Microsoft OAuth

JsWorkflows provides a platform-managed Microsoft OAuth app — you do not need to register an Azure application or provide credentials.

Available scopes

Resource	Operation	Scope
Outlook Mail	Read mail	Mail.Read
Outlook Mail	Send mail	Mail.Send
Outlook Mail	Read & write mail	Mail.ReadWrite, Mail.Send
OneDrive	Read files	Files.Read
OneDrive	Read & write files	Files.ReadWrite
Outlook Calendar	Read calendar	Calendars.Read
Outlook Calendar	Read & write calendar	Calendars.ReadWrite
Outlook Contacts	Read contacts	Contacts.Read
Outlook Contacts	Read & write contacts	Contacts.ReadWrite
User Profile	Read profile	User.Read

Connecting

1. Go to OAuth Connections → Add Connection → Microsoft.
2. Select the resources and operations your workflow needs.
3. Sign in with your Microsoft account and grant the requested permissions.
4. Give the connection a handle (e.g., my-microsoft).

Access tokens are refreshed automatically when they expire.

Example — send an email via Outlook

class Workflow {
  async start(data, headers, api) {
    const { token, error } = await api.getOAuthToken('my-microsoft');
    if (error) { api.log('OAuth error:', error); return; }

    await fetch('https://graph.microsoft.com/v1.0/me/sendMail', {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'Authorization': `Bearer ${token}`,
      },
      body: JSON.stringify({
        message: {
          subject: `Order ${data.name} confirmed`,
          body: { contentType: 'Text', content: `Thank you for your order of ${data.total_price} ${data.currency}.` },
          toRecipients: [{ emailAddress: { address: data.email } }],
        },
      }),
    });
  }
}

Example — upload a file to OneDrive

const { token } = await api.getOAuthToken('my-microsoft');
await fetch('https://graph.microsoft.com/v1.0/me/drive/root:/reports/orders.csv:/content', {
  method: 'PUT',
  headers: {
    'Content-Type': 'text/csv',
    'Authorization': `Bearer ${token}`,
  },
  body: csvString,
});