adal

I had an app that used MSAL and the v2.0 endpoint to sign in users and get token. I recently changed it to ADAL and the normal AAD endpoint (also changing the app), and now when I try to use the GraphService I get the following error: Current authenticated context is not valid for this request My user is admin All permissions have been delegated The token is successfully retrieved Here is the code I use: public static GraphServiceClient GetAuthenticatedClient() { GraphServiceClient graphClient = new GraphServiceClient( new DelegateAuthenticationProvider( async (requestMessage) => { string

So im building a ASP.NET web app that uses ADAL with Office 365 but I would like to have ADAL save the tokens so that the user will not have to log into Office each Session. I've looked all over the place and have figured out how to implement a token cache but I still don't know how to create the token with the current Users info so that I can retrieve it. Im sure it's as simple as adding a argument to one of the AcquireToken methods but I cant find out how. For referance this is what I have so far in terms of ADAL Uri authUri = await authContext.GetAuthorizationRequestUrlAsync(scopes,null,

If I specify a redirect URI in my OpenIdConnectAuthenticationOptions like so app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = clientId, Authority = Authority, PostLogoutRedirectUri = postLogoutRedirectUri, RedirectUri = redirectUri, Notifications = new OpenIdConnectAuthenticationNotifications() { AuthenticationFailed = context => { context.HandleResponse(); context.Response.Redirect("/Error?message=" + context.Exception.Message); return Task.FromResult(0); } } }); Then I get an infinite re-direct loop. This only happens though when i put it on and

Cheers, I'm looking for some clarification regarding authentication libraries for use with Azure AD, particularly regarding the differences between Microsoft.AspNetCore and Microsoft.IdentityModel based libraries. I am implementing an Api in .net core for which authentication will be managed with Azure Active Directory (AAD). Based on the needs of the application I am looking to use the original (v1) endpoint with ADAL rather than the v2 endpoint due to some features not being available with the v2 endpoint at this time (RBAC and groups). All indications are that the ADAL libraries are the way

I follow the instruction here to create an Managed Service Identity. So now in my environment variable, I have MSI_ENDPOINT and MSI_SECRET. In my typescript (node.js) project, I imported the following project: import {KeyVaultCredentials, KeyVaultClient} from "azure-keyvault"; import {AuthenticationContext, ErrorResponse, TokenResponse} from "adal-node"; If I wasn't using MSI, I could access my key vault using the following code: let keyVaultCredentials = new KeyVaultCredentials(KeyVault.createAuthenticator(this.clientID, this.clientKey)); let keyVaultClient = new KeyVaultClient

I've created a Web API which uses Azure Active Directory for its authentication. It uses a multi-tenant AAD. To test it, I also created a console app which uses the ADAL library to authenticate against AAD so I can access my API. In the main AAD tenant all is working well, because I don't need to grant anything. But when accessing the app from a second tenant, I first trigger the admin consent flow (adding a prompt=admin_consent ). But when I exit and open the app again, if I try to login with a user with no admin rights on the AAD, it tries to open the user consent and it fails (because the

I write a new application to access office data through the rest API, therefore i would like to use the new Authentication Model (V2.0 Endpoint) What's different about the v2.0 endpoit I can get a token with a call to private static string[] scopes = { "https://outlook.office.com/mail.read", "https://outlook.office.com/calendars.read" }; public async Task<ActionResult> SignIn() { ... SNIP Uri authUri = await authContext.GetAuthorizationRequestUrlAsync(scopes, null, clientId, redirectUri, new UserIdentifier("contoso@foo", UserIdentifierType.RequiredDisplayableId), null); return Redirect(authUri

ADAL.js does not work in IE when acquiring token for remote endpoint. The sample " https://github.com/AzureADSamples/SinglePageApp-WebAPI-AngularJS-DotNet " suggests to uncomment line of code: "cacheLocation: 'localStorage', // enable this for IE, as sessionStorage does not work for localhost." But apparently it doesn't help. Running the application side by side in IE and Chrome. Chrome works just fine. IE logs this error to console: Error :login_required Error description:AADSTS50058: User account identifier is not provided. Again, this is only the case when ADAL is trying to acquire a token