WebAccountProvider.IsSystemProvider WebAccountProvider.IsSystemProvider WebAccountProvider.IsSystemProvider WebAccountProvider.IsSystemProvider WebAccountProvider.IsSystemProvider Property


Gets the value describing whether the given ID provider supports system-wide authentication tokens.

public : Platform::Boolean IsSystemProvider { get; }
bool IsSystemProvider();
public bool IsSystemProvider { get; }
Public ReadOnly Property IsSystemProvider As bool
var bool = webAccountProvider.isSystemProvider;

Property Value

bool bool bool

True if the WebAccountProvider allows system-wide authentication tokens. Otherwise False.

Additional features and requirements

Device family
Windows 10, version 1803 (introduced v10.0.17134.0)
API contract
Windows.Foundation.UniversalApiContract (introduced v6)


The following is an example of this special case of device-wide token retrieval.

// create a WebTokenRequest with device-wide authentication
WebTokenRequest CreateWebTokenRequestForAad(WebAccountProvider provider){
    // check if the ID provider allows system-wide scope, and construct token request accordingly:
    return new WebTokenRequest(
        provider.IsSystemProvider ? "systemInfo" : "userInfo",

// retrieve a device-wide auth token for Azure Active Directory
string GetAadToken() {
    var provider = WebAuthenticationCoreManager.FindSystemAccountProviderAsync(
    var request = CreateWebTokenRequestForAad(provider);
    var result = WebAuthenticationCoreManager.GetTokenSilentlyAsync(request);

    // handle the request result in the usual way.
    if (result.ResponseStatus == WebTokenRequestStatus.Success){ 
        return result.ResponseData[0].Token; 
    } else { 
        throw new Exception(result.ResponseError.ErrorMessage); 


The device token feature is intended for cases in which a service needs to connect to cloud resources before a user ever signs into the device (for example, in out-of-box experiences where there are System Center Configuration Manager (SCCM) policies that must be applied right away). Only first-party ID providers (Xbox, MSA, AAD) allow device-wide tokens; other ID providers do not.