Client library
Provide scoped access to web APIs protected by Azure AD using OpenID Connect and OAuth 2.0 with the Microsoft Authentication Library for .NET (MSAL.NET).
Install the NuGet package directly from the Visual Studio Package Manager console or with the .NET Core CLI.
Visual Studio Package Manager
Install-Package Microsoft.Identity.Client
.NET Core CLI
.NET CLICopy
dotnet add package Microsoft.Identity.Client
Code example
Retrieve an access token for the Microsoft Graph API in a desktop application (public client).
C#Copy
/* Include this using directive:
using Microsoft.Identity.Client;
*/
string ClientId = "11111111-1111-1111-1111-111111111111"; // Application (client) ID
string Tenant = "common";
string Instance = "https://login.microsoftonline.com/";
string graphAPIEndpoint = "https://graph.microsoft.com/v1.0/me";
string[] scopes = new string[] { "user.read" };
AuthenticationResult authResult = null;
var app = PublicClientApplicationBuilder.Create(ClientId)
.WithAuthority($"{Instance}{Tenant}")
.WithRedirectUri("http://localhost")
.Build();
var accounts = await app.GetAccountsAsync();
var firstAccount = accounts.FirstOrDefault();
try
{
// Always first try to acquire a token silently.
authResult = await app.AcquireTokenSilent(scopes, firstAccount)
.ExecuteAsync();
}
catch (MsalUiRequiredException ex)
{
// If an MsalUiRequiredException occurred when AcquireTokenSilent was called,
// it indicates you need to call AcquireTokenInteractive to acquire a token.
System.Diagnostics.Debug.WriteLine($"MsalUiRequiredException: {ex.Message}");
try
{
authResult = await app.AcquireTokenInteractive(scopes)
.WithAccount(firstAccount)
.WithPrompt(Prompt.SelectAccount)
.ExecuteAsync();
}
catch (MsalException msalex)
{
System.Diagnostics.Debug.WriteLine($"Error acquiring Token:{System.Environment.NewLine}{msalex}");
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine($"Error acquiring token silently:{System.Environment.NewLine}{ex}");
return;
}
if (authResult != null)
{
System.Diagnostics.Debug.WriteLine($"Access token:{System.Environment.NewLine}{authResult.AccessToken}");
}