Share via

I am getting AuthenticationFailedException while connecting to AzureAD is there anything i am missing or permissions

Navuluri, Sai Chandu 0 Reputation points
2023-12-15T05:17:29.66+00:00 
 var scopes = new[] { "https://graph.microsoft.com/.default" };

 // using Azure.Identity;
 var options = new ClientSecretCredentialOptions
 {
     AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
 };

 // https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
 var clientSecretCredential = new ClientSecretCredential(
     tenantId, clientId, clientSecret, options);
 var graphClient = new GraphServiceClient(clientSecretCredential, scopes);

 var user = "{******@na.zzz.com}";
 var x = graphClient.Users[user].GetAsync();
 var c = x.Result.Mail;

error:I am getting AuthenticationFailedException while connecting to AzureAD is there anything i am missing or permissions

System.AggregateException
  HResult=0x80131500
  Message=One or more errors occurred.
  Source=mscorlib
  StackTrace:
   at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
   at VActiveDirectory.AzureAdUserOperations.<RemoveUserAsync>d__0.MoveNext() in C:\Users\sn718331\source\repos\AD_Sync\project\VAdmin\Solutions\ADFS\AzureAdUserOperations.cs:line 55

  This exception was originally thrown at this call stack:
    [External Code]

Inner Exception 1:
AuthenticationFailedException: ClientSecretCredential authentication failed: Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy.

Inner Exception 2:
AggregateException: Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy.

Inner Exception 3:
RequestFailedException: The underlying connection was closed: An unexpected error occurred on a send.

Inner Exception 4:
WebException: The underlying connection was closed: An unexpected error occurred on a send.

Inner Exception 5:
IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.

Inner Exception 6:
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Developer technologies | .NET | Other
Microsoft Security | Microsoft Graph

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Navya 19,795 Reputation points Microsoft External Staff Moderator
    2023-12-18T08:51:46.83+00:00

    Hi @Navuluri, Sai Chandu ,

    Thank you for posting this in Microsoft Q&A.

    I understand you are encountering an AuthenticationFailedException while connecting to Azure AD. You are using an ASP.NET (C#) application and the Microsoft Graph API to retrieve user information.

    The error message suggests that there may be an issue with the authentication credentials or permissions.

    1.Check the authentication credentials: Ensure that the tenantId, clientId, and clientSecret values are correct. These values are used to authenticate the application with Azure AD.

    2.Check your application have user.Read delegated permissions.
    Select your application -> API permissions.

    3.Once you will get the access token with correct audience(https://graph.microsoft.com), access token needs to pass as bearer token in the authorization header to get the user's details.

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments
  2. CarlZhao-MSFT 46,371 Reputation points
    2023-12-20T02:54:08.9133333+00:00

    Hi @Navuluri, Sai Chandu

    It looks like you are not assigning values to the tenantId, clientId, clientSecret parameters. Also, don’t forget to use the await keyword when performing asynchronous operations.

    The complete code should be:

    using Microsoft.Graph;
using Azure.Identity;


var scopes = new[] { "https://graph.microsoft.com/.default" };

var tenantId = "TENANT_ID";

// Values from app registration
var clientId = "CLIENT_ID";
var clientSecret = "CLIENT_SECRET";

// using Azure.Identity; 
var options = new TokenCredentialOptions
{
    AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};

// https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
var clientSecretCredential = new ClientSecretCredential(
    tenantId, clientId, clientSecret, options);

var graphClient = new GraphServiceClient(clientSecretCredential, scopes);


var result = await graphClient.Users["{ID | UPN}"].GetAsync();

Console.WriteLine(result.UserPrincipalName);

    User's image

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.