)
  decoded_token = Base64.urlsafe_decode64(encoded_token)

  # Load into a JSON object
  jwt = JSON.parse(decoded_token)

  # Email is in the 'preferred_username' field
  email = jwt['preferred_username']
end

This function worked very well, I can get user's email address. But today, this function still works without error but the JSON I got not contain user's email address anymore.
Could someone help me? I want to get user's email address. Thank you !

Kersey answered 24/2, 2016 at 14:39 Comment(0)

Azure deployed a breaking change to the v2 app model, and you don't get user info by default anymore.

You can read all about it here: https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-preview-oidc-changes/, but to summarize:

The openid scope used to give you basic profile info for the user.
That wasn't in line with the OpenID standard
Azure changed to require that you request the profile scope to get access to that information

For that sample, find this bit:

# Scopes required by the app
SCOPES = [ 'openid',
           'https://outlook.office.com/mail.read' ]

And change it to:

# Scopes required by the app
SCOPES = [ 'openid',
           'profile',
           'https://outlook.office.com/mail.read' ]

Gunn answered 24/2, 2016 at 15:1 Comment(3)

Thank you for fast reply. I will try it when I come to company tomorrow. – Kersey 24/2, 2016 at 15:23

Hi we're using the API to grab calendar events and then the email associated with said event. Do we now have to sign up for a paid account to get this? – Coruscation 1/3, 2016 at 22:49

No not at all, you just need to add the profile scope. The "for free" comment was referring to getting the info without asking for it :) – Gunn 2/3, 2016 at 3:14

Please add profile and email in your scope :

SCOPES = [ 'openid', 'profile', 'email', 'https://outlook.office.com/mail.read' ]

Nikola answered 25/2, 2016 at 8:2 Comment(1)

If I dont use mail.read I am not able to get the users' profile info, I dont want to ask for mail read permission – Variform 1/12, 2016 at 19:36

Recommended topics

Hot tags