Getting Access Token from Azure AD without user credentials

Question

I am using ADAL in order to log in to my app which is being made in Xamarin.Forms against Azure AD. That is all working fine, however I now want to be able to register a new user and to do this need an access token to pass to the constructor of one of my methods.

However, as the user hasn't yet been registered, I need to be able to get an access token from Azure AD without actually supplying any user credentials. I have been told that in a normal web app, I'd be able to send the client id and app key so that Azure AD would know who I was and then send me back an access token but I can't figure out how to implement this in a cross-platform Xamarin app.

If anyone has come across this before, your help would be greatly appreciated.

Thanks.

Answer 1

Use of an app key in a native application is not recommended, regardless sof the dev stack you use to implement it. The reason is that generally devices should not be trusted with secrets. Furthermore, secret distribution is complicated (you can't embed it in the app code). As a result, ADAL for Xamarin (and all the other flavors of ADAL meant to be used in native apps) does not expose any method for acquiring tokens with an app key. From a antive app you really need to bootstrap secure communication with a user identity. Once you have that, you can do all sorts of interesting things on the server side (e.g. you API can, given that is running on the server, obtain tokens as an app). HTH V.