9
votes

I am developing a Windows Store application that communicate to Dynamics CRM Online using Azure Active Directory for the authentication.

The application uses this CRM 2013 SDK example: SampleCode\CS\ModernAndMobileApps\ModernSoapApp

and refers to this nuget package for the authentication:

Microsoft.Preview.WindowsAzure.ActiveDirectory.Authentication

I am able to authenticate correctly, the main line is this:

AuthenticationResult result = await _authenticationContext.AcquireTokenAsync("Microsoft.CRM", ClientID, redirectUrl, string.Empty, string.Empty);

The problem is that I need to add a logout functionality and I can't get rid of the persistent token.

I tried to do a logout with the following line:

(AuthenticationContext.TokenCache as DefaultTokenCache).Clear();

but the application is able to get a valid token by itself when I call again the AcquireTokenAsync method instead showing the page for entering the credentials.

What am I missing to perform a full logout?

1
How did you resolved this ? I'm having trouble with WPF app, when I checked the "Remember Me" in the popup window and sign in, I can't sign out.Dabbas
a workaround is to force another time the authentication with a wrong password, normally it resets the tokenGuido Preite

1 Answers

18
votes

If you would like to sign the user out of the STS too, issue a logout request: https://login.windows.net/{tenantid or "common"}/oauth2/logout?post_logout_redirect_uri={URL}. The URL needs to be a reply url registered with your app in AAD.

You're clearing the local credential cache. Silent auth might be happening due to the STS cookie (what does Fiddler trace when you call AcquireTokenAsync again)?

Hope that helps. Possible duplicate of this question.