In order to connect to one-note API from a .net application, We need client id and client secret. For office 365 account it requires the user to register in windows azure. Is there a way to get the client id/secret for office 365 account without windows azure account ?
Yes, you can do it without registering your app in Windows Azure.
You do need to register your app with the Microsoft Account Developer Center https://account.live.com/developers/applications/ and that will give you a client ID and secret you can use in your ASP.net site without using Azure.
Here is a great tutorial walking you from beginning to end: https://channel9.msdn.com/Series/OneNoteDev/Getting-Started-with-the-OneNote-API-ASP-NET-Edition
Related
Not sure how to go about doing this; I'm not looking for B2C, I don't want my users to sign in. I just want my Xamarin app to be able to access an Azure AAD protected API. In other words, I want to authenticate the app itself with the Azure Active Directory, to access an Azure AAD protected API. From what I've found on the internets, service principal to service principal auth is discouraged when using mobile apps and I've not really found a way to do it service to service anyhow.
Any suggestions on how to properly do this? Links with tutorials would be great.
Thanks!
Azure does provide the ability to generate a client ID which you could have sent from your application and checked. Microsoft talk about this in this article. You will want to be careful with how you store this ID in your app as if someone were to steal this they would be able to access your API. Along with that you'd also want to make sure that your connection between your app and server is secured with a pinned SSL certificate so it cannot be man-in-the-middle'd.
Another interesting approach is software attestation where some service checks various aspects of your app to ensure that it is your app. Full disclosure, I work for a company which does this. See Approov. We take a fingerprint of your app and our SAAS checks that this matches at run time. We then issue a token which your app can use to prove that it is the real app.
I want to use On Premise Windows Authenticated SQL with Azure Web App. I am new to Azure. what are all possible ways to achieve this.
Thanks!
I want to use On Premise Windows Authenticated SQL with Azure Web App.
Unfortunately, it is not supported by Azure WebApp. If we want to use the Windows Authenticated, we need to ensure that Windows Authentication is enabled for the web server. We could remote to Azure website to check that there is no Windows Authenticated under the Authentication option, details please refer to the screenshot.
.
If you stick on absolutely use On Premise Windows Authenticated and host your website on Azure, you could use Azure Windows VM to host your website. And need to join the VM to your AD, that meanings both VMs are in the same network.
As you use on-premise machine, you will need to create a site to site VPN.
I'm trying to write a C# console app that will register an application in Azure Active Directory. It should work just as the web application project creation wizard in VS 2013 when you Change Authentication and select Organizational Accounts in Azure.
Following the fiddler trace, I can see that it authenticates the user using wsfederation and an oauth2 token and then uses the graph.windows.net graph api to configuration the AAD directoryObjects service principal and application.
I have tried to use the sample Graph API app, but it requires the app be registered first so that I have the clientId (application id) and password (key) to send in the Acquire Token request using the Windows Azure AD Authentication Library for .NET.
I've tried using a bunch of the different Azure APIs but they all have my chicken and egg problem, I want to use an unregistered client application to register an application in AAD. I need to avoid Configuring Application Authentication and Authorization for the Graph API so that the user has no manual steps.
Does anyone know how Visual Studio does it, using just the user login with browser prompt or if there is a standard application id and password that can be used to access the graph API, like there is the standard login URL, https://login.windows.net/common? Some C# samples would be greatly appreciated.
This post does the Application creation, but requires a clientId and password, which I don't think I have.
You can't register a new application using the Graph API from an unregistered client. The only reason the VS2013 flow works is because VS2013 is already registered in a special way within Azure AD -- it's a first party application and has unique permissions. In my Fiddler trace, VS2013 uses a client ID of 872cd9fa-d31f-45e0-9eab-6e460a02d1f1. Technically you can use this client ID and the redirect URI of VS2013 to initiate sign-on with Azure AD. This still involves user interaction (the user has to authenticate via browser pop-up) so it doesn't meet your requirement for "no manual steps," but it's somewhat helpful for understanding the protocol flows and how registration works.
The bottom line is that if you want to call the Graph API without user interaction (client credential flow), the client needs to be registered with the proper application permissions.
I have two separate apps and one Azure Mobile Service. Is there a way to link both apps to use Live Connection through the same Azure Mobile Service. The service allows associating one app to my Azure Mobile Service domain, but when I try to associate another app to the same service, I get an error that it is already in use (which is correct, but intended!).
One Azure Mobile Service
2x Different Client Apps
Live Auth
Is there a way around this or am I forced to create a new mobile service for each app client type I have. This seems silly as they're all using the same back end service.
This is not currently possible. If you look at the Identity settings for a Microsoft Account, one of the requirements is the Client ID which is tied to each individual Windows 8 app ID.
I am trying to get multiple identity providers (Google, Facebook, multiple ADFS) working with a SharePoint 2013 web application provisioned on Office 365.
I know about options related to ADFS and Shibboleth, but am wondering if there is any way to get Azure ACS to handle the authentication for this web app. I do have an on-premise SharePoint 2013 web application working with Azure ACS, but don’t have much info around how to do the same thing with Office 365 or if it’s even possible.
Not supported (yet).
Given that Office 365 use Windows Azure AD, we can hope that ACS support will come one day.