0
votes

We just moved to Azure Portal and i created a Xamarin Cross-Platform app that gets authenticated via MSAL.

When i was building the app. it was registered on https://apps.dev.microsoft.com/, and the user was getting authenticated without any problems.

After testing, i registered it on our Azure Portal under app registration, gave it the required permissions as before, and updated the app ID in the code.

Now, i cant even go past my email page. I keep getting the message:"It looks like you're trying to open this resource with an app that hasn't been approved by your IT dept", even though the admin granted the permissions to the app. Not sure where to go from here. Any help appreciated.

Thanks in advance

1

1 Answers

1
votes

When i was building the app. it was registered on https://apps.dev.microsoft.com/, and the user was getting authenticated without any problems.

apps.dev.microsoft.com is used to register the application for Azure AD v2.0, and you could leverage MSAL for authenticating users by using AD account or personal Microsoft account.

For the application registered on Azure portal, you need to use the ADAL library. Detailed tutorial about integrating Azure AD (v1.0) with your xamarin apps, you could follow here.

UPDATE:

Based on your scenario, for using MS graph via ADAL, you could create an app under your tenant and add the required delegated permissions to the Microsoft Graph API. The AcquireTokenAsync method would look as follows:

var authResult = await authContext.AcquireTokenAsync("https://graph.microsoft.com/", clientId, returnUri, parent);

Moreover, for differences between app-only and delegated scopes permissions, you could follow here. Also, you could check differences between Microsoft Graph or Azure AD Graph.