Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article lists additional methods apps may use to authenticate to Azure resources. The methods on this page are less commonly used; when possible, use one of the methods outlined in authenticating .NET apps to Azure using the Azure SDK overview.
Interactive browser authentication
This method interactively authenticates an application through InteractiveBrowserCredential by collecting user credentials in the default system.
Interactive browser authentication enables the application for all operations allowed by the interactive login credentials. As a result, if you're the owner or administrator of your subscription, your code has inherent access to most resources in that subscription without having to assign any specific permissions. For this reason, the use of interactive browser authentication is discouraged for anything but experimentation.
Enable applications for interactive browser authentication
Perform the following steps to enable the application to authenticate through the interactive browser flow. These steps also work for the device code authentication flow described later. This process is only necessary if you are using InteractiveBrowserCredential in your code.
In the Azure portal, navigate to Microsoft Entra ID and select App registrations on the left navigation.
Select the registration for your app, then select Authentication.
Under Advanced settings, select Yes for Allow public client flows.
Select Save to apply the changes.
To authorize the application for specific resources, navigate to the resource in question, select API Permissions, and enable Microsoft Graph and other resources you want to access. Microsoft Graph is usually enabled by default.
Important
You must also be the admin of your tenant to grant consent to your application when you sign in for the first time.
Example using InteractiveBrowserCredential
The following example demonstrates using an InteractiveBrowserCredential to authenticate with the BlobServiceClient:
using Azure.Identity;
using Azure.Storage.Blobs;
namespace InteractiveBrokeredAuthSample
{
public partial class InteractiveBrowserAuth : Form
{
public InteractiveBrowserAuth()
{
InitializeComponent();
}
private void testInteractiveBrowserAuth_Click(object sender, EventArgs e)
{
var client = new BlobServiceClient(
new Uri("https://<storage-account-name>.blob.core.windows.net"),
new InteractiveBrowserCredential());
foreach (var blobItem in client.GetBlobContainers())
{
Console.WriteLine(blobItem.Name);
}
}
}
}
For more exact control, such as setting redirect URIs, you can supply specific arguments to InteractiveBrowserCredential such as redirect_uri.
Device code authentication
This method interactively authenticates a user on devices with limited UI (typically devices without a keyboard):
- When the application attempts to authenticate, the credential prompts the user with a URL and an authentication code.
- The user visits the URL on a separate browser-enabled device (a computer, smartphone, etc.) and enters the code.
- The user follows a normal authentication process in the browser.
- Upon successful authentication, the application is authenticated on the device.
For more information, see Microsoft identity platform and the OAuth 2.0 device authorization grant flow.
Device code authentication in a development environment enables the application for all operations allowed by the interactive login credentials. As a result, if you're the owner or administrator of your subscription, your code has inherent access to most resources in that subscription without having to assign any specific permissions. However, you can use this method with a specific client ID, rather than the default, for which you can assign specific permissions.
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
