MSAL.net and Mictosoft accounts

Pablo Glomby 186 Reputation points
2020-11-20T18:17:05.93+00:00

I have a .net desktop application and I use MSAL.net (Microsoft.Identity.Client).
I already coded a little application that lists all the files that are in OneDrive Personal (root folder).
I had to register an application in portal.azure.com in order to use MSAL.net.
My question is, is it possible to avoid registering the application in the portal.azure.com server? Because the application will be a generic application and ideally the user should not need to do anything.
If not, is it possible to programmatically register an application using the user/password information?

Thanks

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,817 questions
{count} votes

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,616 Reputation points
    2020-11-23T04:57:00.727+00:00

    Hi @Pablo Glomby · Thank you for reaching out.

    The Application Registration has to be done only once for a given application that you are developing. Every user who is accessing your application don't need to do app registration or have a separate app registration instance. Authentication request includes the App ID of the registered application in the client_id parameter which is facilitated by MSAL.net.

    If the users will be using their personal Microsoft accounts (like outlook.com, hotmail.com etc.) to sign into the application, all you need to make sure is, you have registered the application using the option "Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)".

    41773-image.png

    To automate app registration, you can use below Graph calls. If you create app registration via portal, it creates both application and servicePrincipal as one step. However, if you are using graph api for this purpose, you need to create application and servicePrincipal separately. While registering the application using this method, you need to make sure the signInAudience is AzureADandPersonalMicrosoftAccount to allow users to sign in with their personal Microsoft accounts.

    1. Create application: https://learn.microsoft.com/en-us/graph/api/application-post-applications?view=graph-rest-1.0&tabs=csharp
    2. Create servicePrincipal: https://learn.microsoft.com/en-us/graph/api/serviceprincipal-post-serviceprincipals?view=graph-rest-1.0&tabs=csharp

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.