Office365 - app authentication without user consent
We've been working with EWS Managed Services for a while, however we would like to migrate to using the RESTful API for Office 365.
Is it possible that an app can access all of our user data without their consent? We have our own application that we would like to receive some O365 / Sharepoint data for our users. Using SSO is not really an option as we don't want our users to give consent (we assume they already give). Specifically, we want to access calendars and mail.
Are these Service Level / Application Level accounts available on the O365? I think I read recently that they are in the roadmap, but I haven't seen anything since then.
Wouldn't it be better if we continued to use impersonation with EWS until it's ready? (For some reason, EWS is excruciatingly slower when fetching data, meanwhile our tests with OO45 SSO are much faster, but we don't want SSO).
Sorry if this doesn't qualify for SA questions. Thank.
EDIT. Daemon and Service Apps are now available in Office365. Check this link.
source to share
Application-level authentication coming soon. Basically, the organization administrator will have to agree to allow the application to access mailboxes in their organization, then you can authenticate as an application, rather than acting on behalf of individual users.
I would say keep working on your prototype using the user consent model that is currently in place and follow our blog or my Twitter account (@JasonJohMSFT) for an announcement for app-level authorization.
source to share