msal

问题 I am trying to create a B2B Management portal. I've started off with this sample since it uses MSAL and Graph API. user@live.se is in the tenant. It's been invited as a "guest user", i.e a B2B user. However, signing in with user@live.se does not work even though it's been added to the tenant. Following error after sign-in: AADSTS50020: User account 'user@live.se' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are

问题 I am trying to create a B2B Management portal. I've started off with this sample since it uses MSAL and Graph API. user@live.se is in the tenant. It's been invited as a "guest user", i.e a B2B user. However, signing in with user@live.se does not work even though it's been added to the tenant. Following error after sign-in: AADSTS50020: User account 'user@live.se' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are

问题 I am trying to create a B2B Management portal. I've started off with this sample since it uses MSAL and Graph API. user@live.se is in the tenant. It's been invited as a "guest user", i.e a B2B user. However, signing in with user@live.se does not work even though it's been added to the tenant. Following error after sign-in: AADSTS50020: User account 'user@live.se' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are

问题 I have a React SPA and I'm using msal to authenticate Microsoft users using loginRedirect. After the login, I'm acquiring an access token silently using acquireTokenSilent to call a web API. When acquiring the access token fails and interaction is required, I'm using acquireTokenRedirect. When I use acquireTokenRedirect, what I see is: 1. The user is redirected to login.microsoftonline.com. 2. A 302 response is returned with Location header that contains the redirect url + the access token. 3

问题 I am able to retrieve and use an access token via MSAL in a desktop .Net project. I can successfully retrieve tokens and they are valid in my Graph calls. However, trying to use the access token with SharePoint Online CSOM results in a 401: Unauthorized. This is similar to accessing sharepoint REST apis using msal throws 401 (except I am using C# and the latest CSOM). It is my understanding that MSFT is trying to move devs away from ADAL and towards MSAL, but there seems to be some

问题 In EWS OAuth flow we can get delegate permissions by following: var pcaOptions = new PublicClientApplicationOptions { ClientId = ConfigurationManager.AppSettings["appId"], TenantId = ConfigurationManager.AppSettings["tenantId"] }; var pca = PublicClientApplicationBuilder .CreateWithApplicationOptions(pcaOptions).Build(); // The permission scope required for EWS access var ewsScopes = new string[] { "https://outlook.office.com/EWS.AccessAsUser.All" }; // Make the interactive token request var

问题 In EWS OAuth flow we can get delegate permissions by following: var pcaOptions = new PublicClientApplicationOptions { ClientId = ConfigurationManager.AppSettings["appId"], TenantId = ConfigurationManager.AppSettings["tenantId"] }; var pca = PublicClientApplicationBuilder .CreateWithApplicationOptions(pcaOptions).Build(); // The permission scope required for EWS access var ewsScopes = new string[] { "https://outlook.office.com/EWS.AccessAsUser.All" }; // Make the interactive token request var

问题 In my iOS app I'm currently authenticating through the MSAL iOS SDK and it's working fine. Somewhere in the app I'm also required to show a website (opened via UIWebView) that also requires the same Azure AD authentication. Since I'm already authenticated through the SDK and have an access token, is there any way to bypass authentication process in the web view? 回答1: You can use one of the following for cookie sharing: 1. ASWebAuthenticationSession in MSAL + open URL in Safari browser MSAL

问题 As the microsoft iffical said, The UWP can't use system web with aad b2c, has to use Embedded Webviews. But when I use MSAL.net, it offen mis-render the page, as the image below(in some times , the page maybe right render). And I can run the user flow and right render with my system chrome web browser . The uwp Embedded Webviews is in old edge core(maybe this is the reason?). what can I do? does Microsoft can solve the matter？ 回答1: B2C is supported in UWP. Please upgrade the application to

问题 MSAL for Python supports ROPC flow(Resource Owner Password Credentials Grant) supports token retrieve for Public Applications, Can we similarly use confidential client class in MSAL for python? The following links seem to say no--> https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Username-Password-Authentication Also, if we can use both Public & Confidential client, which is recommended from a security standpoint? The application is a service app that runs behind