question

DavidDowning-2679 avatar image
0 Votes"
DavidDowning-2679 asked ·

Calling Azure REST API from .Net Core native application by displaying the Azure Login Popup from C#

Is it possible to initiate the Azure Login Popup from a native windows application?

azure-ad-connect
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Adding more details:

Code:

IConfidentialClientApplication app;

app = ConfidentialClientApplicationBuilder.Create(ClientID)
.WithClientSecret(ClientSecret)
.WithAuthority(new Uri("https://login.microsoftonline.com/common/oauth2/authorize"))
.Build();


string[] scopes = new string[] { "https://graph.microsoft.com/.default" };

result = app.AcquireTokenForClient(scopes)
.ExecuteAsync().GetAwaiter().GetResult();




I get the following error in the response:

{"error":{"code":"AuthenticationFailed","message":"Authentication failed."}}







0 Votes 0 ·
DavidDowning-2679 avatar image
2 Votes"
DavidDowning-2679 answered ·

I was able to get the Azure REST APIs working using the following code from the Fluent NuGet Packages:

     private static string TestAuth()
     {
         // AzureCredentials credentials = new AzureCredentials(spLogin, TenantID, AzureEnvironment.AzureGlobalCloud);
         var credentials = SdkContext.AzureCredentialsFactory.FromServicePrincipal(
             ClientID,
             ClientSecret,
             TenantID,
             AzureEnvironment.AzureGlobalCloud);

         var client = RestClient
             .Configure()
             .WithEnvironment(AzureEnvironment.AzureGlobalCloud)
             .WithCredentials(credentials)
             .Build();

         CancellationToken cancellationToken = new CancellationToken();

         var request = new HttpRequestMessage(HttpMethod.Get, $"https://management.azure.com/subscriptions/{SubscriptionID}/resourcegroups/{ResourceGroupName}?api-version=2019-10-01");
         client.Credentials.ProcessHttpRequestAsync(request, cancellationToken).GetAwaiter().GetResult();
         var httpClient = new HttpClient();
         var response = httpClient.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, cancellationToken).GetAwaiter().GetResult();

         return response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
     }
· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

mehmetseckin avatar image
1 Vote"
mehmetseckin answered ·

If I'm understanding this correctly, you want to make calls to the Azure Resource Management APIs from a native application. It is certainly possible to authenticate against Azure from a native windows application through Azure Active Directory.

You can create an Azure AD application with user_impersonation permissions, and use that application to authenticate against your tenant using `MSAL.NET` libraries.

There is a quickstart application that uses a similar approach to access Microsoft Graph APIs.

Hope this helps.


· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

In this case, I'm trying to do it from a console application. I'm getting the following error:

Microsoft.Identity.Client.MsalClientException
HResult=0x80131500
Message=Only loopback redirect uri is supported, but https://login.microsoftonline.com/common/oauth2/nativeclient was found. Configure http://localhost or http://localhost:port both during app registration and when you create the PublicClientApplication object. See https://aka.ms/msal-net-os-browser for details

Is this possible from a console application?

2 Votes 2 ·