Getting started with OutSystems and Microsoft Graph — Delegated Permissions

What is OutSystems?

What is Microsoft Graph?


The Microsoft Login Connector Forge component

The Microsoft Graph API To-do Tasks Forge component

What you need

What we will do

  • Add application configuration in your Azure AD to let user’s login from your OutSystems application.
  • Configure Microsoft Login Connector and your application login flow.
  • Retrieve access token and use it to perform Microsoft Graph API To-do Tasks operations.

Step by Step

App Registrations search
  • Provide a meaningful name for your application
  • Select Accounts in this organizational directory only. (we only want to allow users from our own organization and not from others)
  • Under Redirect URI select Web from the dropdown and enter https://<your OutSystems environment>/MicrosoftLoginConnectorReactive/CallbackPage
  • Click on Register
Register application
Client and Tenant Id
Client Secret is created under Value
  • Delegated — your application accesses the API as the signed in user.
  • Application — your application accesses the API
  • Tasks.ReadWrite
  • Click on Add a permission
  • Select Microsoft Graph and Delegated permission
  • From the list of permissions select Tasks > Tasks.ReadWrite
  • Click on Add permissions
Application permissions
  • Client Id and Tenant Id from Step 2
  • Client Secret from Step 3
Espaces Assignment
Resource assignment
  • GetOAuth2AuthenticationUrl from MicrosoftLoginConnectorReactive module
  • GetOAuth2LogoutUrl from MicrosoftLoginConnectorReactive module
MicrosoftLoginConnectorReactive Dependencies
  • GetUserToken from MicrosoftLoginConnectorCore module
  • GetUserInfoByUserId from MicrosoftLoginConnectorCore module
  • OAuthProvider static entity from MicrosoftLoginConnectorCore module
MicrosoftLoginConnectorCore Dependencies
  • Set EspaceName to GetEntryEspaceName()
  • Set OAuthProviderId to Entities.OAuthProvider.AzureAd
OnException flow
DoLogout flow
  • Lookup the used Azure E-Mail address for the current user
  • Use that E-Mail address to get the cached access token
  • Raise an exception if the current user does not have a cached access token.
  • Add the GetUserInfoByUserId server action from the MicrosoftLoginConnectorCore module. For the UserId parameter use GetUserId().
GetUserInfo configuration
  • Add an If statement with condition GetUserInfoByUserId.UserDoesNotHaveToken
No token if statement
  • On the true branch of the if statement add a Raise Exception with a new User Exception. Name that exception TokenException. As message you can use something like “The user does not have an access token”
TokenException configuration
  • On the false branch add the server action GetUserToken from MicrosoftLoginConnectorCore module. Configure as follows
  • Assign the token result from GetUserToken to the output parameter.
GetOAuthToken flow
  • In your MainFlow UI Flow add a new On Exception Action (you can also modify the general OnException in Common UI flow).
  • Configure the Exception Handler to handle the TokenException.
TokenException Handler
  • Add GetOAuth2AuthenticationUrl client action from MicrosoftLoginConnectorReactive module and configure it
  • Exchange the default End with a RedirectToUrl destination set to the output Url of the GetOAuth2AuthenticationUrl action.
RedirectToURL configuration
  • In your application add a new dependency to the Graph_TodoTasks_IS module. Select at least the Graph_TaskListList operation or everything if want to extend your application further. (From Microsoft Graph To-do Tasks Forge component)
To-do tasks dependencies
  • Add a new Data action to your Start screen (GetTaskLists)
  • Set the output parameter (e.g. List) to a List of TaskList_Result
  • Add the GetOAuthToken server action to the flow
  • Add Graph_TaskListList from Graph_TodoTasks_IS module to the flow and configure it
TaskListList configuration
  • Add an if statement with the following condition
  • Raise a new exception GraphException on the true branch
  • Assign the result of the Graph_TaskListList action to the output parameter of your data action.
GetTaskLists flow
  • Drag-and-Drop the List output parameter of your data action to the main content area of the screen to scaffold a table.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Stefan Weber

Stefan Weber

Head of Citizen Development & Low Code Practice at ISD FENIQS.