Share via


Azure Active Directory code samples (v1.0 endpoint)

Warning

This content is for the older Azure AD v1.0 endpoint. Use the Microsoft identity platform for new projects.

You can use Azure Active Directory (Azure AD) to add authentication and authorization to your web applications and web APIs.

This section provides links to samples you can use to learn more about the Azure AD v1.0 endpoint. These samples show you how it's done along with code snippets that you can use in your applications. On the code sample page, you'll find detailed read-me topics that help with requirements, installation, and set-up. And the code is commented to help you understand the critical sections.

Note

If you are interested in Microsoft Entra V2 code samples, see v2.0 code samples by scenario.

Warning

Support for Active Directory Authentication Library (ADAL) will end in December, 2022. Apps using ADAL on existing OS versions will continue to work, but technical support and security updates will end. Without continued security updates, apps using ADAL will become increasingly vulnerable to the latest security attack patterns. For more information, see Migrate apps to MSAL.

To understand the basic scenario for each sample type, see Authentication scenarios for Azure AD.

You can also contribute to our samples on GitHub. To learn how, see Azure Active Directory samples and documentation.

Single-page applications

This sample shows how to write a single-page application secured with Azure AD.

Platform Calls its own API Calls another Web API
This image shows the JavaScript logo javascript-singlepageapp
This image shows the Angular JS logo angularjs-singlepageapp angularjs-singlepageapp-cors

Web Applications

Web Applications signing in users, calling Microsoft Graph, or a Web API with the user's identity

The following samples illustrate Web applications signing users. Some of these applications also call the Microsoft Graph or your own Web API, in the name of the signed-in user.

Platform Only signs in users Calls Microsoft Graph Calls another ASP.NET or ASP.NET Core 2.0 Web API
This image shows the ASP.NET Core logo

ASP.NET Core 2.0
dotnet-webapp-openidconnect-aspnetcore webapp-webapi-multitenant-openidconnect-aspnetcore

(Azure AD Graph)
dotnet-webapp-webapi-openidconnect-aspnetcore
This image shows the ASP.NET Framework logo

ASP.NET 4.5

webapp-WSFederation-dotNet

dotnet-webapp-webapi-oauth2-useridentity
dotnet-webapp-multitenant-openidconnect

(Azure AD Graph)
This image shows the Python logo python-webapp-graphapi
This image shows the Java log java-webapp-openidconnect
This image shows the PHP logo php-graphapi-web

Web applications demonstrating role-based access control (authorization)

The following samples show how to implement role-based access control (RBAC). RBAC is used to restrict the permissions of certain features in a web application to certain users. The users are authorized depending on whether they belong to an Azure AD group or have a given application role.

Platform Sample Description
This image shows the ASP.NET Framework logo

ASP.NET 4.5
dotnet-webapp-groupclaims

dotnet-webapp-roleclaims
A .NET 4.5 MVC web app that uses Azure AD roles for authorization

Desktop and mobile public client applications calling Microsoft Graph or a Web API

The following samples illustrate public client applications (desktop/mobile applications) that access the Microsoft Graph or a Web API in the name of a user. Depending on the devices and platforms, applications can sign in users in different ways (flows/grants):

  • Interactively
  • Silently (with integrated Windows authentication on Windows, or username/password)
  • By delegating the interactive sign-in to another device (device code flow used on devices which don't provide web controls)
Client application Platform Flow/Grant Calls Microsoft Graph Calls an ASP.NET or ASP.NET Core 2.x Web API
Desktop (WPF) This image shows the .NET/C# logo Interactive Part of dotnet-native-multitarget dotnet-native-desktop

dotnet-native-aspnetcore

dotnet-webapi-manual-jwt-validation
Mobile (UWP) This image shows the .NET/C#/UWP Interactive dotnet-native-uwp-wam

This sample uses WAM, not ADAL.NET
dotnet-windows-store (UWP application using ADAL.NET to call a single tenant Web API)

dotnet-webapi-multitenant-windows-store (UWP application using ADAL.NET to call a multi-tenant Web API)
Mobile (Android, iOS, UWP) This image shows the .NET/C# (Xamarin) Interactive dotnet-native-multitarget
Mobile (Android) This image shows the Android logo Interactive android
Mobile (iOS) This image shows iOS / Objective C or Swift Interactive nativeClient-iOS
Desktop (Console) This image shows the .NET/C# logo Username / Password

Integrated Windows authentication
dotnet-native-headless
Desktop (Console) This image shows the Java logo Username / Password java-native-headless
Desktop (Console) This image shows the .NET Core/C# logo Device code flow dotnet-deviceprofile

Daemon applications (accessing web APIs with the application's identity)

The following samples show desktop or web applications that access the Microsoft Graph or a web API with no user (with the application identity).

Client application Platform Flow/Grant Calls an ASP.NET or ASP.NET Core 2.0 Web API
Daemon app (Console) This image shows the .NET Framework logo Client Credentials with app secret or certificate dotnet-daemon

dotnet-daemon-certificate-credential
Daemon app (Console) This image shows the .NET Core logo Client Credentials with certificate dotnetcore-daemon-certificate-credential
ASP.NET Web App This image shows the .NET Framework logo Client credentials dotnet-webapp-webapi-oauth2-appidentity

Web APIs

Web API protected by Azure Active Directory

The following sample shows how to protect a Node.js web API with Azure AD.

In the previous sections of this article, you can also find other samples illustrating a client application calling an ASP.NET or ASP.NET Core Web API. These samples are not mentioned again in this section, but you will find them in the last column of the tables above or below

Platform Sample
This image shows the Node.js logo node-webapi

Web API calling Microsoft Graph or another Web API

The following samples demonstrate a web API that calls another web API. The second sample shows how to handle Conditional Access.

Platform Calls Microsoft Graph Calls another ASP.NET or ASP.NET Core 2.0 Web API
This image shows the ASP.NET Framework logo

ASP.NET 4.5
dotnet-webapi-onbehalfof

dotnet-webapi-onbehalfof-ca
dotnet-webapi-onbehalfof

dotnet-webapi-onbehalfof-ca

Other Microsoft Graph samples

For samples and tutorials that demonstrate different usage patterns for the Microsoft Graph API, including authentication with Azure AD, see Microsoft Graph Community Samples & Tutorials.

See also