romanm
asked on
How to authenticate user credentials on Azure Active Directory without invoking the microsoft login UI?
I have username and password,
I'd like to authenticate these with the Azure Active Directory in my cloud, and I want it to be done with Microsoft Graph API if possible.
And most important, absolutely no user interface. Assume its all running via command line, or in a script.
So far I got the UI way (using C# but ultimately it will be C++):
Uri authUri = new Uri(string.Format("https://login.microsoftonline.com/{0}/oau th2/v2.0/a uthorize", TenantId));
try
{
string data = string.Format("client_id={ 0}&respons e_type=cod e&response _mode=quer y&scope=us er.read&re direct_uri ={1}", ClientId, WebUtility.UrlEncode(redir ectUrl));
BrowsePage b = new BrowsePage();
b.navigate(authUri, data);
b.Show();
b.Closed += new EventHandler((object sender, System.EventArgs e) =>
{
is_authenticated = true;
});
}
catch (System.Net.WebException ex)
{
System.Console.WriteLine(" Authorize request: " + ex.Message);
}
I'd like to authenticate these with the Azure Active Directory in my cloud, and I want it to be done with Microsoft Graph API if possible.
And most important, absolutely no user interface. Assume its all running via command line, or in a script.
So far I got the UI way (using C# but ultimately it will be C++):
Uri authUri = new Uri(string.Format("https://login.microsoftonline.com/{0}/oau
try
{
string data = string.Format("client_id={
BrowsePage b = new BrowsePage();
b.navigate(authUri, data);
b.Show();
b.Closed += new EventHandler((object sender, System.EventArgs e) =>
{
is_authenticated = true;
});
}
catch (System.Net.WebException ex)
{
System.Console.WriteLine("
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Well I'm no programmer so I cannot give you that many details, but the ADAL source code is available on GitHub, so just find the AcquireTokenAsync method and check the logic used therein.
ASKER
ADAL doesn't work for me, tried AuthenticationContextInteg ratedAuthE xtensions but it returns an error that the query is missing the client_secret or client_assertion.
basically the use case I'm trying to solve is like this,
the server gets a request to authenticate a user, identified by a retina scan and finger print,
the server after processing the data pulls from a database:
1. username
2. password
3. app id
4. app secret
5. app uri
with these 5 the server would call the AAD to authenticate the user, and get the user permissions.
this all happens with no UI.
And try as I may, nothing actually works.
basically the use case I'm trying to solve is like this,
the server gets a request to authenticate a user, identified by a retina scan and finger print,
the server after processing the data pulls from a database:
1. username
2. password
3. app id
4. app secret
5. app uri
with these 5 the server would call the AAD to authenticate the user, and get the user permissions.
this all happens with no UI.
And try as I may, nothing actually works.
ASKER
Thanks for the effort.
ASKER
What I really want to find out are the internals of those methods, at least for this user credentials scenario.