Graph Client Authentication Provider

The Graph Client Authentication Providers allows for each authentication to the graph endpoint implementing a variety of OAUTH2 flows.  I will demonstrate the use of this library in c# code based on this GitHub. Previously, you had to build your own Authentication Provider ( see my creation of the client credentials provider in a vb.net application here ) .  This library will allow you to use the following flows: Confidential…

Read More

receiving error AADSTS50105: The signed in user ‘{EmailHidden}’ is not assigned to a role for the application

Problem: A tenant admin may receive the error “AADSTS50105: The signed in user ‘{EmailHidden}’ is not assigned to a role for the application…” when clicking on the “Grant Admin Consent” button in Azure AD’s App Registration portal as shown in the screen shot below: Why is this happening? This error typically happens when the Enterprise Application portion (or Service Principal) of the registered application has the setting ‘User Assignment Required’…

Read More

Exploring AzureServiceTokenProvider class with Azure Key Vault

The AzureServiceTokenProvider class from the Nuget package Microsoft.Azure.Services.AppAuthentication can be used to obtain an access token.  When running in Azure it can also utilize managed identities to request an access token.  In this post I’ll focus on using this class to get an access token for Azure Key Vault.  Keep in mind that you can also use this class to obtain an access token for any Azure resources integrated with…

Read More