Is it possible to initiate the Azure Login Popup from a native windows application?
Calling Azure REST API from .Net Core native application by displaying the Azure Login Popup from C#
Adding more details:
Code:
IConfidentialClientApplication app;
app = ConfidentialClientApplicationBuilder.Create(ClientID)
.WithClientSecret(ClientSecret)
.WithAuthority(new Uri("https://login.microsoftonline.com/common/oauth2/authorize"))
.Build();
string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
result = app.AcquireTokenForClient(scopes)
.ExecuteAsync().GetAwaiter().GetResult();
I get the following error in the response:
{"error":{"code":"AuthenticationFailed","message":"Authentication failed."}}
I was able to get the Azure REST APIs working using the following code from the Fluent NuGet Packages:
private static string TestAuth()
{
// AzureCredentials credentials = new AzureCredentials(spLogin, TenantID, AzureEnvironment.AzureGlobalCloud);
var credentials = SdkContext.AzureCredentialsFactory.FromServicePrincipal(
ClientID,
ClientSecret,
TenantID,
AzureEnvironment.AzureGlobalCloud);
var client = RestClient
.Configure()
.WithEnvironment(AzureEnvironment.AzureGlobalCloud)
.WithCredentials(credentials)
.Build();
CancellationToken cancellationToken = new CancellationToken();
var request = new HttpRequestMessage(HttpMethod.Get, $"https://management.azure.com/subscriptions/{SubscriptionID}/resourcegroups/{ResourceGroupName}?api-version=2019-10-01");
client.Credentials.ProcessHttpRequestAsync(request, cancellationToken).GetAwaiter().GetResult();
var httpClient = new HttpClient();
var response = httpClient.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, cancellationToken).GetAwaiter().GetResult();
return response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
}
If I'm understanding this correctly, you want to make calls to the Azure Resource Management APIs from a native application. It is certainly possible to authenticate against Azure from a native windows application through Azure Active Directory.
You can create an Azure AD application with user_impersonation permissions, and use that application to authenticate against your tenant using `MSAL.NET` libraries.
There is a quickstart application that uses a similar approach to access Microsoft Graph APIs.
Hope this helps.
In this case, I'm trying to do it from a console application. I'm getting the following error:
Microsoft.Identity.Client.MsalClientException
HResult=0x80131500
Message=Only loopback redirect uri is supported, but https://login.microsoftonline.com/common/oauth2/nativeclient was found. Configure http://localhost or http://localhost:port both during app registration and when you create the PublicClientApplication object. See https://aka.ms/msal-net-os-browser for details
Is this possible from a console application?
3 people are following this question.
