Azure本机应用程序通用身份验证 [英] Azure Native Application Common Authentication

问题描述

我正在尝试通过将公用端点与本机应用程序一起使用来为用户获取访问令牌.我已经尝试过login.windows.net/common/OAuth2/Authorize和login.windows.net/common作为AuthenticationContext的权限.

I am trying to acquire an access token for a user by using the common endpoint with a Native Application. I've tried both login.windows.net/common/OAuth2/Authorize and login.windows.net/common as the authority for the AuthenticationContext.

这是我正在使用的功能:

Here is the function I am using:

authResult = authContext.AcquireToken(resource, clientID, redirectUri, PromptBehavior.Auto);

这是我的应用程序的权限:

Here are the permissions for my application:

Windows Azure Active Directory:以登录用户身份访问目录

Windows Azure Active Directory: Access the directory as the signed-in user

Windows Azure服务管理API:以组织身份访问Azure服务管理

Windows Azure Service management API: Access Azure Service Management as organization

当我尝试进行身份验证时，我可以登录，但随后出现错误消息:

When I try and authenticate I'm able to login in, but then I get the error:

AADSTS65001:用户或管理员不同意使用ID为"{client ID}"的应用程序.发送对此用户和资源的交互式授权请求.

AADSTS65001: The user or administrator has not consented to use the application with ID '{client ID}'. Send an interactive authorization request for this user and resource.

我可以使用以下方法登录:

I can log in just fine using:

https://login.windows.net/ {tenantID}/OAuth2/Authorize

https://login.windows.net/{tenantID}/OAuth2/Authorize

但是我希望用户能够在不知道其租户ID的情况下登录.谢谢您的帮助.

but I want the user to be able to log in without knowing what their tenant ID is. Thank you for the help.

推荐答案

事实证明，您无法将通用端点与我正在使用的Microsoft帐户一起使用.仅允许您使用Azure Active Directory帐户.

It turns out you are not able to use the common endpoint with a Microsoft Account which is what I was doing. You are only allowed to use an Azure Active Directory Account.

这篇关于Azure本机应用程序通用身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！