OnlineIdAuthenticator OnlineIdAuthenticator OnlineIdAuthenticator OnlineIdAuthenticator Class

Definition

Provides an app with the ability to start the authentication request to get JavaScript Object Notation (JSON) tokens to use with your service or request tickets that can be used to get data that the user has consented to for your app using the Live ConnectAPI.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : sealed class OnlineIdAuthenticator : IOnlineIdAuthenticatorpublic sealed class OnlineIdAuthenticator : IOnlineIdAuthenticatorPublic NotInheritable Class OnlineIdAuthenticator Implements IOnlineIdAuthenticator// You can use this class in JavaScript.
Attributes
Windows 10 requirements
Device family
Windows 10 (introduced v10.0.10240.0)
API contract
Windows.Foundation.UniversalApiContract (introduced v1)

Examples

The following example shows how to handle a user authentication request.

function signIn() {
    var authenticator = new Windows.Security.Authentication.OnlineId.OnlineIdAuthenticator();
    var serviceTicketRequest = new Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest(
        "wl.basic wl.contacts_photos wl.calendars", "DELEGATION");

    sdkSample.displayStatus("Signing in...");

    authenticator.authenticateUserAsync(serviceTicketRequest)
        .done(function (authResult) {

            if ((authResult.tickets.size == 1) && (authResult.tickets[0].errorCode == 0)) {
                sdkSample.isSignedIn = true;
                sdkSample.displayStatus("Authorization succeeded.");
                sdkSample.accessToken = authResult.tickets[0];
                sdkSample.canSignOut = authenticator.canSignOut;
            }
        },

            function (authStatus) {
                if (authStatus && (authStatus.name !== "Canceled")) {
                    showErrorMessage("Autorization failed: " + authStatus.message);
                } else {
                    sdkSample.displayStatus("");
                }
                    showAccountStatus();
                });
}

Constructors

OnlineIdAuthenticator() OnlineIdAuthenticator() OnlineIdAuthenticator() OnlineIdAuthenticator()

Creates an instance of the OnlineIdAuthenticator.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : OnlineIdAuthenticator()public OnlineIdAuthenticator()Public Sub New()// You can use this method in JavaScript.

Properties

ApplicationId ApplicationId ApplicationId ApplicationId

Returns the ID of the application as a GUID.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : PlatForm::Guid ApplicationId { get; set; }public Guid ApplicationId { get; set; }Public ReadWrite Property ApplicationId As Guid// You can use this property in JavaScript.
Value
PlatForm::Guid Guid Guid Guid

The ID of the application.

Remarks

This ID is not necessary for Windows Store app.

AuthenticatedSafeCustomerId AuthenticatedSafeCustomerId AuthenticatedSafeCustomerId AuthenticatedSafeCustomerId

Returns the ID of a user who has been successfully authenticated for your app.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : PlatForm::String AuthenticatedSafeCustomerId { get; }public string AuthenticatedSafeCustomerId { get; }Public ReadOnly Property AuthenticatedSafeCustomerId As string// You can use this property in JavaScript.
Value
PlatForm::String string string string

The ID of a user who has been successfully authenticated for your app.

Examples

var authenticatedSafeCustomerId = onlineIdAuthenticator.authenticatedSafeCustomerId;
if (authenticatedSafeCustomerId !== "")
{
    // use
}
string authenticatedSafeCustomerId = onlineIdAuthenticator.authenticatedSafeCustomerId;
if (authenticatedSafeCustomerId != string.Empty)
{
    // use
}

Remarks

This property returns the same user ID as the UserIdentity.SafeCustomerId property.

If the user was not successfully authenticated for your app, this property value is empty.

If your app stores local data based on the user’s identity, you must check the authenticatedSafeCustomerId property to ensure there were no changes since the last authentication for your app. Check this property when your app is launched or activated, before getting the user identity and associated tickets.

CanSignOut CanSignOut CanSignOut CanSignOut

Indicates whether a user can sign out of the app, and whether to show the sign out link in the app.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : PlatForm::Boolean CanSignOut { get; }public bool CanSignOut { get; }Public ReadOnly Property CanSignOut As bool// You can use this property in JavaScript.
Value
PlatForm::Boolean bool bool bool

True if the user can sign out and the sign out link should be shown in the app, otherwise false.

Examples

var canSignOut = onlineIdAuthenticator.canSignOut;

if (Boolean(canSignOut)){

   // Add a "sign out" link to Charm settings.
}

Remarks

An app that uses the OnlineIdAuthenticator class must show an option for the user to sign out. The sign out option must appear in the Settings charm, and the app must create a new page for its user account settings in Accounts. To see an example of how to add the sign out option and the account setting page, see the Windows Account Authorization sample.

If the user has a connected account, they can sign out by visiting the Users page in PC Settings.

If this property is false, a call to SignOutUserAsync fails with the ONL_E_CONNECTED_ACCOUNT_CAN_NOT_SIGNOUT error code.

See Also

Methods

AuthenticateUserAsync(IIterable, CredentialPromptType) AuthenticateUserAsync(IIterable, CredentialPromptType) AuthenticateUserAsync(IIterable, CredentialPromptType) AuthenticateUserAsync(IIterable, CredentialPromptType)

Starts the async authentication request with multiple OnlineIdServiceTicketRequests and provides the ability to control the user experience by setting the CredentialPromptType to get the tickets. If a user is signed into a Windows 8 system with a Microsoft account, this user will be used for the authentication request.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : UserAuthenticationOperation AuthenticateUserAsync(IIterable<OnlineIdServiceTicketRequest> requests, CredentialPromptType credentialPromptType)public UserAuthenticationOperation AuthenticateUserAsync(IEnumerable<OnlineIdServiceTicketRequest> requests, CredentialPromptType credentialPromptType)Public Function AuthenticateUserAsync(requests As IEnumerable<OnlineIdServiceTicketRequest>, credentialPromptType As CredentialPromptType) As UserAuthenticationOperation// You can use this method in JavaScript.
Parameters
requests
IIterable<OnlineIdServiceTicketRequest> IEnumerable<OnlineIdServiceTicketRequest> IEnumerable<OnlineIdServiceTicketRequest> IEnumerable<OnlineIdServiceTicketRequest>

A collection of requests.

Returns
See Also

AuthenticateUserAsync(OnlineIdServiceTicketRequest) AuthenticateUserAsync(OnlineIdServiceTicketRequest) AuthenticateUserAsync(OnlineIdServiceTicketRequest) AuthenticateUserAsync(OnlineIdServiceTicketRequest)

Starts the asynchronous authentication request with one OnlineIdServiceTicketRequest by showing the credential prompt if needed to collect credentials or consent and get the ticket. If a user is signed into a Windows 8 system with a Microsoft account, this user will be used for the authentication request.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : UserAuthenticationOperation AuthenticateUserAsync(OnlineIdServiceTicketRequest request)public UserAuthenticationOperation AuthenticateUserAsync(OnlineIdServiceTicketRequest request)Public Function AuthenticateUserAsync(request As OnlineIdServiceTicketRequest) As UserAuthenticationOperation// You can use this method in JavaScript.
Parameters
request
OnlineIdServiceTicketRequest OnlineIdServiceTicketRequest OnlineIdServiceTicketRequest OnlineIdServiceTicketRequest

A request object that provides the ability for an app to specify the service and policy used to authenticate a Live user to obtain identity properties and tickets.

Returns

Remarks

When using these methods, consider the following error-handling guidelines:

  • If the asynchronous authentication request fails, the error is captured in the errorcode of the IAsyncInfo object.
  • If the asynchronous authentication requests starts and some of the tickets were obtained but some of them failed, the response is S_OK.
  • If the authentication request itself succeeded but individual tickets couldn’t be requested, IAsyncInfo returns S_OK but OnlineIdServiceTicket.ErrorCode captures individual ticket error codes.
  • If all of the ticket requests failed, the IAsyncInfo will contain the actual error code.
  • If all calls succeeded and all of the tickets were successfully obtained, the error code will be S_OK indicating no error occurred .
See Also

SignOutUserAsync() SignOutUserAsync() SignOutUserAsync() SignOutUserAsync()

Allows users to sign out of your app.

Note

If you are developing for Windows 10 or greater, use the Windows.Security.Authentication.Web.Core APIs instead. For more information, see Web account manager.

public : SignOutUserOperation SignOutUserAsync()public SignOutUserOperation SignOutUserAsync()Public Function SignOutUserAsync() As SignOutUserOperation// You can use this method in JavaScript.
Returns

An object that contains additional information about the why the user signed out.