Microsoft-authentication-library-for-dotnet: Azure AD device Code Flow with personal accounts

@teichgraf : the library is ready, whenever the service implements it.
What is your scenario (to help pushing up the priorities on the service side)? are you building command line tools or portable tools and want to sign-in MSA accounts? can you please share more with us?

We are trying to implement a login-flow for the HoloLens in order to access M365 Graph APIs and load data from there. For the HoloLens and it's limited text input UX we a need a login scenario without a browser on the HoloLens.

Is there (even a coarse) timeline when the service will support it?

Let me know if you need more info @jmprieur

hi @jmprieur,

I have a simular issue. I write a dotnet tool to list and download the onedrive albums. (because the website and the client can't handle big albums download (2000 Items and more per album))
But in a dotnet tool I can't open a browser. So I must use the device code flow.

Oh and I have missed one detail. A dotnet core tool can only be build with dotnet core and not with full framework. :(

Looking down into the code I noticed that we're forcing the replacement of common with organizations for some reason.

Could we get clarification if the discovery endpoint is online and availible to use so this work can be completed?

Authenticating all account users with device code flow is something of great interest. Hoping to have this limitation resolved soon.

We hope that Azure AD will support Device Code Flow for Microsoft Personal account this Quarter. The reason for forcing the replacement of common with organizations is because common is not supported by Azure AD in Device Code Flow (basically to avoid throwing an exception when you use the default parameters)

@jmprieur Will domain accounts also work within a different tenant then? Will we be able to sign in an external user without adding him to our tenant?

@0k1 : I believe that this is already the case. If your app is multi-tenant (audience = organizations), this works already.
Did you see: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Device-Code-Flow#constraints ?

Confirmed. Thank you.

@jmprieur was this issue fixed in the last Quarter? I need this feature so often and I can't use this so often...

Update:

No it's currently not changed. Not in the preview builds of 3.x.x and not in the latest 2.x.x release.

@paule96 : it's not a question of build/library.
Work is currently happening service side (Azure AD v2.0 enpoint) to enable it

@jmprieur any updates here? Is there any timeline or preview or something?

@paule96 : the work is still in progress on the service. this will take a few months to come to production.

Thx for your feedback :) I will stay tuned.

What changes are needed from client-side to use Device Flow with personal accounts (MSA)?

@rayluo : When this is "fixed", just change the authority to be common instead of organizations
Today MSAL.NET core replaces common by organizations (for supportability reasons MSAL.NET replaces common by organizations internally: this is because the default authority is common, and until the service implements Device Code Flow for personal accounts, every single developer using MSAL with device code flow had an issue)

@paule96 - you can use Interactive authentication in .Net core for a while now. MSAL will open whatever browser the OS defaults to to perform auth. Much better experience than device code flow for .NET Core.

https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/System-Browser-on-.Net-Core

@bgavrilMS I agree that addition of interactive to .Net core is great. Particularly for us it was a lifesaver since we managed to make it work in Unity as well. But it's hardly a replacement for a native flow.

Thanks for the feedback @ashikns - we'll look at adding an embedded browser experience when .net core 3 ships. Not sure if that will help with Unity though.

@reneschulte @rayluo @ashikns @0k1 @paule96
This is included in the 4.5.0 release.

Awesome 😎