Reputation: 3401
SecurityIntelliSense Warning: Explicit usage of accesstoken found in the code
I got a securityIntelliSense warning:
Explicit usage of accesstoken found in the code: access tokens should be handled securely. It is recommended not to store it separately in a persistent storage like databases or files, unless there is a compelling requirement.
The code looks like this:
public string GetAccessToken()
{
var authContext = new AuthenticationContext(string.Concat(_aadInstance, _tenantId));
var credential = new ClientCredential(_clientId, _clientSecret);
var authResult = authContext.AcquireTokenAsync(_appResourceId, credential).Result;
return authResult.AccessToken;
}
The warning happens in the last line: authResult.AccessToken
I was wondering if there's any way to fix the warning?
Upvotes: 0
Views: 45
Answers (1)
Reputation: 24549
I was wondering if there's any way to fix the warning?
It seems that you enabled the Security IntelliSense - Preview tool.
But It just a warning information to give some tips to handle the security access token. If you still don't want to show that waring information. You could disable or uninstall the extension.
We could find it under Tool->Extensions and Updates
Upvotes: 1
Related Questions
- getting "Interaction_required\",\"error_description\":\"AADSTS530031: Access policy does not allow token issuance error when requesting token from ad
- An error occurred while requesting the token with "Expose an API” scope. AADSTS70011:The provided value for the input parameter 'scope' is not valid
- ASP.NET Core Token Acquisition Exception
- Azure AD authentication : Permission error while fetching access token
- AADSTS700054: response_type 'id_token' is not enabled for the application
- AcquireTokenFailure `AADSTS700051`
- IdentityServer4: get access token from Azure AD
- Azure AD Access Token - Authorization Code is malformed or invalid
- Multiple Matching Tokens Detected?
- Azure AD - AdalSilentTokenAcquisitionException