How to set up single sign-on for developers (Windows Store apps using C#/VB/C++ and XAML)

Developers need to follow these steps to use single sign-on (SSO) mode.

What you need to know



  • You should be familiar with C#, C++, or Visual Basic programming concepts.


Step 1: Use the operation that doesn't require the callbackUri parameter

Use the WebAuthenticationBroker.AuthenticateAsync operation that doesn't expose the callbackUri parameter. Behind the scenes, the web authentication broker constructs the value of the callbackUri parameter itself by querying the app's package security identifier (SID) and appending it to the "ms-app://" string.

Step 2: Get your app's SID

Call the WebAuthenticationBroker.GetCurrentApplicationCallbackUri method to get your app's SID. This is useful when building a parameter list to be sent to an online provider through the query string.

Step 3: Register your app with your online provider

You must register your "ms-app://" URI with your online provider.

Step 4: Prevent a dialog box from appearing briefly to your user

When you need authentication only and don't expect the provider to show any UI, use the WebAuthenticationOptions.SilentMode flag to avoid a dialog box.


You can find out what your "ms-app://" URI is by going to the Developer portal. Click the Manage your cloud services setting, and then find your app's SID under the Application Authentication tab of the Advanced Features.

FAQ for Web Authentication Broker

Getting started guidance for online providers integrating with the web authentication broker APIs

Troubleshooting web authentication problems




Build date: 10/15/2012