active-directory-dotnetcore-devicecodeflow-v2 | NET Core console application letting a user acquire | Azure library
kandi X-RAY | active-directory-dotnetcore-devicecodeflow-v2 Summary
kandi X-RAY | active-directory-dotnetcore-devicecodeflow-v2 Summary
This sample demonstrates how to leverage MSAL.NET from apps that do not have the capability of offering an interactive authentication experience. It enables these apps to:. The sample uses the OAuth2 device code flow. The app is built entirely on .NET Core, hence it can be ran as-is on Windows (including Nano Server), OSX, and Linux machines. To emulate a device not capable of showing UX, the sample is packaged as a .NET Core console application. The application signs users in with Azure Active Directory (Azure AD), using the Microsoft Authentication Library for .NET (MSAL.NET) to obtain a JWT access token through the OAuth 2.0 protocol. The access token is then used to call the Microsoft Graph API to obtain information about the user who signed-in. The sample is structured so that you can call your own API. If you would like to get started immediately, skip this section and jump to How To Run The Sample.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of active-directory-dotnetcore-devicecodeflow-v2
active-directory-dotnetcore-devicecodeflow-v2 Key Features
active-directory-dotnetcore-devicecodeflow-v2 Examples and Code Snippets
async Task GetTokenForWebApiUsingDeviceCodeFlowAsync()
AuthenticationResult result;
try
{
result = await app.AcquireTokenWithDeviceCodeAsync(Scopes,
deviceCodeCallback =>
{
Console.Write
git clone https://github.com/Azure-Samples/active-directory-dotnetcore-devicecodeflow-v2.git
Community Discussions
Trending Discussions on active-directory-dotnetcore-devicecodeflow-v2
QUESTION
I have a console application that I use for authenticating the user and then calling a web API. I am using this Microsoft library for acquiring token, active-directory-dotnetcore-devicecodeflow-v2, I registered both of my console application and API in Azure AD and gave the permissions and role needed based on this doc : GitHub readme, so I have permissions like below in my console app registration in Azure.
Now when I add the new scope "http://{domain}/Migratory.API/api.access"
in the list of scopes and call the "AcquireATokenFromCacheOrDeviceCodeFlowAsync"
method , there are some conflicts :
If I call the method for the first time, it would call the "GetTokenForWebApiUsingDeviceCodeFlowAsync"
and the result does not contain my scope, it contains only the "User.Read , User.ReadBasic.All, All profile openid email"
, but if I call the method again, this time it would call the "AcquireTokenSilent"
method and this one only has the "http://{domain}/Migratory.API/api.access"
in scopes .As a result it would generate two different tokens which I don't understand why.
Any idea how should I fix this or where I am doing wrong? thanks
...ANSWER
Answered 2021-May-14 at 10:06The first token you get is used to call ms graph api, User.Read User.ReadBasic.All profile openid email
these are the permissions of graph api, so the token is obviously Not for you. Your second token is what you need.
By the way, the permissions for these two different api resources cannot appear in one token at the same time, because one token can only call one api resource.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install active-directory-dotnetcore-devicecodeflow-v2
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page