MicrosoftDocs · localden · May 16, 2024 · May 16, 2024 · May 16, 2024 · May 16, 2024
@@ -35,7 +35,7 @@ The current guidance from B2C is to use `b2clogin.com` as the authority. For exa
 ```csharp
 // Azure AD B2C Coordinates
 public static string Tenant = "fabrikamb2c.onmicrosoft.com";
-public static string ClientID = "90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6";
+public static string ClientID = "00001111-aaaa-2222-bbbb-3333cccc4444";
 public static string PolicySignUpSignIn = "b2c_1_susi";
 public static string PolicyEditProfile = "b2c_1_edit_profile";
 public static string PolicyResetPassword = "b2c_1_reset";

@@ -13,15 +13,16 @@ using Microsoft.Identity.Client;
 var app = ConfidentialClientApplicationBuilder
             .Create(clientId)
             .WithClientAssertion((AssertionRequestOptions options) => FetchExternalTokenAsync())
+            .WithCacheOptions(CacheOptions.EnableSharedCacheOptions) // for more cache options see https://learn.microsoft.com/entra/msal/dotnet/how-to/token-cache-serialization?tabs=msal
             .Build()
 
-var result = await app
-            .AcquireTokenForClient(scope).ExecuteAsync();
+var result = await app.AcquireTokenForClient(scope).ExecuteAsync();
 
 public async Task<string> FetchExternalTokenAsync() 
 {
-    // logic to get token from cache or other sources, like GitHub, Kubernetes, etc.
-     return token;
+    // Logic to get token from cache or other sources, like GitHub, Kubernetes, etc.
+    // Caching is the responsability of the implementer.
+    return token;
 }
 
 ```

@@ -28,8 +28,8 @@ The information returned is used to:
           50049
       ],
       "timestamp":"2023-03-27 16:25:19Z",
-      "trace_id":"3adb62d2-11d5-4bb0-acac-7d97451c0000",
-      "correlation_id":"ce374500-8786-4739-ac5b-9a57f9cc0140",
+      "trace_id":"0000aaaa-11bb-cccc-dd22-eeeeee333333",
+      "correlation_id":"aaaa0000-bb11-2222-33cc-444444dddddd",
       "error_uri":"https://login.microsoftonline.com/error?code=50049"
   }
   ```

@@ -1,4 +1,4 @@
-Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:50:22 - 3518b10a-d79f-4c9e-8b3d-f13560ed16f7] (UnknownClient: 0.0.0.0) MSAL MSAL.NetCore with assembly version '4.0.0.0'. CorrelationId(3518b10a-d79f-4c9e-8b3d-f13560ed16f7)
+Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:50:22 - 3518b10a-d79f-4c9e-8b3d-f13560ed16f7] (UnknownClient: 0.0.0.0) MSAL MSAL.NetCore with assembly version '4.0.0.0'. CorrelationId(aaaa0000-bb11-2222-33cc-444444dddddd)
 Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:50:22 - 3518b10a-d79f-4c9e-8b3d-f13560ed16f7] (UnknownClient: 0.0.0.0) === InteractiveParameters Data ===
 LoginHint provided: False
 User provided: False

@@ -1,4 +1,4 @@
-Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:10 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) MSAL MSAL.NetCore with assembly version '4.0.0.0'. CorrelationId(d9a740d7-3bac-4c62-b4ff-8ddacf0e4199)
+Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:10 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) MSAL MSAL.NetCore with assembly version '4.0.0.0'. CorrelationId(aaaa0000-bb11-2222-33cc-444444dddddd)
 Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:10 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) === InteractiveParameters Data ===
 LoginHint provided: False
 User provided: False
@@ -18,23 +18,23 @@ HasCustomWebUi: True
 Info (True) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:14 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0)
 === Request Data ===
 Authority Provided? - True
-Client Id - 1d18b3b0-251b-4714-a02a-9956cec86c2d
+Client Id - 00001111-aaaa-2222-bbbb-3333cccc4444
 Scopes - user.read
 Redirect Uri - http://localhost
 Extra Query Params Keys (space separated) -
 
 Info (True) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:14 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) === Token Acquisition (InteractiveRequest) started:
         Authority: https://login.microsoftonline.com/common/
         Scope: user.read
-        ClientId: 1d18b3b0-251b-4714-a02a-9956cec86c2d
+        ClientId: 00001111-aaaa-2222-bbbb-3333cccc4444
         Cache Provided: True
 Verbose (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:14 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) [Instance Discovery] Tried to use network cache provider for login.microsoftonline.com. Success? False
 Info (True) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:14 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) Fetching instance discovery from the network from host login.microsoftonline.com. Endpoint https://login.microsoftonline.com/common/discovery/instance
 Verbose (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) [Instance Discovery] Tried to use network cache provider for login.microsoftonline.com. Success? True
 Verbose (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) [Instance Discovery] After hitting the discovery endpoint, the network provider found an entry for login.microsoftonline.com ? True
 Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) Resolving authority endpoints... Already resolved? - FALSE
 Info (False) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) Using CustomWebUi to acquire the authorization code
-Info (True) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) calling CustomWebUi.AcquireAuthorizationCode authUri(https://login.microsoftonline.com/common/oauth2/v2.0/authorize?scope=offline_access+openid+profile+user.read&response_type=code&client_id=1d18b3b0-251b-4714-a02a-9956cec86c2d&redirect_uri=http%3A%2F%2Flocalhost&client-request-id=d9a740d7-3bac-4c62-b4ff-8ddacf0e4199&x-client-SKU=MSAL.NetCore&x-client-Ver=4.0.0.0&x-client-OS=Microsoft+Windows+10.0.18362+&prompt=select_account&code_challenge=e8r_5op8HYNT5oVPI60RnznsVl3HrGry51t4p6w7AEI&code_challenge_method=S256&state=a33ee23c-01de-488d-ae3e-956f4207c62ffe9f0af4-8ce0-4e07-9d42-933da2563a20) redirectUri(http://localhost/)
+Info (True) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) calling CustomWebUi.AcquireAuthorizationCode authUri(https://login.microsoftonline.com/common/oauth2/v2.0/authorize?scope=offline_access+openid+profile+user.read&response_type=code&client_id=00001111-aaaa-2222-bbbb-3333cccc4444d&redirect_uri=http%3A%2F%2Flocalhost&client-request-id=d9a740d7-3bac-4c62-b4ff-8ddacf0e4199&x-client-SKU=MSAL.NetCore&x-client-Ver=4.0.0.0&x-client-OS=Microsoft+Windows+10.0.18362+&prompt=select_account&code_challenge=e8r_5op8HYNT5oVPI60RnznsVl3HrGry51t4p6w7AEI&code_challenge_method=S256&state=a33ee23c-01de-488d-ae3e-956f4207c62ffe9f0af4-8ce0-4e07-9d42-933da2563a20) redirectUri(http://localhost/)
 Warning (True) MSAL 4.0.0.0 MSAL.NetCore Microsoft Windows 10.0.18362  [08/02/2019 08:34:16 - d9a740d7-3bac-4c62-b4ff-8ddacf0e4199] (UnknownClient: 0.0.0.0) CustomWebUi AcquireAuthorizationCode failedSystem.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
 Parameter name: Expected a valid port number, > 0, not 80
    at NetCoreTestApp.Experimental.SingleMessageTcpListener..ctor(Int32 port) in C:\g\msal\tests\devapps\NetCoreTestApp\Experimental\SingleMessageTcpListener.cs:line 31

@@ -38,8 +38,8 @@ An ASP.NET Core application configuration is described in an *appsettings.json*
   "AzureAd": {
     "Instance": "https://login.microsoftonline.com/",
     "Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
-    "TenantId": "[Enter 'common', or 'organizations' or the Tenant Id (Obtained from the Azure portal. Select 'Endpoints' from the 'App registrations' blade and use the GUID in any of the URLs), e.g. da41245a5-11b3-996c-00a8-4d99re19f292]",
-    "ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
+    "TenantId": "[Enter 'common', or 'organizations' or the Tenant Id (Obtained from the Azure portal. Select 'Endpoints' from the 'App registrations' blade and use the GUID in any of the URLs), e.g. aaaabbbb-0000-cccc-1111-dddd2222eeee]",
+    "ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. 00001111-aaaa-2222-bbbb-3333cccc4444]",
     "CallbackPath": "/signin-oidc",
     "SignedOutCallbackPath ": "/signout-callback-oidc",
 

@@ -54,7 +54,7 @@ A .NET Core console application could have the following *appsettings.json* conf
   "Authentication": {
     "AzureCloudInstance": "AzurePublic",
     "AadAuthorityAudience": "AzureAdMultipleOrgs",
-    "ClientId": "ebe2ab4d-12b3-4446-8480-5c3828d04c50"
+    "ClientId": "00001111-aaaa-2222-bbbb-3333cccc4444"
   },
 
   "WebAPI": {

@@ -526,7 +526,7 @@ If you get an exception with either of the following messages:
 
 > `AADSTS700027: Client assertion contains an invalid signature. [Reason - The key was not found.]`
 
-> `AADSTS90002: Tenant 'cf61953b-e41a-46b3-b500-663d279ea744' not found. This may happen if there are no active`
+> `AADSTS90002: Tenant 'aaaabbbb-0000-cccc-1111-dddd2222eeee' not found. This may happen if there are no active`
 > `subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription`
 > `administrator.`
 

@@ -481,7 +481,7 @@ The following troubleshooting information makes two assumptions:
 
 If you get an exception with either of the following messages: 
 
-> `AADSTS90002: Tenant 'cf61953b-e41a-46b3-b500-663d279ea744' not found. This may happen if there are no active`
+> `AADSTS90002: Tenant 'aaaabbbb-0000-cccc-1111-dddd2222eeee' not found. This may happen if there are no active`
 > `subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription`
 > `administrator.`
 

@@ -40,9 +40,9 @@ App code that seeks access to protected scope "Hello.World"
 ```csharp
 // The following parameters are for sample app in lab4. Please configure them as per your app registration.
 // And also update corresponding entries in info.plist -> IntuneMAMSettings -> ADALClientID and ADALRedirectUri
-string clientId = "bd9933c9-a825-4f9a-82a0-bbf23c9049fd";
+string clientId = "00001111-aaaa-2222-bbbb-3333cccc4444";
 string redirectURI = $"msauth.com.xamarin.microsoftintunemamsample://auth";
-string tenantID = "f645ad92-e38d-4d1a-b510-d1b09a74a8ca";
+string tenantID = "aaaabbbb-0000-cccc-1111-dddd2222eeee";
 string[] Scopes = { "api://a8bf4bd3-c92d-44d0-8307-9753d975c21e/Hello.World" }; // needs admin consent
 string[] clientCapabilities = { "ProtApp" }; // Important: This must be passed to the PCABuilder
 

@@ -64,7 +64,7 @@ The Microsoft Identity Web project templates are included in .NET SDK versions 5
 In the following example, .NET CLI command creates a Blazor Server project that includes Microsoft Identity Web.
 
 ```dotnetcli
-dotnet new webapp --auth SingleOrg --calls-graph --client-id "00000000-0000-0000-0000-000000000000" --tenant-id "11111111-1111-1111-1111-111111111111" --output my-blazor-app
+dotnet new webapp --auth SingleOrg --calls-graph --client-id "00001111-aaaa-2222-bbbb-3333cccc4444" --tenant-id "aaaabbbb-0000-cccc-1111-dddd2222eeee" --output my-blazor-app
 ```
 <!-- 
 ## Conceptual documentation