-
Notifications
You must be signed in to change notification settings - Fork 214
Acquiring tokens with username and password
For historical reasons, ADAL.NET supports in some platforms (.NET framework) the user name and password flow.
In general Microsoft does not advice customers to use it as it's less secure than the other flows, and it is not compatible with conditional access (as if the resource requires conditional access, the call to AcquireTokenSilent
will just fail, given that this is not an interactive flow, the STS does not have an opportunity to present a dialog to the user to tell him/her that s/he needs to do multiple factor authentication).
For more information about why you want to avoid using this grant, you can, for instance read the following article which explains why Microsoft is working to make passwords a thing of the past
you can get a token with a username and password by calling the same override as for the integrated windows authentication. This method can be used both in federated tenants or with Azure AD.
This method is not available part of the AuthenticationContext
class, but as an AcquireTokenAsync
extension method of the AuthenticationContextIntegratedAuthExtensions
class. This extension method takes as a parameter, in addition to the resource and clientId of the public client application an instance of UserCredential
, which in fact is even an instance of UserPasswordCredential
- Home
- Why use ADAL.NET?
- Register your app with AAD
- AuthenticationContext
- Acquiring Tokens
- Calling a protected API
- Acquiring a token interactively
- Acquiring tokens silently
- Using Device Code Flow
- Using Embedded Webview and System Browser in ADAL.NET and MSAL.NET
- With no user
- In the name of a user
- on behalf of (Service to service calls)
- by authorization code (Web Apps)
- Use async controller actions
- Exception types
- using Broker on iOS and Android
- Logging
- Token Cache serialization
- User management
- Using ADAL with a proxy
- Authentication context in multi-tenant scenarios
- Troubleshooting MFA in a WebApp or Web API
- Provide your own HttpClient
- iOS Keychain Access