I am able to use OAuth2 to authenticate using the mechanism described here: http://msdn.microsoft.com/en-us/library/azure/dn645542.aspx - my intention is to allow my 3rd party WebApp to allow users to grant access to their SharePoint content via Azure OAuth. I am able to use the login.windows.net/common/oauth2 endpoints, and having registered my app in Azure, I do indeed get the right callback once the user authentiates, and I am able to post to the token endpoint.
At this point, I have an auth-token that I can use, but I don't know the URL to the user's default (or root) SharePoint site. I am required to provide a 'resource' URI so that authentication can succeed, and if I hard-code this value to a known URL, then it works like a charm. Unfortunately, this makes my application specific to one particular tenant. Far from ideal...
My question is - how can I detect the SharePoint URL to use as the resource parameter for access to - before the user logs-in? Or even better - is there a way to login using OAuth2 that allows me access to SharePoint endpoints, but which does not require me to know what the endpoints are ahead of time?
If not, I don't see how it is possible to write multi-tenant applications with this model. I must be missing something. Help!