You might see the following message… Update your browserYour browser is not supported or up-to-date. Try updating it, or else download and install the latest version of Microsoft Edge.You could also try to access https://aka.ms/mysecurityinfo from another device. As a quick solution for the user. Have the user register for MFA ahead of time before using the app. Simply open a supported Browser like Edge or Chrome and have the…
Read MoreTutorial: How to call a protected web API with an application permission token in Azure AD B2C
Introduction This post covers an end to end scenario where a front end console application authenticates to Azure AD B2C using client credentials OAuth2 grant flow and calls a .Net backend web API. The samples in this post are built on .Net 6 framework. App Registrations There are 2 App Registrations required in this tutorial: a front-end console app and a back-end web API. The samples also require either a…
Read MoreHow to bundle consent
You have a custom client and a custom API. There is an application registration in Azure AD for each of these apps, one for the custom client, and one for the custom API. You want your users to be able to bundle the consent for these apps. You might see one of the following errors… Step 1: Configure knownClientApplications for the API app registration First, you will need to add…
Read MoreUsing MSAL for Python to perform interactive sign in from a local script
This blog shows how to use MSAL for Python to perform an interactive sign in to Azure AD from running a local python script. The sample also demonstrates how to enable MSAL logging along with how to capture Python SSL web traffic using Fiddler Classic App Registration: You will need to have an Azure AD App Registration with “http://localhost” reply URL configured in the ‘Mobile and desktop applications’ platform The…
Read MoreMicrosoft.Identity.Client.MsalClientException: Failed to get user name
You might be using the following method to attempt Integrated Windows Auth while using Microsoft Authentication Library (MSAL)… and you are getting one of the following errors… Make sure you at least meet these minimum requirements: What is actually failing? MSAL makes a call to GetUserNameEx function from secur32.dll… https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/01ecd12464007fc1988b6a127aa0b1b980bca1ed/src/client/Microsoft.Identity.Client/Platforms/Features/DesktopOS/WindowsNativeMethods.cs#L66 For more information about GetUserNameEx… https://learn.microsoft.com/en-us/windows/win32/api/secext/nf-secext-getusernameexa Windows is returning this error message. There is a number of reasons this can…
Read MoreHow to resolve “No account or login hint was passed to the AcquireTokenSilent” with a Web App and no persistent token cache
You have implemented Microsoft Authentication Library or Microsoft Identity Web and now you are seeing the following error message: No account or login hint was passed to the AcquireTokenSilent The root cause is because the Token Cache is empty when you are trying to acquire a token silently when account was attempted to be pulled from MSAL. So on Web Applications like Asp.Net or Asp.Net Core, this is generally when…
Read MoreHow to Resolve IDX10501 Errors in a B2C Microsoft.Identity.Web Application
Consider the situation where you are developing an ASP.NET Core application that needs to support Azure B2C. Following the official Microsoft Document, you implement the Microsoft.Identity.Web library and three built-in User Flows. All is working well, but you also need to implement a Custom Policy. You find the following documentation which shows how to make a request with the B2C policy specified: https://learn.microsoft.com/en-us/azure/active-directory-b2c/enable-authentication-web-application-options#pass-the-azure-ad-b2c-policy-id You try to implement this guidance. Everything…
Read MoreHow to Solve Failed Authentication After Publishing App to Google Play Store
Issue Description You successfully implemented Azure AD Authentication in your Android app with the Microsoft Authentication Library. The application built and executed perfectly and passed all QA testing with flying colors. And then you published the application on Google Play. And authentication doesn’t work after installing the app. If you exposed authentication error messages to the user, or had them sent to your team, then you might see an error…
Read MoreHow to enable MSAL for Java (MSAL4J) logging in a Spring Boot application
In this blog, I’ll show how to enable MSAL4J logging using the logback framework in a spring boot web application. I’ll use our Azure AD B2C web sample here. The complete code for this blog is on github. Refer to the MSAL for Java logging documentation for more info. There are 3 main things you need to do for logging to work 1) Include the logback package in the pom.xml…
Read MorePackage Inspector for MSAL Android Native Guide
Package Inspector for MSAL Android Native Guide The Microsoft Authentication Library (MSAL) for Android Native contains a tool called Package Inspector. This tool presents a list of packages installed on an Android device and allows the user to view, copy, and paste the signature hash used to sign the application’s package. It can be very useful in troubleshooting and verifying the signature hash for applications installed on an Android device.…
Read More