How to retrieve the Microsoft Store ID key?

Question

I'm trying to learn how to retrieve the Microsoft Store ID key. For this, I followed the examples provided by Microsoft in Windows Universal Samples. I tried to use the Business to Business scenario (scenario 7). I already published a sample App and registered the app in Azure Active Directory. The problem is I don't know what value should I send as the publisherUserId parameter in the getCustomerCollectionsIdAsync/getCustomerPurchaseIdAsync functions. I tried to send the email of the current user (customer email) which only retrieves an empty result (Microsoft Store ID key).

 function getCustomerCollectionsId() {
    var token = getTokenFromAzureOAuthAsync().done(function (aadToken) {
        if (aadToken) {
            storeContext.getCustomerCollectionsIdAsync(aadToken, "***@hotmail.com")//"kim@example.com"
                .done(function (result) {
                    output.innerText = result;
                    if (!result) {
                        WinJS.log && WinJS.log("getCustomerCollectionsIdAsync failed.", "sample", "error");
                    }
                });
        }
    });
}

function getCustomerPurchaseId() {
    var token = getTokenFromAzureOAuthAsync().done(function (aadToken) {
        if (aadToken) {
            storeContext.getCustomerPurchaseIdAsync(aadToken, "***@hotmail.com")//"kim@example.com"
                .done(function (result) {
                    output.innerText = result;
                    if (!result) {
                        WinJS.log && WinJS.log("getCustomerPurchaseIdAsync failed.", "sample", "error");
                    }
                });
        }
    });
}

The [`publisherUserId`](https://learn.microsoft.com/en-us/uwp/api/windows.services.store.storecontext) parameter is optional, If you maintain anonymous user IDs for use in their services, you could pass `customer email` as parameter. Could you tell the email you passed is customer or publisher? — Nico Zhu, Nov 28 '17 at 03:21
@NicoZhu-MSFT the parameter passed as publisherUserId is a customer email. — André Freitas, Nov 28 '17 at 09:54
@NicoZhu-MSFT yes it throws an exception due to lack of arguments. (0x800a13ee - JavaScript runtime error: getCustomerCollectionsIdAsync: function called with too few arguments) — André Freitas, Nov 28 '17 at 10:37
I mean that you could pass `null` parameter as `publisherUserId`. — Nico Zhu, Nov 29 '17 at 05:26
@NicoZhu-MSFT With the publisherUserId equals to null the result of both functions are empty (result = ""). — André Freitas, Nov 29 '17 at 12:27
Having the exact same issue! I absolutely need to provide a value to get a Store ID, null or empty strings don't work and the value is NOT optional even though the docs say it is. — Maximus, Jan 17 '18 at 19:21
I come across the same problem, then I use charles ssl proxy to log that https request that uwp send to https://collections.mp.microsoft.com and get the detail error message like { "code": "Unauthorized", "data": [], "details": [], "innererror": { "code": "AuthenticationTokenInvalid", "data": [], "details": [], "message": "Authentication token supplied is invalid" }, "message": "The client is not authorized to perform the requested operation.", "source": "CollectionsFD" } — bronze man, Jul 02 '19 at 06:52

score 1 · Answer 1 · answered Jul 02 '19 at 08:17

I have face the same problem, here is the solution works for me.

Go to https://portal.azure.com ,choose "Azure Active Directory" , choose "App registrations" , choose your application in the right panel. then Choose Manifest to edit it manifest. set following fields to the value:

"accessTokenAcceptedVersion": 1,
"identifierUris": [
    "https://onestore.microsoft.com",
    "https://onestore.microsoft.com/b2b/keys/create/collections",
    "https://onestore.microsoft.com/b2b/keys/create/purchase"
    ],
"signInAudience": "AzureADMyOrg",

And the resource field of your get token request (https://login.microsoftonline.com/xxx/oauth2/token) must be the exact string "https://onestore.microsoft.com/b2b/keys/create/collections" (notice that the domain part is "onestore.microsoft.com")

ps: My way to find out this solution:

use charles ssl proxy to record request of my c# project with the storeContext.getCustomerCollectionsIdAsync api. find out that the url it send is "https://collections.mp.microsoft.com/v7.0/beneficiaries/me/keys" and the request body contain the token I send to it.
use charles ssl proxy to record request of other app that works correctly like "Hotspot Shield", try to buy something from it, and cancel it. Find the request of the url and download the request body and base64 raw url to decode the second part of their token, find that the "aud" is "https://onestore.microsoft.com/b2b/keys/create/collections" and "ver" is "1.0".
Change the config of the "App registrations" and the token get code to make the result token is version 1.0 and "aud" to the correct one.

I think that "Azure Active Directory" is update to version 2, but the document of "Microsoft Store ID key" is not update to that version ...

version 1 is not allowed in this manifest, validation discards it — vehsakul, Jan 27 '22 at 09:51

score -1 · Answer 2 · answered Jul 11 '18 at 09:33

using Windows.Security.Authentication.Web;
...
string SID = WebAuthenticationBroker.GetCurrentApplicationCallbackUri().ToString();

You can try this if you are in the development phase. This will be helpful if you are stuck worrying about submitting the app to store to do something like Facebook authentication. Given below is the reference I got it from. Hope this helped!

http://microsoft.github.io/winsdkfb/index.html

How to retrieve the Microsoft Store ID key?

2 Answers2