.NET | console | .NET (C#) console app that accesses a protected web API access (Microsoft Graph) | Microsoft identity platform
This sample application backs one or more technical articles on docs.microsoft.com.
This .NET console application accesses protected web API (Microsoft Graph) as its own identity by using the Microsoft Authentication Library (MSAL) for .NET. The application is written in C# and supports scenarios like cron jobs and direct command-line invocation.
$ dotnet run
Could not find a cached token, so fetching a new one.
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications/$entity",
"id": "6ed9c555-6dfd-4f35-b832-f1f634c0b876",
"deletedDateTime": null,
"appId": "59c06144-a668-4828-9ca8-ed6e117c8344",
"applicationTemplateId": null,
"disabledByMicrosoftStatus": null,
"createdDateTime": "2021-01-17T15:30:55Z",
"displayName": "active-directory-dotnet-console-app-client-credential-flow",
"description": null,
"groupMembershipClaims": null,
...
}- An Azure Active Directory (Azure AD) tenant. You can open an Azure account for free to get an Azure AD instance.
- .NET 6.0 SDK
First, complete the steps in Register an application with the Microsoft identity platform to register the application.
Use these settings in your app registration.
| App registration setting |
Value for this sample app | Notes |
|---|---|---|
| Name | active-directory-dotnet-console-app-client-credential-flow |
Suggested value for this sample. You can change the app name at any time. |
| Supported account types | Accounts in this organizational directory only (Single tenant) | Suggested value for this sample. |
| Platform type | None | No redirect URI required; don't select a platform. |
| Client secret | Value of the client secret (not its ID) | It's shown only once (when you create it). |
ℹ️ Bold text in the tables above matches (or is similar to) a UI element in the Azure portal, while
code formattingindicates a value you enter into a text box in the Azure portal.
In Program.cs, update each variable with values from the app registration you created in the previous step.
// Full directory URL, in the form of https://login.microsoftonline.com/<tenant_id>
Authority = "",
// 'Application (client) ID' of app registration in Azure portal - this value is a GUID
ClientId = "",
// Client secret 'Value' (not its ID) from 'Client secrets' in app registration in Azure portal
ClientSecret = "",
// Client 'Object ID' of app registration in Azure portal - this value is a GUID
ClientObjectId = ""dotnet runIf everything worked, you should receive a response similar to this (output truncated for brevity):
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications/$entity",
"id": "6ed9c555-6dfd-4f35-b832-f1f634c0b876",
"deletedDateTime": null,
"appId": "59c06144-a668-4828-9ca8-ed6e117c8344",
"applicationTemplateId": null,
"disabledByMicrosoftStatus": null,
"createdDateTime": "2021-01-17T15:30:55Z",
"displayName": "active-directory-dotnet-console-app-client-credential-flow",
"description": null,
"groupMembershipClaims": null,
...
}This .NET (C#) console application uses a client secret as its credentials to retrieve an access token that's scoped for the Microsoft Graph API, and then uses that token to access its own application registration information.
The Microsoft Graph response data is then written to the console. This .NET (C#) console app uses Microsoft Authentication Library (MSAL).
If you can't get the sample working, you've checked Stack Overflow, and you've already searched the issues in this sample's repository, open an issue report the problem.
- Search the GitHub issues in the repository - your problem might already have been reported or have an answer.
- Nothing similar? Open an issue that clearly explains the problem you're having running the sample app.
⚠️ WARNING: Any issue in this repository not limited to running one of its sample apps will be closed without being addressed. For all other requests, see Support and help options for developers | Microsoft identity platform.
If you'd like to contribute to this sample, see CONTRIBUTING.MD.
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.