# Auth

There are 2 steps for connecting a Microsoft Outlook account. The first step is to request a Microsoft OAuth URL.

## Get OAuth URL

<mark style="color:blue;">`GET`</mark> `https://api.pyas.io/microsoft/oauth`

#### Query Parameters

| Name                                    | Type   | Description                |
| --------------------------------------- | ------ | -------------------------- |
| email<mark style="color:red;">\*</mark> | String | a user's email address     |
| state                                   | String | optional application state |

#### Headers

| Name                                        | Type   | Description |
| ------------------------------------------- | ------ | ----------- |
| x-api-key<mark style="color:red;">\*</mark> | String | API key     |

{% tabs %}
{% tab title="200: OK OAuth URL was generated successfully" %}

```json
{
    "success": true,
    "url": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=..."
}
```

{% endtab %}

{% tab title="400: Bad Request no email address param was provided" %}

```json
{
    "errors": [
        {
            "msg": "Invalid value",
            "param": "email",
            "location": "query"
        },
        {
            "msg": "a valid email is required.",
            "param": "email",
            "location": "query"
        }
    ]
}
```

{% endtab %}

{% tab title="400: Bad Request Invalid email address provided" %}

```json
{
    "errors": [
        {
            "value": "bademail",
            "msg": "a valid email is required.",
            "param": "email",
            "location": "query"
        }
    ]
}
```

{% endtab %}

{% tab title="401: Unauthorized Invalid or no api key provided" %}

```json
{
    "error": "Unauthorized. Invalid API key."
}
```

{% endtab %}
{% endtabs %}

## Connect Account

The next step is to connect the account. After you get an OAuth URL, you should direct your user to that URL in the browser. The user will then have to authorized/allow access on the OAuth screen. Once the user allows access, Microsoft will redirect the user back to whatever redirect URL that you've set in Pyas. The URL will contain a `code` parameter, which you will need to use in the connect request.

<figure><img src="/files/lvixdFCmegkz92clqwcy" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/3NmlXD1zFLG55zfKDyih" alt=""><figcaption></figcaption></figure>

## Connect Account

<mark style="color:green;">`POST`</mark> `https://api.pyas.io/microsoft/connect`

#### Headers

| Name                                        | Type   | Description |
| ------------------------------------------- | ------ | ----------- |
| x-api-key<mark style="color:red;">\*</mark> | String | API key     |

#### Request Body

| Name                                   | Type   | Description                        |
| -------------------------------------- | ------ | ---------------------------------- |
| code<mark style="color:red;">\*</mark> | String | code returned from Microsoft OAuth |
| name<mark style="color:red;">\*</mark> | String | user's full name                   |

{% tabs %}
{% tab title="200: OK Account connected successfully" %}

```json
{
    "success": true,
    "data": {
        "account": {
            "accountId": "03fdd65-d25f-4f00-94e3-9c23ea99738-56321c14",
            "email": "example@outlook.com",
            "name": "Jon Snow",
            "provider": "microsoft",
            "status": "active",
            "scopes": [
                "openid",
                "offline_access",
                "profile",
                "https://graph.microsoft.com/User.Read",
                "https://graph.microsoft.com/Calendars.Read",
                "https://graph.microsoft.com/Calendars.Read.Shared",
                "https://graph.microsoft.com/Calendars.ReadWrite",
                "https://graph.microsoft.com/Calendars.ReadWrite.Shared",
            ]
        }
    }
}
```

{% endtab %}

{% tab title="400: Bad Request invalid code" %}

```json
{
    "success": false,
    "error": "invalid_grant",
    "code": 400
}
```

{% endtab %}

{% tab title="400: Bad Request no code provided" %}

```json
{
    "errors": [
        {
            "msg": "a code is required.",
            "param": "code",
            "location": "body"
        },
        {
            "msg": "code must be a string.",
            "param": "code",
            "location": "body"
        }
    ]
}
```

{% endtab %}
{% endtabs %}

**Note:** Be sure to save the <mark style="color:blue;">`accountId`</mark> returned from the successful connect request. You will need it in order to access the user's Outlook calendar.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pyas.io/rest-api-reference/microsoft-outlook/auth.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.