| page_type | languages | products | description | urlFragment | ||
|---|---|---|---|---|---|---|
sample |
|
|
This sample demonstrates a Universal Windows Platform (UWP) app calling the directory Graph API to look up a user. |
active-directory-dotnet-native-uwp-wam |
Universal Windows Platform (UWP) application calling the Microsoft Graph using Windows 10 Web Account Manager
This sample demonstrates a Universal Windows Platform (UWP) app calling the directory Graph API to look up a user. The UWP app uses the Windows 10 WebAccountManager API to obtain an access token for the Graph as the currently signed in user, or any valid Azure AD account entered by the user.
For more information about how the protocols work in this scenario and other scenarios, see Authentication Scenarios for Azure AD.
To run this sample, you'll need:
- Visual Studio 2017
- Windows 10 Tools for Visual Studio
- Windows 10 (development mode enabled)
- An Internet connection
- An Azure subscription (a free trial is sufficient)
- A Microsoft account
Every Azure subscription has an associated Azure Active Directory tenant. If you don't already have an Azure subscription, you can get a free subscription by signing up at http://wwww.windowsazure.com. All of the Azure AD features used by this sample are available free of charge.
From your shell or command line:
git clone https://github.com/AzureADSamples/NativeClient-UWP-WAM.git
Step 2: [OPTIONAL] Register the sample with your Azure Active Directory tenant and update the code accordingly
The sample app can be ran as is with any Azure AD tenant. If you just want to see how the code behaves, you can simply launch the app and play with it. If you want to restrict the use of the app to your tenant only, or if you want to learn how to register new UWP apps in Azure AD, follow the instructions below.
Before you can register the application in the Azure portal, you need to find out the application's redirect URI. Windows 10 provides each application with a unique URI and ensures that messages sent to that URI are only sent to that application. To determine the redirect URI for your project:
-
Open the solution in Visual Studio.
-
Open the
MainPage.xaml.csfile. -
Find this line of code and set a breakpoint on it.
string URI = string.Format("ms-appx-web://Microsoft.AAD.BrokerPlugIn/{0}", WebAuthenticationBroker.GetCurrentApplicationCallbackUri().Host.ToUpper());
-
Hit F5.
-
When the breakpoint is hit, use the debugger to determine the value of redirectURI, and copy it aside for the next step.
-
Stop debugging, and clear the breakpoint.
The redirectURI value will look something like this text:
ms-appx-web://Microsoft.AAD.BrokerPlugIn/S-1-15-2-2650639956-658609593-457089695-429683492-3460685052-1353383220-3160185542
As a first step you'll need to:
- Sign in to the Azure portal.
- On the top bar, click on your account and under the Directory list, choose the Active Directory tenant where you wish to register your application.
- Click on All services in the left-hand nav, and choose Azure Active Directory.
-
In the Azure Active Directory pane, click on App registrations and choose New application registration.
-
Enter a friendly name for the application, for example 'NativeClient-UWP-WAM' and select 'Native' as the Application Type.
-
For the Redirect URI, enter the value that you obtained during the previous step.
-
Click on Create to create the application.
-
In the succeeding page, Find the Application ID value and copy it to the clipboard. You'll need it to configure the Visual Studio configuration file for this project.
-
Then click on Settings, and choose Properties.
-
Configure Permissions for your application. To that extent, in the Settings menu, choose the 'Required permissions' section and then:
- click on Add, then Select an API, and type
Microsoft Graphin the textbox. Then, click on Select Permissions and select Sign in and read user profile and Read all users basic profile.
- click on Add, then Select an API, and type
- Open `MainPage.xaml.cs'.
- Find the declaration of
clientIdand replace the value with the Client ID from the Azure portal. - Find the const declaration named
tenant, and replace the value with the name of your Azure AD tenant.
Clean the solution, rebuild the solution, and run it.
The application flow is simple:
- As the app starts, you will either be automatically logged in (if you are signed in on your computer with a valid Azure AD user)
- or you'll be prompted to sign in.
- As soon as you do so, you will be able to type the alias of any user from the directory of your signed in account and get back some simple user attributes.
- If you want to query a different directory, click on the hyperlink button on top of the screen, enter the credentials for the new account, and repeat the process.
The app will remember the account you used the last time you run it, and attempt to sign in as that account at startup time. You can expect the exact same behavior when running the app on a mobile device or emulator.
We use Stack Overflow with the community to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [uwp dotnet microsoft-graph WebAccountManager].
If you find and bug in the sample, please raise the issue on GitHub Issues.
To provide a recommendation, visit our User Voice page.
If you'd like to contribute to this sample, see CONTRIBUTING.MD.
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
For more information, please visit the documentation homepage for Microsoft identity or visit one of the following links.