-
Notifications
You must be signed in to change notification settings - Fork 343
ApplicationConfiguration
MSAL.NET 3.x brings a new way to instantiate an application from code, and it enables you to directly take information from configuration files to instantiate an application.
ASP.NET Core applications propose to describe the application configuration in appsettings.json files like the following:
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
"TenantId": "[Enter 'common', or 'organizations' or the Tenant Id (Obtained from the Azure portal. Select 'Endpoints' from the 'App registrations' blade and use the GUID in any of the URLs), e.g. da41245a5-11b3-996c-00a8-4d99re19f292]",
"ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
"CallbackPath": "/signin-oidc",
"SignedOutCallbackPath ": "/signout-callback-oidc",
"ClientSecret": "[Copy the client secret added to the app from the Azure portal]"
},
"Logging": {
"LogLevel": {
"Default": "Warning"
}
},
"AllowedHosts": "*"
}MSAL.NET, from 3.x, enables you to benefit from this configuration file and configure your Confidential client application with this config file:
The classes related to the app configuration are located in the Microsoft.Identity.Client.AppConfig namespace
using Microsoft.Identity.Client.AppConfig;Then in the class where you want to benefit from the configuration, you need to declare a ConfidentialClientApplicationOptions and bind the configuration read from whatever source (including the appconfig.json file) to the instance of
private ConfidentialClientApplicationOptions _applicationOptions;_applicationOptions = new ConfidentialClientApplicationOptions();
configuration.Bind("AzureAD", _applicationOptions);This enables the content of the "AzureAD" section of the appsettings.json to be bound to the corresponding properties of the ConfidentialClientApplicationOptions
From there, you can build a ConfidentialClientApplication
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Maui Docs
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- High Availability
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code