ADAL - Native App to REST service - Authentication with AAD via Browser Dialog

NOTE: This sample is outdated. Its technology, methods, and/or user interface instructions have been succeeded by newer features. For an updated sample that addresses the same scenario, see NativeClient-DotNet at

C# (8.2 MB)
4.3 Star
4,777 times
Add to favorites
E-mail Twitter Digg Facebook
Sign in to ask a question

  • Multiple startup project not set by default
    1 Posts | Last post November 27, 2013
    • Just for the record, when I downloaded this sample multiple startup projects were not set on my solution configuration.
      After manually setting it up, I could run the app
      Maybe this will help someone else.
      PS: Running VS2013 and Windows 8.1
  • Getting parameter missing Exception
    1 Posts | Last post October 29, 2013
    • I get the following XAMLObjectWriterException 
      "The invocation of the constructor on type 'ToDoListClient.MainWindow' that matches the specified binding constraints threw an exception."
      with message "{"Value cannot be null.\r\nParameter name: response"}" 
      as a result resourceAppIdUri is never set. I am not sure what it should be. Any ideas ?
  • Target Machine Refuses Connection at AuthenticationParameters.CreateFromResourceUrl
    1 Posts | Last post October 28, 2013
    • I tried to follow the instructions carefully.  But I'm encountering this (innermost) exception.
      Exception:Thrown: "No connection could be made because the target machine actively refused it" (System.Net.Sockets.SocketException)
      A System.Net.Sockets.SocketException was thrown: "No connection could be made because the target machine actively refused it"
      It occurs at this line in the MainWindow constructor:
      AuthenticationParameters parameters = AuthenticationParameters.CreateFromResourceUrl(new Uri(resourceBaseAddress + "api/todoList"));
  • Wrong comment about JwtSecurityTokenHandler.CertificateValidator
    1 Posts | Last post July 03, 2013
    • I think that this comment in Global.asax.cs is wrong
      // for demo purposes certificate validation is turned off. Please note that this shouldn't be done in production code. 
      CertificateValidator = X509CertificateValidator.None
      From this forum thread I understand that this particular validation should be disabled because the signing key has no trust burned in -- it is valid because it was retrieved from the HTTPS endpoint.
  • I'm not seeing current principal populated correctly
    2 Posts | Last post April 12, 2013
    • Although I can see a claim for the Name, Thread.CurrentPrincipal = tokenHandler.ValidateToken(token, validationParameters);
      // Get owner from current thread principal
              private static string GetCurrentOwner()
                  return ClaimsPrincipal.Current.Identity.Name;
      returns null - and I don't see the products for the user.
    • hi Nikkh,
      sorry for the delay. There might be 2 different things going on:
      1) you are using LiveID as identity provider, or you changed the mapping for the Name claim. In that case, I'd suggest trying with another identity provider to see if that fixes the issue
      2) you might be hitting a bug in the sample: where we set Thread.CurrentPrincipal to the outcome of ValidateToken we should assign the same value to Http.Current.User - if you don't do so, in some cases the identity might not get correctly propagated. We will fix the sample at the next update
      hope this helps!