Reputation: 3222
Native App and Azure AD - Hello World
I am trying to create a simple example of a console Application that requires a valid user. The Application is a simple Console Application:
static void Main(string[] args)
{
string authority = "https://login.windows.net/----------------.onmicrosoft.com";
AuthenticationContext context = new AuthenticationContext(authority);
Console.WriteLine("Context created");
string resource = "ConsoleApp1";
string clientId = "------------------------------------";
string redirectUri = "http://localhost";
var parameters = new PlatformParameters(PromptBehavior.RefreshSession);
context.TokenCache.Clear();
// Throws AggregateException--> AADSTS50105: The signed in user is not assigned to a role for the application
var token = Task.Run(() => context.AcquireTokenAsync(resource, clientId, new Uri(redirectUri), parameters)).Result;
Console.WriteLine("Hello, authorized user");
}
The Application starts, presents the sign-in window, and then throws the exception
AADSTS50105: The signed in user is not assigned to a role for the application
Over in the Azure Portal, I've registered ConsoleApp1 as a native Application.
Under Required Permissions, I've checkmarked:
- Sign in and read user profile
- Access the Directory as the signed-in user
Other than that, I'm stumped, the error Message tells me that I need to assign some kind of role to the user, but I cannot find this anywhere in the Application's settings. Can someone help shed some light on this please?
Upvotes: 1
Views: 425
Answers (1)
Reputation: 14649
You were specify the incorrect resource(ConsoleApp1). The resource should should represents the resource you have granted to this application and which you acquire the access token for.
It seems that you grant Azure AD Graph's permission to this application, did you want to acquire the access token to use the Azure Graph REST?
If I understood correctly, you can replace the resource using https://graph.windows.net.
More detail about integrating with Azure AD, you can refer here.
Upvotes: 3
Related Questions
- Azure AD authentication with .NET framework
- Cannot Authenticate AzureAD native client application
- Azure Active Directory Authentication Process with Xamarin.iOS
- Authenticate Native App with asp.net core Backend using Azure AD with Client Secret
- Authenticating Xamarin Forms app with Azure Active Directory for accessing a protected Azure AAD Web API app
- Azure AD SSO for native mobile application
- Azure AD B2C Signin from native app - To sign into this application the account must be added to the directory
- Authenticate the user on Azure AD using ADAL library from Android native app
- Single-Sign-On between web app and native app using ADAL
- Azure API APP authentication using Azure AD