What settings to use in ADAL to access Azure AD

0
votes

I am using below settings in ADAL to access Azure AD.

  1. this is settings someone used and I found in internet

    public const string ApplicationId = "your-application-id";
public const string ReturnUri = "http://your-uri.com/";
public const string Authority = "https://login.windows.net/common";
public const string GraphResourceUri = "https://graph.windows.net";

  2. this is my setting

    public static string ApplicationID = "xxxx-xxxx-xxxx-xxxx-xxxxx";   
public static string ReturnUri = "http://myAppName register in AzureAD";     
public static string tenanturl = "https://login.microsoftonline.com/xxx-xxx-xxx-xxx-xxx";        
public static string GraphResourceUri = "https://graph.microsoft.com";

Problem:

I hope someone can confirm the following:

a) Is Authority is same as tenanturl ? which one to use: login.windows.net or login.microsoftonline.com

b) which to use for GrapResourceUri: graph.windows.net or graph.microsoft.com

c) are the settings in 1 and 2 complete? or there is more settings to add.

d) the token return from Azure AD is SAML or JWT token?

1
xamarin.formsazure-active-directoryazure-ad-b2c

1 Answers

1
votes

a) Is Authority is same as tenanturl ? which one to use: login.windows.net or login.microsoftonline.com

Authority should be https://login.microsoftonline.com/your-tenant-id-here. You can use either the unique id for your AAD tenant or one of the verified domain names, e.g. https://login.microsoftonline.com/mytenant.onmicrosoft.com.

b) which to use for GrapResourceUri: graph.windows.net or graph.microsoft.com

If you want to call Azure AD Graph API, the first. If you want to call Microsoft Graph API, you use the second.

c) are the settings in 1 and 2 complete? or there is more settings to add.

Sadly the answer is it depends. There are many flows for acquiring an access token in Azure AD, and which one you use (and thus which overload of AcquireAccessToken() you use) depends on the type of your application and what is the situation. The settings here are enough for a native application (which yours is I guess since the Xamarin Forms tag is there).