msal

I'm getting an error (mentioned below) when I'm trying to use Cortana Bot user token (which is a Graph token) to generate an "on-behalf-of" token to another consuming Web API application using ClientAssertionCertificate / ClientCredential targeted to another consuming Web API by passing its AppId as ResourceId and userAssertion generated by using Cortana Bot user token. When checked our Bot AAD settings it is configured with other consuming Web API (API B) as valid application along with Graph application. Do we need to do any additional setting in AAD to get this on-behalf-of token?

I am trying to use the GraphAPI using the official nuget library ( https://github.com/microsoftgraph/msgraph-sdk-dotnet ). However, the authentication process is not trivial and not very well documented. I am in a CSP partner in a machine-to-machine scenario, so there is no UI application with a redirect url where a user manually enter it's credentials to consent access. But it seems to be the unique scenario well documented or available in the samples I found... Even the official CSP documentation is not clear ( https://developer.microsoft.com/en-us/graph/docs/concepts/auth

I have a Xamarin.Forms iOS/Android app and have to authenticate the user against a Microsoft Azure B2C AD. I have added the Microsoft.Identity.Client NuGet and using this for authentication. Login works fine and I am able to use the returned token to call an Azure hosted service of our own. The trouble is that when I try to logout the user it does not work as expected. If the user logs out and immediately after kills the app, the next time the app is started the login screen is presented as expected. To kill the app on iOS I go to app-switcher with double click home button and the swipe up.

Cheers, I'm looking for some clarification regarding authentication libraries for use with Azure AD, particularly regarding the differences between Microsoft.AspNetCore and Microsoft.IdentityModel based libraries. I am implementing an Api in .net core for which authentication will be managed with Azure Active Directory (AAD). Based on the needs of the application I am looking to use the original (v1) endpoint with ADAL rather than the v2 endpoint due to some features not being available with the v2 endpoint at this time (RBAC and groups). All indications are that the ADAL libraries are the way

I have an ASP.Net Web API 2 on which I implemented the following security: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-devquickstarts-webapi-dotnet It worked, I can't access the controllers except if I remove the [Authorize] attribute. Now, I have a logged in user in a Xamarin app. The user is logged in via MSAL authentication which works fine too. Very basic implementation : var authenticationResult = await App.IdentityClientApp.AcquireTokenSilentAsync(App.ClientScope); var token = authenticationResult.Token; Now, I want to access the web API by giving the

I want to integrate with Miscrosoft Outlook. I am able to login with MSAL.js and get an access token, but I am not able to get a refresh token. Is there a way to do it? I'll assume that since you're using the MSAL.js ( https://github.com/AzureAD/microsoft-authentication-library-for-js ) that you're using implicit flow for authentication and authorization. Implicit flow doesn't support refresh tokens, but you can request a new token silently. This is done similarly to how you request the token (id or access) in the first place. Unfortunately, I haven't found that MSAL.js does this transparently