Getting Authorization Code from URL

Anonymous
2021-10-07T14:10:50.207+00:00

My question is this.

I follow the instructions found here: https://dev.applicationinsights.io/documentation/Authorization/AAD-OAuth2-Flows
Under "OAuth2 Authorization Code Flow",

  1. Authorize URL (GET request):

I am instructed to get the code from the resulting URL. This works in a browser.

My question is, how does one get this code while working in .Net Core? Specifically C#?

When making a request to the Authorize URL, the client_id is the Application ID from your AAD App, copied from the App's properties menu. The redirect_uri is the home page/login URL from the same AAD App. Upon successful request, this endpoint will redirect to your login page with the authorization code appended to the URL.

Running the code below, I get Http.Status = 200.

var uri = "https://login.microsoftonline.com/{tenantid}/oauth2/authorize?client_id={clientid}&response_type=code&redirect_uri=https://localhost&response_mode=query&resource={resourceid}&state=12345";

using var client = new HttpClient();
using var response = client.GetAsync(uri).Result;

var x = response.RequestMessage.RequestUri;

The RequestUri is the original Uri. No surprise there. But nowhere in the response does there exist the redirected URL from which to extract the Authorization Code.

Any Ideas? Or am I going about this all wrong?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,566 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,601 Reputation points
    2021-10-08T14:29:54.34+00:00

    Hello @Anonymous ,

    Thanks for reaching out.

    Azure AD authorization code flow require user interaction to get authentication and request code in order to get JWT token (access_token and refresh_token) so just calling above URL it just take you to login page that's why you see HTTP status 200 since your code doesn't aware of handling Azure AD authentication due to which you don't get auth code returned.

    To learn more about Microsoft identity platform and OAuth 2.0 authorization code flow, refer.

    Therefore, you need to leverage Microsoft Authentication Library (MSAL) in your application code for handling Azure AD authentication, here are different supported platform ( including .NET Cores , ASP.NET , Java etc..,) MSAL library for your reference.

    Web app that signs in a user: https://learn.microsoft.com/en-us/azure/active-directory/develop/authentication-flows-app-scenarios#web-app-that-signs-in-a-user

    Hope this helps.

    ------
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments