Introduction: All my articles are compiled into simple steps with detailed screen shots and elaborative description. By following these steps even, a novice programmer should be able to replicate scenario. Please go through the steps and provide your valuable feedback to make my next articles more clearer and intent.
Note: I took help of various internet sources while researching this item. Credit goes to internet and Microsoft communities. This is one of the topics in Azure certification.
This is my fourth article on Azure.
Please follow below links for my previous Azure articles
Follow below mentioned 23 steps to Create Azure AD app and authenticate it with dot net application.
After completing this blog, you will be able to do
- Create Azure AD Application service
- Understanding Microsoft Identity classes
- Understanding Graph services
Sample Description: We are going to create a new Azure AD app and configure it to generate a key. Then create dot net console
Step 1: Open Azure portal (https://portal.azure.com)
Step 2: Create a new Azure AD application. This will be used to issues tokens for authenticate users. To create Azure AD application, Select Azure AD Directory from home page.
Step 3: After selecting Azure AD, Click on Manage> App registrations.
This Azure AD application will help you to issue authentication tokens and manage.
Step 4: Click on “New Registration” and create a new Azure AD app registration
Step 5: After creating Azure AD app, select and click on overview tab. Grab Application (client) ID and Directory (tenant) ID – these values will be used to connect this app from dot net code.
Step 6: Now it’s time to work on code part. Launch visual studio code and create a new console application by using below command. (You can give your own application name)
dotnet new console –name MatetiADConsole
Step 7: Open application by using visual studio code. Then run below command to install MS Identity library to application. We need this library to connect to azure and authentication services.
dotnet add package Microsoft.Identity.Client –version 4.7.1
Step 8: Open Program.cs, remove existing code and add code as mentioned in further steps. First add name spaces mentioned as below
using Microsoft.Identity.Client;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
Step 9: Create class Program and a Main method and 2 constants to store client id and tenant id we captured earlier
Step 10: Now assign the values of client id and tenant id we captured erlier
Step 11: With in main method declare a variable(app) of IPublicClientApplication and initialize. While initializing, provide client id and tenant id’s we provided. This will be used to connect to Azure AD App we created in previous steps.
Step 12: Declare a list of scopes and assign value of “user.read”
Step 13: Call app. AcquireTokenInteractive which will contact azure ad app and gets the authentication token. Now your program.cs looks as below
Step 14: Now run your application by using “dotnet run” command. Console application will contact to azure and gets the authentication token. When you run the application, it will prompt you to authenticate azure environment
Step 15: Now run and install MS Graph & MS Graph Authentication packages as mentioned below.
Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows 10, and Enterprise Mobility + Security. Use the wealth of data in Microsoft Graph to build apps for organizations and consumers that interact with millions of users.
dotnet add package Microsoft.Graph –version 1.21.0
dotnet add package Microsoft.Graph.Auth –version 1.0.0-preview.2
Step 16: Now we need to add code related to MS Graph. This code will be used to send information to user (it’s a kind of OTP stuff). Add below mentioned using statements at the top. This will allow you to use classes in Graph name space.
using Microsoft.Graph;
using Microsoft.Graph.Auth;
Step 17: Remove authenticateresult we added earlier and declare variable of DeviceCodeProvider class. While creating this object, pass app and scope as parameters.So the devicecodeprovider object which we initialized will be used to connect to the Azure AD app we created earlier.
Step 18: Create object of GraphServiceClient and pass devicecodeprovider as parameter.
Step 19: Now using client object we created in previous step, make an api call access Me directory, which will give access to your Azure AD.
Step 20: By using myUser object you can access complete profile of yours. You can display information what ever you want.
Step 21: Now run your application by using dotnet run command. It will provide you key which has been provided by Azure ID.
Step 22: As mentioned launch https://microsoft.com/devicelogin and key in the provided key. This key has been generated by the Azure AD app.
Step 23: App has been authenticated
By using above steps, you authenticated Azure AD app and its key.
Happy Coding!!!
Site Title 
10 thoughts on “Authenticating Azure AD App by using MSAL, MS Identity & MS Graph”