Skip to content

Latest commit

 

History

History
125 lines (93 loc) · 6.51 KB

File metadata and controls

125 lines (93 loc) · 6.51 KB
languages page_type name description products urlFragment
csharp
sample
.NET console application that accesses a protected API
This a .NET console application that accesses a protected API. The code in this sample is used by one or more articles on docs.microsoft.com.
azure
azure-active-directory
ms-graph
ms-identity-docs-code-dotnet-console

.NET | console | .NET (C#) console app that accesses a protected web API access (Microsoft Graph) | Microsoft identity platform

This .NET console application accesses protected web API (Microsoft Graph) as its own identity by using the Microsoft Authentication Library (MSAL) for .NET. The application is written in C# and supports scenarios like cron jobs and direct command-line invocation.

dotnet run

Could not find a cached token, so fetching a new one.
{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications/$entity",
  "id": "00aa11bb-cc22-dd33-ee44-ff55ee66dd77",
  "deletedDateTime": null,
  "appId": "00001111-aaaa-2222-bbbb-3333cccc4444",
  "applicationTemplateId": null,
  "disabledByMicrosoftStatus": null,
  "createdDateTime": "2021-01-17T15:30:55Z",
  "displayName": "identity-dotnet-console-app",
  "description": null,
  "groupMembershipClaims": null,
  ...
}

Prerequisites

Setup

1. Register the app with the Microsoft identity platform

First, complete the steps in Register an application with the Microsoft identity platform to register the application.

Use these settings in your app registration.

App registration
setting
Value for this sample app Notes
Name identity-client-daemon-app Suggested value for this sample.
You can change the app name at any time.
Supported account types Accounts in this organizational directory only (Single tenant) Suggested value for this sample.
Platform type None No redirect URI required; don't select a platform.
Client secret Value of the client secret (not its ID) ⚠️ Record this value immediately!
It's shown only once (when you create it).

ℹ️ Bold text in the tables above matches (or is similar to) a UI element in the Microsoft Entra admin center, while code formatting indicates a value you enter into a text box in the Microsoft Entra admin center.

2. Update application code with values from app registration

In Program.cs, update each variable with values from the app registration you created in the previous step.

// Full directory URL, in the form of https://login.microsoftonline.com/<tenant_id>
Authority = " https://login.microsoftonline.com/Enter the tenant ID obtained from the Microsoft Entra admin center",
// 'Enter the client ID obtained from the Microsoft Entra admin center
ClientId = "Enter the client ID obtained from the Microsoft Entra admin center",
// Client secret 'Value' (not its ID) from 'Client secrets' in the Microsoft Entra admin center
ClientSecret = "Enter the client secret value obtained from the Microsoft Entra admin center",
// Client 'Object ID' of app registration in Microsoft Entra admin center - this value is a GUID
ClientObjectId = "Enter the client Object ID obtained from the Microsoft Entra admin center"

Run the application

dotnet run

If successful, an output simialir to the following is displayed in the console (response shortened for brevity):

{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications/$entity",
  "id": "00aa11bb-cc22-dd33-ee44-ff55ee66dd77",
  "deletedDateTime": null,
  "appId": "00001111-aaaa-2222-bbbb-3333cccc4444",
  "applicationTemplateId": null,
  "disabledByMicrosoftStatus": null,
  "createdDateTime": "2021-01-17T15:30:55Z",
  "displayName": "identity-dotnet-console-app",
  "description": null,
  "groupMembershipClaims": null,
  ...
}

About the code

This .NET (C#) console application uses a client secret as its credentials to retrieve an access token that's scoped for the Microsoft Graph API, and then uses that token to access its own application registration information.

The Microsoft Graph response data is then written to the console. This .NET (C#) console app uses Microsoft Authentication Library (MSAL).

Reporting problems

Sample app not working?

If you can't get the sample working, you've checked Stack Overflow, and you've already searched the issues in this sample's repository, open an issue report the problem.

  1. Search the GitHub issues in the repository - your problem might already have been reported or have an answer.
  2. Nothing similar? Open an issue that clearly explains the problem you're having running the sample app.

All other issues

⚠️ WARNING: Any issue in this repository not limited to running one of its sample apps will be closed without being addressed. For all other requests, see Support and help options for developers | Microsoft identity platform.

Contributing

If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.