Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
133 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
129 changes: 129 additions & 0 deletions
129
articles/active-directory/develop/quickstarts/active-directory-uwp.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,129 @@ | ||
--- | ||
title: Azure AD v2 Windows UWP Quickstart | Microsoft Docs | ||
description: How a Universal Windows Platform (XAML) application can get an access token and call an API protected by an Azure Active Directory v2 endpoint. | ||
services: active-directory | ||
documentationcenter: dev-center-name | ||
author: andretms | ||
manager: mtillman | ||
editor: '' | ||
|
||
ms.assetid: 820acdb7-d316-4c3b-8de9-79df48ba3b06 | ||
ms.service: active-directory | ||
ms.devlang: na | ||
ms.topic: article | ||
ms.tgt_pltfrm: na | ||
ms.workload: identity | ||
ms.date: 06/21/2018 | ||
ms.author: andret | ||
ms.custom: aaddev | ||
|
||
--- | ||
|
||
# Call the Microsoft Graph API from a Universal Windows Platform (UWP) application | ||
|
||
This quickstart contains a code sample that demonstrates how a Universal Windows Platform (UWP) application can sign in personal, work and school accounts, get an access token, and call the Microsoft Graph API. | ||
|
||
![How the sample app generated by this guide works](media/active-directory-uwp/uwp-intro.png) | ||
|
||
> [!div renderon="docs"] | ||
> ## Register your application and download your Quickstart app | ||
> | ||
> 1. Go to the [Azure Portal - Application Registration [Prod]](https://portal.azure.com/signin/index/?Microsoft_AAD_RegisteredApps=true#blade/Microsoft_AAD_RegisteredApps/applicationsListBlade/quickStartType/WinDesktopQuickstartPage/sourceType/docs) | ||
> 1. Enter a name for your application and click **Create** | ||
> 1. Follow the instructions to download and configure your new application, and to add **urn:ietf:wg:oauth:2.0:oob** in the list of redirect URLs automatically for you. | ||
> [!div renderon="portal" class="sxs-lookup"] | ||
> ## Step 1: Configure your application | ||
> For the code sample for this quickstart to work, you need to add a reply URL as **urn:ietf:wg:oauth:2.0:oob**. | ||
> > [!div renderon="portal" id="makechanges" class="nextstepaction"] | ||
> > [Make this change for me]() | ||
> | ||
> > [!div id="appconfigured" class="hidden"] | ||
> > ![Already configured](media/active-directory-windesktop/checkmark.png) Your application is configured with these attributes | ||
> | ||
>## Step 2: Download your Visual Studio project | ||
> | ||
> - [Download the Visual Studio 2017 project](https://github.com/Azure-Samples/active-directory-dotnet-native-uwp-v2/archive/master.zip) | ||
> | ||
>## Step 3: Configure your Visual Studio project | ||
> | ||
> 1. Open the project in Visual Studio | ||
> 1. Edit **App.Xaml.cs** and replace the line starting with `private static string ClientId` with: | ||
> ```csharp | ||
> private static string ClientId = "Enter_the_Application_Id_here"; | ||
> ``` | ||
## More Information | ||
|
||
Below an overview of this Quickstart: | ||
|
||
### MSAL.NET | ||
|
||
MSAL ([Microsoft.Identity.Client](https://www.nuget.org/packages/Microsoft.Identity.Client)) is the library used to sign in users and request tokens used to access an API protected by Microsoft Azure Active Directory. You can install it by running the following command in Visual Studio's *Package Manager Console*: | ||
|
||
```powershell | ||
Install-Package Microsoft.Identity.Client -Pre | ||
``` | ||
|
||
### MSAL Initialization | ||
|
||
You can add the reference for MSAL by adding the line below: | ||
|
||
```csharp | ||
using Microsoft.Identity.Client; | ||
``` | ||
|
||
Then initialize MSAL using the line below: | ||
|
||
```csharp | ||
public static PublicClientApplication PublicClientApp = new PublicClientApplication(ClientId); | ||
``` | ||
|
||
> |Where: || | ||
> |---------|---------| | ||
> |ClientId | The Application Id from the application registered in *portal.microsoft.com* | | ||
### Requesting tokens | ||
|
||
Msal has two methods used acquire tokens - `AcquireTokenAsync` and `AcquireTokenSilentAsync`: | ||
|
||
#### Getting a user token interactively | ||
|
||
Some situations require forcing users interact with Azure Active Directory v2 endpoint via an popup window to either validate their credentials or five consent – some examples include: | ||
|
||
- The first time users signs-in to the application | ||
- Users may need to reenter their credentials because the password has expired | ||
- Your application is requesting access to a resource that the user needs to consent to | ||
- Two factor authentication is required | ||
|
||
```csharp | ||
authResult = await App.PublicClientApp.AcquireTokenAsync(_scopes); | ||
``` | ||
|
||
> |Where:|| | ||
> |---------|---------| | ||
> |_scopes | Contains the scopes being requested (i.e. `{ "user.read" }` for Microsoft Graph or `{ "api://<Application ID>/access_as_user" }` for custom Web APIs) | | ||
#### Getting a user token silently | ||
|
||
You don't want to require user to validate their credentials every time they need to access a resource - most of the time you want token acquisitions and renewal without any user interaction - `AcquireTokenSilentAsync` is the method commonly used to obtain tokens used to access protected resources after the initial `AcquireTokenAsync`: | ||
|
||
```csharp | ||
authResult = await App.PublicClientApp.AcquireTokenSilentAsync(_scopes, App.PublicClientApp.Users.FirstOrDefault()); | ||
``` | ||
|
||
> |Where: || | ||
> |---------|---------| | ||
> |_scopes | Contains the scopes being requested (i.e. `{ "user.read" }` for Microsoft Graph or `{ "api://<Application ID>/access_as_user" }` for custom Web APIs) | | ||
|App.PublicClientApp.Users.FirstOrDefault() | The first user in the cache (MSAL support multiple users in a single app) | | ||
|
||
## What is next | ||
|
||
Try out the Windows Desktop tutorial for a complete step-by-step guide on building applications and building new features, including a full explanation of this Quickstart: | ||
|
||
### Learn the steps to create the application used in this Quickstart | ||
|
||
> [!div class="nextstepaction"] | ||
> [UWP - Call Graph API tutorial](https://docs.microsoft.com/en-us/azure/active-directory/develop/guidedsetups/active-directory-uwp-v2) | ||
[!INCLUDE [Help and support](../../../../includes/active-directory-develop-help-support-include.md)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file added
BIN
+8.7 KB
...s/active-directory/develop/quickstarts/media/active-directory-uwp/uwp-intro.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters