0

I'm struggling to correctly configure my app in the Azure portal. My application prompts for user permission every time it runs. The goal is to prompt an admin user ONE TIME to grant permissions to my app.

I'm writing a CONSOLE application to create a new task in Microsoft Planner by making API calls to the Microsoft Graph API.

I'm using delegated permissions for this so this application needs to take on the permissions of a user.

The good news is I've gotten this to work already.

What I need help with is configuring my app in Azure portal correctly.

Right now, every time I run the app, it prompts for consent. I'd like the app to ask an administrator to grant permissions to the app up front once and let the console app work without prompting users after that.

One issue I have is setting up the Redirect URI. The ONLY way I've gotten this to work so far is to set the URI to "urn:ietf:wg:oauth:2.0:oob".

As much as I've read about redirect URIs, you'd think I'd have this part figured out. I've tried using:

When my console application runs, it directs the user to the login.microsoftonline.com and there I can choose a user, and then it asks me if I'd like to grant authority on behalf of my organization to all the permissions listed. I click the Accept button and it tells me that the Redirect URI does not match the one in my configuration.

Keeping in mind this is a console application, can someone please advise me as to how I should configure this to work correctly?

private static IAuthenticationProvider CreateAuthorizationProvider(string clientId, string authority, IEnumerable<string> scopes)
        {
var clientApplication = new PublicClientApplication(clientId, authority);
            return new MsalAuthenticationProvider(clientApplication, scopes.ToArray());     
        }

As you can see, the code is passing a client Id and authority. The authority in this case is where I'm passing the redirect URI. This is where I believe my problem is and where I could really use some help.

Every example out there is for a web app of some sort.

Peter Madruga
  • 1
  • To add more to this, I could understand if I had a web or mobile app that after authorizing the permissions, the app would then be redirected to a URI (a landing page of some sort) but where would that be for a console app? – Peter Madruga Jul 20 '19 at 18:39
  • I've been able to make this work by including *https://login.microsoftonline.com/common/oauth2/nativeclient and urn:ietf:wg:oauth:2.0:oob however...it still prompts for permissions every time. – Peter Madruga Jul 20 '19 at 18:58
  • I put together an admin consent URL and was able to accept the permissions but when I run my app, it still prompts. Now I'm thinking that the call I'm using (MsalAuthenticationProvider) prompts regardless of permissions. – Peter Madruga Jul 20 '19 at 20:57

0 Answers0