Presentation used for SharePoint PnP webcast around calling enterprise applications securely from SharePoint Framework using AadHttpClient class, which is introduced within SPFx v1.4.1.
2. Logical architecture and flow for calling enterprise applications from SPFx
SharePoint
Online
Client-side web part
Azure
Active
Directory
Custom
WebAPI
"SharePoint Online Client“
Permissions - xyz
Tenant administrator configures what
permissions are available for the
AadHttpClient by configuring
permissions to specific pre-provisioned
application in the Azure Active Directory.
1
2
3
3. Even though API is
hosted in the same
Azure AD, there’s
no access to it by
default
Granted
permissions for the
API apply to all
customizations
running in the
tenant
You will need to
have tenant
administration
permission to grant
access to APIs