How to configure Web Api access as Azure Active Directory Graph API

0
votes

I have setup WebApi application and under permissions it has access to Windows Azure Active Directory.

The application is able to access the graph api, and there is no prompt for the user to login.

How can I achieve a similar setup for my WebApi? I want only applications that have permissions setup to access it. I set it up this way: http://bitoftech.net/2014/09/12/secure-asp-net-web-api-2-azure-active-directory-owin-middleware-adal/

But unlike when accessing the graph api for "Windows Azure Active Directory", it prompts for a login.

1
azureasp.net-web-api

1 Answers

0
votes

You need to use a different overload of AcquireTokenAsync if you don't want to be prompted to authenticate. This essentially means using a secret for authentication of your application.

string tenantId = "[your domain, such as contoso.onmicrosoft.com]";
string clientSecret = "[Get this from the CONFIGURE page in the portal]";
string resAzureGraphAPI = "https://graph.windows.net";

var context = new AuthenticationContext(string.Format("https://login.windows.net/{0}", tenantId));

ClientCredential clientCred = new ClientCredential(clientId, clientSecret);
AuthenticationResult result = await context.AcquireTokenAsync(resAzureGraphAPI, clientCred);