Skip to content
/ CustomTranslator-API-CSharp Public

Custom Translator API code samples including access token generation

3 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MicrosoftTranslator/CustomTranslator-API-CSharp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
AccessTokenClient
AccessTokenClient
 
 
images
images
 
 
packages
packages
 
 
AccessTokenClient.sln
AccessTokenClient.sln
 
 
README.MD
README.MD
 
 

Repository files navigation

While AADv2 doesn’t fully support a non-interactive solution, it does provide long lived refresh tokens so that the access token can be refreshed when needed.

What this means is a workflow like this can be used for automation scenarios:

  1. Log-in once interactively to get the access token and a refresh token.
  2. Store both the access token and the refresh token in a cache.
  3. Automation can use the access token to login without the need for user intervention.
  4. When the access token expires, a new token can be retrieved and stored by using the refresh token

The latest version of the Microsoft.Identity.Client libraries contain very nice methods that handle much of this behind the scenes. I created a working code sample (complete with comments to describe what is happening); this VS solution.

One thing to note- This solution depends entirely on the reliability of the refresh tokens issued by AADv2. The documentation contains a section on these special tokens here: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-id-and-access-tokens#refresh-tokens. Two things seem important here:

Apps must be granted “offline_access” scope. This doesn’t seem to be a problem, but we should keep it in mind They warn against relying on refresh tokens because they “can be invalidated at any moment for various reasons”. This hasn’t been and shouldn’t be a problem, but your autmation should probably be written such that it sends a notification in case of Sign-In failure/ refresh token invalidation.

To use this solution to generate access token, you need to register an application at the Microsoft Appp Registration portal:

 https://ms.portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
  1. Click "Register an application" and type app-name and select account type.
  2. Click "Register" which will give you an MSAL "Application (client) ID" that you can use with the authentication APIs.
  3. Click "Authentication" blade and configure "Public client/native (mobile & desktop)" by clicking on the drop down arrow. Your configuration should look like this:

Authentication

Then modify API permissions to look like so (don't foget to grant admin consent)

API permissions

Now you have an "Application (client) ID" value, update the app.config:

<add key="clientId" value="add client ID" />

with your value.

About

Custom Translator API code samples including access token generation

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

7 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages