MSAL.Net in PowerShell – Use .pfx file for Client Credentials Flow

This post will show you how to authenticate for the client credentials flow in PowerShell with MSAL.Net using the .pfx file for the certificate authentication instead of loading the certificate from the certificate store. This post is in part based on this: Using PowerShell to Configure a signing certificate for a SAML-based SSO enterprise application Also, special thanks to my team members Bac Hoang and Will Fiddes for assisting with…

Read More

Using MSAL.Net to perform the client credentials flow with a certificate instead of a client secret in a .NetCore console appliction.

The sample files for this post can be found in this GitHub repository: https://github.com/RayGHeld/NetCore_ClientCredentials_withCert There is also a Powershell script there to create a certificate for this sample. You can perform the OAuth2 client_credentials grant flow to sign in as an application for your automated type of services. This flow does not require an interactive user to authenticate and should only be run in secure environments. There are 2 methods…

Read More

Configure .Net Application to call Microsoft Graph in a National Cloud Tenant

When authenticating with Azure and making a Microsoft Graph request, for commercial tenants, this is all done with the .com endpoints ( https://login.micorosoftonline.com/… and https://graph.microsoft.com ) and your token audience is for the .com endpoint as well. However, when performing the requests against a National Cloud tenant, you must use the appropriate endpoints. In this article, I will show you how to configure the Microsoft Graph .Net SDK in a…

Read More

How to get and display the user photo with Graph SDK for .Net in a WPF application

Occasionally, we get requests asking how to get the user photo using the Graph SDK. This blog post will show you how to do that in a WPF application but I will also show you a method for getting the photo and saving it to disk with a .Net console application. You can download the sample project here: https://github.com/RayGHeld/GraphClient_GetUserPhoto This project also utilizes the Authentication Provider code in this blog…

Read More

Implement Client Credentials flow for Graph Java Client

In my previous article , I showed you how to modify our great Graph Client for Java sample to add some additional options for things like filtering, setting the max retries for 429 errors, etc.  That sample uses the Oauth2 Device Code flow.  In this article, I will show you how to convert that and use the Client Credentials Flow.  Although, you will not be able to retrieve the same…

Read More

Configuring Options and MaxRetries for Graph Java Client

We have a great Java Graph SDK sample in our tutorial document located here.  Pay special attention to the versions as not having the correct version of the prerequisites will give you difficulty! The sample will run a console application and uses the Oauth2 Device Code flow for authentication.  Once it compiles and runs, you will get a message like this for the device code flow sign in:  “To sign…

Read More

Graph Client Authentication Provider

The Graph Client Authentication Providers allows for each authentication to the graph endpoint implementing a variety of OAUTH2 flows.  I will demonstrate the use of this library in c# code based on this GitHub. Previously, you had to build your own Authentication Provider ( see my creation of the client credentials provider in a vb.net application here ) .  This library will allow you to use the following flows: Confidential…

Read More

Using the GraphClient SDK in a VB.Net Console Application

In this blog post, I will show you how to use the GraphClient in a VB.Net application. You will need to create an app registration for this project. I used the exact same app registration that I used in my previous VB.Net blog post here. SDK Reference: https://docs.microsoft.com/en-us/graph/sdks/sdks-overview?view=graph-rest-1.0 I am using Visual Studio 2019 in this example. To begin, please start a VB.Net Console application and then install the following…

Read More

VB.NET – Use MSAL.Net in a Console Application to Authenticate to Azure

At one point in recent history, VB.Net was one of the most popular development languages around. In fact, there are many legacy applications written in VB.Net and even still, VB.Net is still in the top 10 languages ( source: https://www.techworm.net/2018/02/popular-programming-languages-2018-according-tiobe-pypl.html ).  I will show a simple console application using VB.Net to authenticate using MSAL.Net Of course, the first step, as in everything Azure, starts with setting up an app registration…

Read More

Setup Postman to call Microsoft Graph using a Client Credentials Grant Access Token from the v2 endpoint

To use the V1 endpoint, please refer to this post.  Our documentation for the client credentials grant type can be found here. You can setup postman to make a client_credentials grant flow to obtain an access token and make a graph call ( or any other call that supports application permissions ). This is very useful for testing code you plan to run as a script or in a Daemon…

Read More