ImmutableID of the user missing when trying to acquire a token for MS Graph API (Windows auth)
Hi,
I'm developing an API that uses the Microsoft Graph Client SDK to make multiples calls to a Sharepoint site.
To authenticate the users making the calls to the API, I'm using the Integrated Windows Provider method, with this very simple code:
var clientApp = PublicClientApplicationBuilder
.Create(_apiSettings.Value.AzureClientId)
.WithTenantId(_apiSettings.Value.AzureTenantId)
.Build();
var token = clientApp.AcquireTokenByIntegratedWindowsAuth(new string[] { _apiSettings.Value.MicrosoftGraphApiScopeUrl })
.ExecuteAsync().Result;
When calling the method containing this code in local, it works flawlessly. But when I deploy the app to our test server, and by using the NTLM authentication with the same user than in local, I'm having this error:
Microsoft.Identity.Client.MsalUiRequiredException: AADSTS90020: The SAML 1.1 Assertion is missing ImmutableID of the user.
When printing the content of the HttpContext.User, I see that the same user, connected to the same group, is both used on the "online" and the local version.
I already tried adding this header, but it's not doing anything:
var immId = new Dictionary<string, string>();
immId.Add("Prefer", "IdType=\"ImmutableId\"");
var token = clientApp.AcquireTokenByIntegratedWindowsAuth(new string[] { _apiSettings.Value.MicrosoftGraphApiScopeUrl })
.WithExtraHttpHeaders(immId)
.ExecuteAsync().Result;
What can I do ?
Thanks!