Obtaining user consent (iOS)

  • Article

This topic describes how an app requests permission from the user to access data that the user has stored on Microsoft OneDrive.

In this article
Prerequisites
Step 1: Request initial scopes
Step 2: Request additional scopes
Step 3: Get a list of current permissions

In order for your app to access a user's data, the signed-in user must consent to letting the app access that data. The Live SDK divides this consent into categories, called scopes.

Some common scopes that your app might want to request are:

  • wl.basic Allows access to a user's basic info.

  • wl.emails Allows access to a user's email addresses.

  • wl.photos Allows access to a OneDrive user's photos.

Note

We recommend that you limit the number of scopes you request at any given time to the smallest number necessary to perform a task.

If a user chooses to use a feature that requires a scope that your app doesn't currently have permission to access, your app must get consent for the new scope from the user.

The Live SDK use OAuth 2.0 to enable users to sign in and provide consent to your app. When a user signs in to your app, he or she is redirected to a window that is hosted by the Microsoft account authorization web service.

After the user grants permission to access his or her data, your app can begin working with the user's information.

Prerequisites

The user must be signed in with a Microsoft account. To learn how to sign users in from your app, see Signing users in.

Step 1: Request initial scopes

If you're using Objective-C, you can set the initial scopes in an instance of the login:scopes:delegate:UserState method of the LiveConnectClient interface, like this.

if ([userState isEqual:@"viewDidLoad"])
{
    [self.infoLabel setText:@"Initialized."];
    [self.liveClient login:self 
                    scopes:[NSArray arrayWithObjects:@"wl.signin", nil] 
                  delegate:self 
                 userState:@"signin"];
}

Step 2: Request additional scopes

If the user has not consented to the scopes needed to access specific info, your app can request additional scopes.

- (IBAction)onClickSignInButton:(id)sender {
    if (self.liveClient.session == nil)
    {
        [self.liveClient login:self 
                        scopes:[NSArray arrayWithObjects:@"wl.signin", nil ] 
                      delegate:self 
                     userState:@"signin"];
    }
    else
    {
        [self.liveClient logoutWithDelegate:self 
                                  userState:@"signout"];
    }
}

- (void) authCompleted:(LiveConnectSessionStatus)status 
               session:(LiveConnectSession *)session 
             userState:(id)userState
{   
    [self updateButtons];
    if (session != nil) {
        self.statusLabel.text = @"You are signed in.";
    }
}

- (void) authFailed:(NSError *)error userState:(id)userState
{
    // Failed. 
}

- (void) updateButtons {
    LiveConnectSession *session = self.liveClient.session;
    NSString *signInButtonText = (session == nil)? @"Sign in": @"Sign out";
    [self.signInButton setTitle:signInButtonText 
                       forState:UIControlStateNormal];
}

Step 3: Get a list of current permissions

This example returns a list of permissions, representing scopes that the user has already consented to.

- (void) displayScopes: (LiveConnectSession *) session
{    
    self.displayLabel.text = [session.scopes componentsJoinedByString:@","];
}