Skip to content

A .NET Core daemon console application calling Microsoft Graph or your own WebAPI with its own identity

License

Notifications You must be signed in to change notification settings

Azure-Samples/active-directory-dotnetcore-daemon-v2

Repository files navigation

page_type languages products description urlFragment
sample
csharp
powershell
microsoft-entra-id
Daemon or unattended application consuming Microsoft Graph or your own Web Apis using Microsoft Identity Platform to acquire tokens.
ms-identity-daemon

A .NET Core daemon console application using MSAL.NET to acquire tokens for resources

Build status

About this sample

This sample uses Microsoft.Identity.Web, which is a higher level API on top of MSAL.NET. If you are interested in the raw MSAL.NET code, see this archived branch

Scenario

In these scenarios we show how unattended daemon applications can authenticate as itself using the Microsoft Authentication Library for .NET (MSAL.NET) SDK and acquire Access Tokens for various web APIs like Microsoft Graph or any other API secured with the Microsoft Identity Platform

Structure of the repository

This repository contains a chapter-wise tutorial made of three parts:

Sub folder Description
1-Call-Graph This sample application shows how to use the Microsoft Authentication Library for .NET (MSAL.NET) to access the data of Microsoft business customers in a long-running, non-interactive process. It uses the OAuth 2 client credentials grantto acquire an access token, which can be used to call the Microsoft Graph and access organizational data

Topology
2-Call-OwnApi This sample application shows how to use the Microsoft Authentication Library for .NET (MSAL.NET) to access the data from a protected Web API, in a non-interactive process. It uses the OAuth 2 client credentials grant to acquire an access token, which is then used to call the Web API. Additionally, it lays down all the steps developers need to take to secure their Web APIs with the Microsoft identity platform.

Topology
3-Using-KeyVault This chapter explains how to integrate Azure Key Vault and Managed Identities for Azure Resources with a daemon application. Additionally, it has a code snippet on how to get an access token for Key Vault.

How to run this sample

To run this sample, you'll need:

  • Visual Studio and the .NET Core SDK
  • An Internet connection
  • A Windows machine (necessary if you want to run the app on Windows)
  • An OS X machine (necessary if you want to run the app on Mac)
  • A Linux machine (necessary if you want to run the app on Linux)
  • a Microsoft Entra tenant. For more information on how to get a Microsoft Entra tenant, see How to get a Microsoft Entra tenant
  • A user account in your Microsoft Entra tenant. This sample will not work with a Microsoft account (formerly Windows Live account). Therefore, if you signed in to the Microsoft Entra admin center with a Microsoft account and have never created a user account in your directory before, you need to do that now.

Step 1: Clone or download this repository

From your shell or command line:

git clone https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2.git

or download and exact the repository .zip file.

Given that the name of the sample is pretty long, and so are the name of the referenced NuGet packages, you might want to clone it in a folder close to the root of your hard drive, to avoid file size limitations on Windows.

Community Help and Support

Use Stack Overflow to get support from the community. Ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [msal dotnet].

If you find a bug in the sample, please raise the issue on GitHub Issues.

If you find a bug in msal.Net, please raise the issue on MSAL.NET GitHub Issues.

To provide a recommendation, visit the following User Voice page.

Consider taking a moment to share your experience with us.

Contributing

If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

More information

For more information, see MSAL.NET's conceptual documentation:

For more information about the underlying protocol:

For a more complex multi-tenant Web app daemon application, see active-directory-dotnet-daemon-v2