msal

问题 I'm using Xamarin Forms in Visual Studio 2015 with the new MSAL preview v.1.1.0. The app calls the PublicClientApplication.AcquireTokenAsync which pulls up the login form in Chrome on the mobile device. The login is successful, but when it redirects I get the error message "This site can't be reached. The webpage at msal[my app id]://auth/?code=[auth code]... might be temporarily down or it may have moved permanently to a new web address. When stepping through the app I see that the

问题 I am using MSAL for JavaScript in a react app to authenticate against Azure AD. I am able to successfully authenticate user and get id token and access token. But the retrieved access token cannot access the API that is secured with Azure AD. Everything is configured find on Azure AD side as I can use the retrieved access token to talk to the API using a dotnet core web app. The difference between dotnet core app and react app is the "resource" attribute. I am not sure how to include that in

问题 I have a SPA App (VueJS) which uses Azure B2C with MSAL to authenticate users. Authentication works just fine. But what does not work is, that the user is not kept logged in. As long as i use the app, everything works just fine. But when i start my app the next day i have to relogin (or just reselect the account I want to use), but I would like to have the same user experience like for example the azure portal. I can revisit the portal after one week and do not have to relogin. How can i

问题 I followed the example of AuthExample that uses Custom Chrome Tabs with Azure AD B2C policies. I do not find any resources on how to style the custom chrome tab (and respectively the Safari controller). The tab always shows the URL in the header and the standard colors which does not look very native. I know I can style the page content itself within Azure portal. Can anyone guide me to links or tutorials on how to style the browser view to adapt to my app design and at least not show the

问题 How to enumerate Azure subscriptions and tenants programmatically? This is related to my previous question Login-AzureRmAccount (and related) equivalent(s) in .NET Azure SDK. Basically I try to replicate the behavior of Login-AzureRmAccount and Get-AzureRmSubscription in desktop or a console application. Thus far I've figured out MSAL seems to always require client ID and tenant ID, so there needs to be some other library to acquire those from. After this I would like to go about creating a

问题 I want to implement the single sign-on functionality on IOS using ADFS . I did some R&D and tried the MSAL iOS library for ADFS authentication but it's not working for me. I have added client id, Authority URL for ADFS authentication but it's not working for me. Every time its give me Couldn't acquire token error. I have different SSO URL , so not using Microsoft azure server . I have tried to add my credential in following way for MSAL IOS library let kClientID = "xxxxxx-8929-4D60-B869

问题 I have an ASP.Net Web API 2 on which I implemented the following security: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-devquickstarts-webapi-dotnet It worked, I can't access the controllers except if I remove the [Authorize] attribute. Now, I have a logged in user in a Xamarin app. The user is logged in via MSAL authentication which works fine too. Very basic implementation : var authenticationResult = await App.IdentityClientApp.AcquireTokenSilentAsync

问题 I have a working version of a Client/Server authentication using ADAL. However, it appears that the B2C AAD doesn't work well with ADAL when you want to use Local Accounts (that is, just a username or just an email address with no backing authenticator other than AAD). It appears the API we should be using for Local Accounts is the alpha release of MSAL. So far, so good. I'm able to create a local user using the Graph API and using the following code, I appear to be authenticating the local

问题 I tried using the code provided here: https://github.com/Azure-Samples/active-directory-javascript-singlepageapp-dotnet-webapi-v2 It works for both MSA and Azure AD authentication. I need to know whether the email address entered was MSA or Azure AD. Is there a way to find that out from the response? 回答1: In the id_token you get back, there's a iss (issuer) claim. This claim contains the user's tenant. If the user used a Microsoft Account (MSA), their issuer claims will contain the following

问题 I am using MSAl for Xamarin.Forms and implemented the sample on Xamarin Authorization with Azure AD B2C In the sample the AcquireTokenSilentAsync() -Method is called from the OnAppearing() -Method of the LoginPage (the View) (delegated from LoginAsync(true)). The login page is the start-up page of this sample app. My question is, do I have to call AcquireTokenSilentAsync() in any view (or view model) before my logic or is it enough to use it on my start-up page? If I have to use it on any