I've created a .net 6 winforms application that needs to connect to an API that is secured by Azure AD, Azure Storage Account and Azure App Configuration.
At this moment the user of the application needs to login twice, once for the API and once for the other Azure resources.
How can i change my application that the user only needs to login once and have access to the API and the Azure resources?
For the API i created an App Registration with User.Read permissions. To login to the API use the code:
In my Program.cs i create a PublicClientApplication
private static IPublicClientApplication clientApp;
clientApp = PublicClientApplicationBuilder.Create(ClientId)
.WithRedirectUri(redirectUri)
.WithAuthority(AzureCloudInstance.AzurePublic, tenantId)
.Build();
In the class where i login to the API i use the following code:
AuthenticationResult authResult = await Program.PublicClientApp.AcquireTokenInteractive(scopes)
.WithUseEmbeddedWebView(false)
.WithPrompt(Prompt.SelectAccount)
.ExecuteAsync();
The user has RBAC access to the Azure Storage account. To login to the Azure Storage Account i use this code:
private DefaultAzureCredential azureCredentials = null;
azureCredentials = new DefaultAzureCredential(true);
BlobServiceClient = new BlobServiceClient(serviceUri: new Uri(defaultStorageAccount), azureCredentials);
Can someone guide me how i can combine this so that the user of the application needs to login once and have access to both, the API and the Azure Storage account (and other Azure services)?