In this PnP Webcast, we concentrate on how to secure traffic from SharePoint Framework solution towards an external API hosted in Azure. Technically similar process does work with other platforms as well, but Azure is typically used as customization platform also for solutions hosted in SharePoint Online. Webcast demo concentrates showing securely calling an Azure function from client-side web part, but you can absolutely also securely call WebAPIs using similar pattern.

It's important to notice that showed pattern only takes care of the authentication and there's no consent flow, like typically when Adal.js would be used. This means that traffic from SharePoint Online towards the custom API is secure, but external API cannot directly use the identify of a caller. Typically, in these kinds of scenarios you either use app-only or specific service account. Shown pattern enables for example scenarios where you'd like to integrate SharePoint Online UI to your Line-Of-Business applications by showing information directly in the SharePoint Online UIs. You can call for example WebAPI hosted in Azure, which can then for example use Service Bus to call even back to on-premises for Line-Of-Business application access. 

Presentation covers following topics:

• adal.js challenges with SharePoint Framework
• Alternative way to securely call APIs secured with Azure Active Directory
• SharePoint Framework and backend services - Logical architecture

Webcast demo shows following things:

• How to securely call Azure function from SharePoint Framework web part
• How Azure function authentication can be controlled
• Required configuration for Azure function for enabling a call from SharePoint Online
• SharePoint Framework client-side web part implementation to call Azure function securely

Webcast presenters: Waldek Mastykarz, Vesa Juvonen 

Presentation used in this web cast is available from http://docs.com/OfficeDevPnP.

Video at YouTube.

Additional resources

See following resources around the covered topics.

• SharePoint Framework client-side webpart sample for calling external services securely - sample
• SharePoint Framework documentation
• SharePoint Framework Tutorials
• Open and Connected Framework - The SharePoint Framework - YouTube
• PnP Webcast - SharePoint Framework and organizational considerations
• PnP Webcast - Provisioning SharePoint assets for your SharePoint Framework solution
• PnP Webcast - Validating SharePoint Framework client-side web part property values
• PnP Webcast - Getting started with SharePoint Framework
• PnP Webcast - Cascading property pane drop-downs with SharePoint Framework
• PnP Webcast - Building multi-view React client-side web parts with SharePoint Framework
• PnP Webcast - Building real time news feed web part with SharePoint Framework
• PnP Webcast - Building multi-view Angular 1.x client-side web parts with SharePoint Framework
• PnP Webcast - Reuse your existing JavaScript libraries with SharePoint Framework
• PnP Webcast - Building a sample search web part with SharePoint Framework using React
• PnP Webcast - Azure AD implicit flow with SPFx client-side web part (developer preview)
• PnP Webcast - CRUD operations with SharePoint Framework client-side web parts
• PnP Webcast - Using Office Graph from SharePoint client-side web parts
• PnP Webcast - Referencing external JavaScript libraries from client-side web part
• PnP Webcast - Building Angular SharePoint Framework client-side web part
• PnP Webcast - Building simple SharePoint Framework Client Web Part
• PnP Webcast - Integrating Angular v1.x to SharePoint Framework client side web part
• PnP Webcast - Getting started with web stack in SharePoint Development
• PnP Webcast - Preparing for SharePoint Framework - What should I learn?
• PnP Webcast - Converting existing JavaScript apps to SharePoint Framework
  
  

What is SharePoint / Office Dev Patterns & Practices (PnP) web cast series?

SharePoint / Office Dev Patterns & Practices (PnP) webcast series covers different patterns, practices and topics around development with Office 365 and SharePoint. Majority of the topics are valid for the Office 365 and SharePoint on-premises. Our objective is to release new around 30 minute long web cast each Monday with few slides and a live demo on the covered topic. All web casts are published at the PnP YouTube channel with additional references on the existing materials.

PnP is community driven open source project where Microsoft and external community members are sharing their learning's around implementation practices for Office 365 and SharePoint on-premises (add-in model). Active development and contributions happen in our GitHub repositories under dev branch and each month there will be a master merge (monthly release) with more comprehensive testing and communications. Latest activities and future plans are covered in our monthly community calls which are open for anyone from the community. Download invite from http://aka.ms/SPPnP-Call. 

This is work done by the community for the community without any actual full time people. It’s been great to find both internal and external people who are willing to assist and share their learning's for the benefit of others. This way we can build on the common knowledge of us all. Currently program is facilitated by Microsoft, but already at this point we have multiple community members as part of the Core team and we are looking to extend the Core team with more community members.

If you have any questions, comments or feedback around PnP program or this blog post, please use the Microsoft Tech Community (SharePoint Developer group).

“Sharing is caring”

Vesa Juvonen, Senior Program Manager, SharePoint, Microsoft - 8th of May 2017