My goal is to get access token
to authorize the users to access microsoft graph api
. Unfortunately, I have to use SAML2
for authentication which can't be use to access Microsoft Libraries. I found this article saying:
The general strategy is to add the OIDC/OAuth stack to your app. With your app that implements both standards you can use a session cookie. You aren't exchanging a token explicitly. You're logging a user in with SAML, which generates a session cookie. When the Graph API invokes an OAuth flow, you use the session cookie to authenticate. This strategy assumes the Conditional Access checks pass and the user is authorized.
What I understand is it is possible to use SAML2 auth token
and authenticate MSAL
to get access token
to be used on calling Microsoft Graph API
and other microsoft libraries. I can't find any session cookie
that mentioned in the article. What I have upon logging into SAML
is assertion, claims (tenantid, object identifier, identity provider) and other claims. Maybe I can use it to authenticate MSAL
? But I can't find any documentation how to achieve it.
I am new in SAML
. Can anyone give light to me.