-
Notifications
You must be signed in to change notification settings - Fork 365
Authority Override
pmaytak edited this page Jun 9, 2021
·
6 revisions
In many scenarios, such as client credential flow in multi-tenant apps, it is useful to specify the AAD tenant at the request level instead of the app level. However, the authority in the app and the request must always be for the same cloud, i.e. the host of the authority URL must not be different.
var app = ConfidentialClientApplicationBuilder
.Create(PublicCloudConfidentialClientID)
.WithAuthority("https://login.microsoft.com/common", true)
.Build();
var result = await app.AcquireTokenForClient(scopes)
.WithAuthority("https://login.microsoft.com/123456-1234-2345-1234561234");An application instance can only deal with one cloud. If your app needs to handle multiple clouds at the same time, please create an app for each of them.
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Maui Docs
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- High Availability
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code