13,721 questions
Authentication in Azure App Console and query in the Microsoft Graph application
Carlos Jahir Carreño Hernandez
125
Reputation points
Hello, thank you for all the advice you have been able to provide me in these groups following the guides and blogs. I'm having issues with authentication and queries. I tried to follow the exercise provided by Microsoft and reached this point.
- graphHelper.cs
using System.Diagnostics;
using Azure.Core;
using Azure.Identity;
using Microsoft.Graph;
using Microsoft.Graph.Models;
//-----------------------------------------------
//Aqui se configura todo el acceso de autenticacion a la aplicacion
[DebuggerDisplay($"{{{nameof(GetDebuggerDisplay)}(),nq}}")]
class GraphHelper
{
// Esta configira el aceso que se encuentra ne el archivo .jason appsettings
private static Settings? _settings;
// Credenciales de autenticacion del usuario
private static DeviceCodeCredential? _deviceCodeCredential;
// configuracion del cliente con el usuario de autenticacion
private static GraphServiceClient? _userClient;
public static void InitializeGraphForUserAuth(Settings settings,
Func<DeviceCodeInfo, CancellationToken, Task> deviceCodePrompt)
{
_settings = settings;
var options = new DeviceCodeCredentialOptions
{
ClientId = settings.ClientId,
TenantId = settings.TenantId,
DeviceCodeCallback = deviceCodePrompt,
};
_deviceCodeCredential = new DeviceCodeCredential(options);
_userClient = new GraphServiceClient(_deviceCodeCredential, settings.GraphUserScopes);
}
public static async Task<string> GetUserTokenAsync()
{
// Ensure credential isn't null
_ = _deviceCodeCredential ??
throw new System.NullReferenceException("Graph has not been initialized for user auth");
// Ensure scopes isn't null
_ = _settings?.GraphUserScopes ?? throw new System.ArgumentNullException("Argument 'scopes' cannot be null");
// Request token with given scopes
var context = new TokenRequestContext(_settings.GraphUserScopes);
var response = await _deviceCodeCredential.GetTokenAsync(context);
return response.Token;
}
//----------------------------------------------------------------------
public static Task<Device?> GetUserAsync()
{
// Ensure client isn't null
_ = _userClient ??
throw new System.NullReferenceException("Graph has not been initialized for user auth");
return _userClient.Devices.GetAsync((config) =>
{
// Only request specific properties
config.QueryParameters.Select = new[] {"displayName", "deviceId"};
});
}
private string GetDebuggerDisplay()
{
return ToString();
}
}
- program.cs
Console.WriteLine("Dispositivos\n");
var settings = Settings.LoadSettings();
//Inincializacion de MS graph
InitializeGraph(settings);
//Greet he user by name
await GreetUserAsync();
int choice = -1;
while (choice != 0)
{
Console.WriteLine("Seleccione una de las siguiente sopciones");
Console.WriteLine("0. Exit");
Console.WriteLine("1. Display access token");
try
{
choice = int.Parse(Console.ReadLine() ?? string.Empty);
}
catch (System.FormatException)
{
// Set to invalid value
choice = -1;
}
switch(choice)
{
case 0:
// Exit the program
Console.WriteLine("Adios...");
break;
case 1:
// Display access token
await DisplayAccessTokenAsync();
break;
default:
Console.WriteLine("Opcion no valida");
break;
}
}
void InitializeGraph(Settings settings)
{
GraphHelper.InitializeGraphForUserAuth(settings,
(info, cancel) =>
{
// Display the device code message to
// the user. This tells them
// where to go to sign in and provides the
// code to use.
Console.WriteLine(info.Message);
return Task.FromResult(0);
});
}
{
// TODO
}
async Task GreetUserAsync()
{
try
{
var devicePerson = await GraphHelper.GetUserAsync();
Console.WriteLine($"Nombre Dispositivo, {device?.DisplayName}!");
}
catch (Exception ex)
{
Console.WriteLine($"Error getting devicePerson: {ex.Message}");
}
}
async Task DisplayAccessTokenAsync()
{
try
{
var userToken = await GraphHelper.GetUserTokenAsync();
Console.WriteLine($"User token: {userToken}");
}
catch (Exception ex)
{
Console.WriteLine($"Error getting user access token: {ex.Message}");
}
}
I have followed this exercise and other tutorials: https://learn.microsoft.com/en-us/graph/tutorials/dotnet?tutorial-step=2&tabs=aad. Thanks
Microsoft Security Microsoft Graph
Developer technologies C#
11,568 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 7.000000000000001%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC3%3C/text%3E%3C/svg%3E)
Carolyne-3676 296 Reputation points2023-10-16T08:00:49.1766667+00:00 Hello Carlos! What issue are you specifically facing? Is there an error message that we can use as a starting point?
-
Carlos Jahir Carreño Hernandez 125 Reputation points
2023-10-17T19:34:28.78+00:00 In English, the translated sentence would be: "Well, after investigating, I took another path, and I was able to authenticate myself. Thank you."
-
Carolyne-3676 296 Reputation points
2023-10-18T06:13:27.24+00:00 Glad you were able to resolve this . Maybe just to share general guidance here for the sake of the community and anyone who runs into a somehat similar issue around authentication:
-->Based on the code provided, it seems like you are trying to authenticate a user and query their devices using Microsoft Graph API. The code initializes the GraphHelper class with the user credentials and uses the GraphServiceClient to make requests to Microsoft Graph API.-->To troubleshoot the authentication issues, you can start by checking if the app registration in Azure AD has the correct permissions and scopes. You can check the app registration's API permissions to see if it has the necessary permissions to access the Microsoft Graph API.
-->You can also check if the user account you are trying to authenticate has the correct permissions and roles in Azure AD. Make sure that the user has the necessary roles to access the Microsoft Graph API.
Here are some resources to help authentication and querying devices using Microsoft Graph API:
- Authenticating users with Device Code Flow: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-device-code
- Querying devices using Microsoft Graph API: https://docs.microsoft.com/en-us/graph/api/device-list?view=graph-rest-1.0&tabs=http
- Sample code for authenticating users with Device Code Flow and querying devices using Microsoft Graph API: https://github.com/microsoftgraph/console-csharp-deviceprofile
- Sample code for authenticating users with Azure AD and querying devices using Microsoft Graph API: https://github.com/Azure-Samples/active-directory-dotnet-graphapi-console/tree/master/01-Call-MSGraph-API
Sign in to comment
Sign in to answer