Skip to content
Calling a ASP.NET Core Web API from a WPF application using Azure AD v2.0
C# PowerShell Other
Branch: master
Clone or download
kalyankrishna1 Merge pull request #117 from Azure-Samples/kalyankrishna1-patch-1
Added a link to the latest Identity developer's introduction to MS Graph recording
Latest commit a2b2573 Nov 20, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Initial commit Apr 10, 2018
1. Desktop app calls Web API update the ASP.NET Core Web API tutorial ASP.NET Core 3.0 (#111) Nov 8, 2019
2. Web API now calls Microsoft Graph Added a link to the latest Identity developer's introduction to MS Gr… Nov 19, 2019
3.-Web-api-call-Microsoft-graph-for-personal-accounts Added a link to the latest Identity developer's introduction to MS Gr… Nov 19, 2019
Microsoft.Identity.Web.Test update the ASP.NET Core Web API tutorial ASP.NET Core 3.0 (#111) Nov 8, 2019
Microsoft.Identity.Web Sync with ASP.NET Core Web app tutorial's Microsoft.Identity.Web (#113) Nov 8, 2019
.gitattributes Adapting the AAD V1 sample to AAD V2 Apr 10, 2018
.gitignore
CHANGELOG.md Initial commit Apr 10, 2018
CONTRIBUTING.md Initial commit Apr 10, 2018
LICENSE.md Initial commit Apr 10, 2018
NuGet.config Initial version Apr 10, 2018
README.md Update README.md now that KCA works for MSA Sep 14, 2019
build.bat 1) Synching Microsoft.Identity.Web from the ASP.NET Core Web App tuto… Sep 12, 2019
buildAllSlns.proj 1) Synching Microsoft.Identity.Web from the ASP.NET Core Web App tuto… Sep 12, 2019

README.md

languages products page_type description
csharp
aspnet
azure
azure-active-directory
sample
A sample that shows how to call an ASP.NET Core Web API from a WPF application using Azure Active Directory V2.

Calling an ASP.NET Core Web API from a WPF application using Azure AD V2

Build status

About this sample

Scenario

You expose a Web API and you want to protect it so that only authenticated users can access it. You want to enable apps authenticating users with both work and school accounts or Microsoft personal accounts (formerly live account) to use your Web API.

Later you enrich your Web API by enabling it to call another Web API such as the Microsoft Graph

Structure of the repository

This repository contains a progressive tutorial made of two parts:

Sub folder Description
1. Desktop app calls Web API This first part, presents an ASP.NET Core 2.2 Web API protected by Azure Active Directory OAuth Bearer Authentication. This Web API is exercised by a .NET Desktop WPF application. This subfolder contains a Visual Studio solution made of two applications: the desktop application (TodoListClient), and the Web API (TodoListService)

Topology
2. Web API now calls Microsoft Graph This second part presents an increment where the Web API now calls Microsoft Graph on-behalf of the user signed-in in the desktop application. In this part, the Web API uses the Microsoft Authentication Library for .NET (MSAL.NET) to acquire a token for Microsoft Graph using the on-behalf-of flow

Topology
3.-Web-api-call-Microsoft-same-client-id This third part presents an increment where the Web API now calls Microsoft Graph on-behalf of the user signed-in in the desktop application, but with an alternative architecture. In this part, the Web API also uses the Microsoft Authentication Library for .NET (MSAL.NET) to acquire a token for Microsoft Graph using the on-behalf-of flow, but the client ID of the desktop app and the Web API are the same

Topology

Note: Even if you'll probably get the most of this tutorial by going through the part in the proposed order, it's also possible to jump directly to the second part or third part.

User experience with this sample

In the first part of the tutorial

The Web API (TodoListService) maintains an in-memory collection of to-do items per authenticated user. Several applications signed-in under the same identities share the same to-do list.

The WPF application (TodoListClient) enables a user to:

  • Sign in. The first time a user signs in, a consent screen is presented letting the user consent for the application accessing the TodoList Service.
  • When the user has signed-in, the user sees the list of to-do items exposed by Web API for the signed-in identity
  • The user can add more to-do items by clicking on Add item button.

Next time a user runs the application, the user is signed-in with the same identity as the application maintains a cache on disk. Users can clear the cache (which will also have the effect of signing them out)

TodoList client

In the second part of the tutorial

The second phase of the tutorials modifies the Web API so that the todo-items also mention the identity of the user adding them.

TodoList Client with user name

In the third part of the tutorial

The experience in the third phase is the same as in the second phase, but users can sign-in with their personal Microsoft account

How to run this sample

Pre-requisites

  • Install .NET Core for Windows by following the instructions at dot.net/core, which will include Visual Studio 2017.
  • An Internet connection
  • An Azure Active Directory (Azure AD) tenant. For more information on how to get an Azure AD tenant, see How to get an Azure AD tenant
  • A user account in your Azure AD tenant, or a Microsoft personal account

Step 1: Clone or download this repository

From your shell or command line:

git clone https://github.com/Azure-Samples/active-directory-dotnet-native-aspnetcore-v2.git aspnetcore-webapi
cd aspnetcore-webapi

Given that the name of the sample is pretty long, that it has sub-folders and so are the name of the referenced NuGet pacakges, you might want to clone it in a folder close to the root of your hard drive, to avoid file size limitations on Windows.

Community Help and Support

Use Stack Overflow to get support from the community. Ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [msal dotnet].

If you find a bug in the sample, please open an issue on GitHub Issues.

To provide a recommendation, visit the following User Voice page.

Contributing

If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Other samples and documentation

You can’t perform that action at this time.