stackoom
  简体   繁体   中英

Setting up redirect URI for Azure AD authentication from native app

 原文  2019-11-20 10:30:02       azure/ uwp/ azure-active-directory/ c++-winrt

Question

I'm writing a desktop application with C++/WinRT which needs to silently authenticate with Azure AD on a joined machine, using the Web Account Manager API.

Following the recent Microsoft documentation here , I can see that the redirect-uri set in the /oauth2/token request when using this API is something like ms-appx-web://Microsoft.AAD.BrokerPlugin/{id} .

When I try to set this redirect URI in the App Registrations page of my Azure AD application, I get an error saying that only HTTPS schemes are allowed. The (also recent) Azure AD documentation here states that (emphasis mine):

The new App registrations experience doesn't allow developers to add URIs with HTTP scheme on the UI. Adding HTTP URIs for apps that sign in work or school accounts is supported only through the app manifest editor. Going forward, new apps won't be able to use HTTP schemes in the redirect URI. However, older apps that contain HTTP schemes in redirect URIs will continue to work. Developers must use HTTPS schemes in the redirect URIs.

Does this mean that new apps won't be able to use non-HTTPS schemes in the redirect URI even when using the app manifest editor ? Is this the correct way of setting up a native application for authentication with Azure AD?

It does seem like I don't really require a redirect-uri since this is a native application; I only need the token! It seems like there is the MSAL library for doing "Integrated Windows Authentication" (as documented here ), but the API seems to be .NET only which unfortunately is not an option.

1 answers

solution1
 0  2019-11-21 01:41:44

Does this mean that new apps won't be able to use non-HTTPS schemes in the redirect URI even when using the app manifest editor?

Yes, you are right.

It does seem like I don't really require a redirect-uri since this is a native application;

Yes, for native application, you can use the default redirect uri.

在此处输入图像描述

Update:

This document is using old app registrations portal. See the detailed steps here.

Go to Azure Active Directory->App registrations

在此处输入图像描述

Create a new application or find your old application(You can ignore the red error message).

在此处输入图像描述

Make sure the application type is native.

在此处输入图像描述

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Core app with Azure AD authentication behind a reverse proxy is setting the wrong redirect_uri Get token from redirect uri in azure ad Custom redirect URI for azure ad b2c native mobile app not working Name and redirect URL of Azure AD Native App Need help setting up B2B Authentication in Azure AD Firebase authentication to Azure AD from Android app Azure AD Authentication redirect loop Authentication with Azure AD - React Native Azure AD and Redirect Uri with infinite login loop How to Set Azure AD Redirect URI with Param
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM