Im struggling to get Microsoft Graph working as a REST api with Retool. I am trying to return a list of users on my Active Directory into Retool.
I got my app registered onto Azure AD and i was able to query Azure using a bearer token but this expires after 1 hour so i need to properly authenticate Graph with Retool.
Im trying to use Auth2.0. I run Retool on prem. I obviously need the connection to Azure to be secure but if there is an easier secure method vs Auth2.0 im all ears.
I don't really know if what im doing is correct. Example in the scope url i tried adding in the scopes 'Directory.Read.All User.Read.All' which is what i have selected under my API permissions in Azure. Not sure if that is correct. I also tried putting in the scope url https://graph.microsoft.com/.default. Both fail when i try to run them.
Do you mean where the yellow is i need to replace the text 0AUTH2_TOKEN with an actual token from Azure (and if yes where do i get this because the method i was doing when i started off to get a token was expiring after 1 hour).
No what you have there is exactly how it should be done - that is telling retool that when it gets the access_token, to store it in 'OAUTH2_TOKEN' and when subsequent calls are made, it will ptu the actual access_token value in its spot as a header.
As for you token_expiration, thats on the azure side of things - you can either extend it, or use refresh token flow to grab a new one every so often.
Thanks. Looks like the option is missing from the free plan.
If it saves you from constantly having to consent and grant access every hour, please let me know! This has been an annoyance for me for most services on Retool using OAuth 2.0 authentication.
Doing some digging in our backend, it looks like the refresh request for your resource is failing because there's a refresh token missing. You may need to specify offline_access in your "Scopes" field as mentioned here e.g.