Desktop app that calls web APIs: Acquire a token

After you've built an instance of the public client application, you'll use it to acquire a token that you'll then use to call a web API.

The web API is defined by its scopes. Whatever the experience you provide in your application, the pattern to use is:

  • Systematically attempt to get a token from the token cache by calling AcquireTokenSilent.
  • If this call fails, use the AcquireToken flow that you want to use, which is represented here by AcquireTokenXX.

In MSAL.NET

AuthenticationResult result;
var accounts = await app.GetAccountsAsync();
IAccount account = ChooseAccount(accounts); // for instance accounts.FirstOrDefault
                                            // if the app manages is at most one account
try
{
 result = await app.AcquireTokenSilent(scopes, account)
                   .ExecuteAsync();
}
catch(MsalUiRequiredException ex)
{
  result = await app.AcquireTokenXX(scopes, account)
                    .WithOptionalParameterXXX(parameter)
                    .ExecuteAsync();
}

There are various ways you can acquire tokens in a desktop application.


Important

If users need to use multi-factor authentication (MFA) to log in to the application, they will be blocked instead.

Next steps

Move on to the next article in this scenario, Call a web API from the desktop app.