question

AstonTurner-5159 avatar image
0 Votes"
AstonTurner-5159 asked LeonLu-MSFT commented

Auth MSAL/PKCE flow?

Hi,

I am brand new to Xamarin.Forms and app development. I have a requirement to use Microsoft to authenticate against Azure AD.

  • I have this flow working on the website; the user is directed to the authorize endpoint https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize. Upon successful sign-in the authorization_code is exchanged for an access token in my database server, and the user is directed to the web page as logged in. A framework called ServiceStack is used to help with this process.

I have tried this same flow in Xamarin.Forms, using Browser.Open to open the authorization endpoint for sign-in with query parameters including the app as the redirect_uri, however, after sign-in it seems the browser tries to redirect to the app, but I can not see anyway to 'catch' the authorization_code sent back. So that I can use the authorization_code to POST to another endpoint for exchange.

Secondly, I have tried using the MSAL library which seems great, however after sign-in I just receive Microsoft's Access Token which doesn't appear to be useful for my scenario, as I require internal access so that I can call my APIs from my server. The token only allows me to call the graph.


dotnet-xamarinazure-ad-authenticationazure-ad-msal
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If you want to achieve Auth MSAL, please do not use Browser.Open to open the authorization endpoint for sign-in with query parameters including the app as the redirect_uri, , you can use Xamarin.Essentials: Web Authenticator directly to achieve auth MSAL.


https://docs.microsoft.com/en-us/xamarin/essentials/web-authenticator?tabs=android


0 Votes 0 ·

0 Answers