question

DavidDowning-2679 avatar image
0 Votes"
DavidDowning-2679 asked ·

Calling Azure REST API from a windows .Net Core console application

Now that MF auth is required, I can't seem to figure out how to make an Azure REST API call from a console application (.Net Core). I've tried multiple samples, however none of them seem to work.

         string authContextURL = "https://login.windows.net/" + TenantID;
         var authenticationContext = new AuthenticationContext(authContextURL);
         var credential = new ClientCredential(ClientID, ClientSecret);
         var result = authenticationContext.AcquireTokenAsync("https://management.azure.com/", credential).GetAwaiter().GetResult();
         if (result == null)
         {
             throw new InvalidOperationException("Failed to obtain the JWT token");
         }
         string token = result.AccessToken;
         return token;

Error: "The received access token is not valid: at least one of the claims 'puid' or 'altsecid' or 'oid' should be present. If you are accessing as application please make sure service principal is properly created in the tenant."

In addition, setting up the Service Principal (or whatever is required) has also changed.

Is there a walk-through and code for getting the Service Principal setup and a console application able to call Azure REST APIs?

Thank you.


azure-ad-connect
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SaurabhSharma-msft avatar image
1 Vote"
SaurabhSharma-msft answered ·

You can refer to the Scenario: Daemon application that calls web APIs to learn on building a daemon application which calls a Web API including the OAuth Client Credentials grant. You also need to register your application with no reply uri as the client credentials flow doesn't use it. Please refer to the Daemon app that calls web APIs - app registration documentation for application registration details.
You can also find a GitHub sample here which shows to use a console application to call a Microsoft graph using .NET core 2.2.


·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidDowning-2679 avatar image
0 Votes"
DavidDowning-2679 answered ·

I'm able to get a token, however I'm getting "Unauthorized". The sample doesn't break down what is needed in terms of Azure REST API permissions.

I just keep adding more and more permissions, but surely someone know what is needed to call Azure REST APIs.

Thank you.

2914-appregpermissions.png



· 1 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Have you added web API permissions to the registered daemon application. Also, as there is no user interaction, the tenant admin need to provide consent in advance for the application and all the API permissions the application is requesting.

0 Votes 0 ·