MSDN Library

Use the Exchange token validation library

Office and SharePoint Add-ins

Learn how to use the EWS Managed API validation library to validate an Exchange identity token.

Applies to: apps for Office | Office Add-ins | Outlook

You can identify the clients of your Outlook add-in by using an identity token that your add-in requests from a server running Exchange Server 2013. The token, formatted as a JSON Web token, provides a unique identifier for an email account on an Exchange server. The Exchange Web Services (EWS) Managed API provides helper classes to simplify the use of the identity token.

To validate an Exchange identity token, you must have the EWS Managed API authentication library and the Windows Identity Foundation (WIF), along with a DLL that extends the WIF with handlers for JSON tokens. Make sure that you download the following resources:

The EWS Managed API validation library provides the AppIdentityToken class to manage the Exchange identity tokens. The following method shows how to create an AppIdentityToken instance and call the Validate method to verify that the token is valid.

// Required to use the validation library.
using Microsoft.Exchange.WebServices.Auth.Validate;

        private AppIdentityToken CreateAndValidateIdentityToken(string rawToken, string hostUri)
                AppIdentityToken token = (AppIdentityToken)AuthToken.Parse(rawToken);
                token.Validate(new Uri(hostUri));

                return token;
            catch (TokenValidationException ex)
                throw new ApplicationException("A client identity token validation error occurred.", ex);

© 2016 Microsoft