| title | Enable WPF desktop application options using Azure Active Directory B2C |
|---|---|
| description | Enable the use of WPF desktop application options by using several ways. |
| author | kengaderdus |
| manager | CelesteDG |
| ms.service | azure-active-directory |
| ms.topic | reference |
| ms.date | 01/11/2024 |
| ms.author | kengaderdus |
| ms.subservice | b2c |
| ms.custom | b2c-support |
[!INCLUDE active-directory-b2c-end-of-sale-notice-b]
This article describes ways you can customize and enhance the Azure Active Directory B2C (Azure AD B2C) authentication experience for your Windows Presentation Foundation (WPF) desktop application.
Before you start, familiarize yourself with the Configure authentication in a sample WPF desktop app by using Azure AD B2C article.
[!INCLUDE active-directory-b2c-app-integration-login-hint]
- If you're using a custom policy, add the required input claim, as described in Set up direct sign-in.
- Look for your Microsoft Authentication Library (MSAL) configuration object, and then add the
withLoginHint()method with the login hint.
authResult = await app.AcquireTokenInteractive(App.ApiScopes)
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle)
.WithLoginHint("[email protected]")
.ExecuteAsync();[!INCLUDE active-directory-b2c-app-integration-domain-hint]
- Check the domain name of your external identity provider. For more information, see Redirect sign-in to a social provider.
- Create or use an existing
Dictionaryobject to store extra query parameters. - Add the
domain_hintparameter with the corresponding domain name to the dictionary (for example,facebook.com). - Pass the extra query parameters object into the MSAL configuration object's
WithExtraQueryParametersmethod.
Dictionary<string, string> extraQueryParameters = new Dictionary<string, string>();
extraQueryParameters.Add("domain_hint", "facebook.com");
authResult = await app.AcquireTokenInteractive(App.ApiScopes)
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle)
.WithExtraQueryParameters(extraQueryParameters)
.ExecuteAsync();[!INCLUDE active-directory-b2c-app-integration-ui-locales]
- Configure language customization.
- Create or use an existing
Dictionaryobject to store extra query parameters. - Add the
ui_localesparameter with the corresponding language code to the dictionary (for example,en-us). - Pass the extra query parameters object into the MSAL configuration object's
WithExtraQueryParametersmethod.
Dictionary<string, string> extraQueryParameters = new Dictionary<string, string>();
extraQueryParameters.Add("ui_locales", "en-us");
authResult = await app.AcquireTokenInteractive(App.ApiScopes)
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle)
.WithExtraQueryParameters(extraQueryParameters)
.ExecuteAsync();[!INCLUDE active-directory-b2c-app-integration-custom-parameters]
- Configure the ContentDefinitionParameters element.
- Create or use an existing
Dictionaryobject to store extra query parameters. - Add the custom query string parameter, such as
campaignId. Set the parameter value (for example,germany-promotion). - Pass the extra query parameters object into the MSAL configuration object's
WithExtraQueryParametersmethod.
Dictionary<string, string> extraQueryParameters = new Dictionary<string, string>();
extraQueryParameters.Add("campaignId", "germany-promotion");
authResult = await app.AcquireTokenInteractive(App.ApiScopes)
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle)
.WithExtraQueryParameters(extraQueryParameters)
.ExecuteAsync();[!INCLUDE active-directory-b2c-app-integration-id-token-hint]
- In your custom policy, define an ID token hint technical profile.
- In your code, generate or acquire an ID token, and then set the token to a variable (for example,
idToken). - Create or use an existing
Dictionaryobject to store extra query parameters. - Add the
id_token_hintparameter with the corresponding variable that stores the ID token. - Pass the extra query parameters object into the MSAL configuration object's
extraQueryParametersattribute.
Dictionary<string, string> extraQueryParameters = new Dictionary<string, string>();
extraQueryParameters.Add("id_token_hint", idToken);
authResult = await app.AcquireTokenInteractive(App.ApiScopes)
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle)
.WithExtraQueryParameters(extraQueryParameters)
.ExecuteAsync();[!INCLUDE active-directory-b2c-app-integration-logging]
The following code snippet demonstrates how to configure MSAL logging:
PublicClientApp = PublicClientApplicationBuilder.Create(ClientId)
.WithB2CAuthority(AuthoritySignUpSignIn)
.WithRedirectUri(RedirectUri)
.WithLogging(Log, LogLevel.Info, false) // don't log P(ersonally) I(dentifiable) I(nformation) details on a regular basis
.Build();During the desktop app registration process, when you're choosing a redirect URI, keep in mind the following important considerations:
- Development: For development use in desktop apps, you can set the redirect URI to
http://localhost, and Azure AD B2C will respect any port in the request. If the registered URI contains a port, Azure AD B2C will use that port only. For example, if the registered redirect URI ishttp://localhost, the redirect URI in the request can behttp://localhost:<randomport>. If the registered redirect URI ishttp://localhost:8080, the redirect URI in the request must behttp://localhost:8080. - Unique: The scheme of the redirect URI must be unique for every application. In the example
com.onmicrosoft.contosob2c.exampleapp://oauth/redirect,com.onmicrosoft.contosob2c.exampleappis the scheme. This pattern should be followed. If two applications share the same scheme, users are given a choice of applications. If users choose incorrectly, the sign-in fails. - Complete: The redirect URI must have a both a scheme and a path. The path must contain at least one slash character after the domain. For example,
//oauth/works, and//oauthfails. Don't include special characters in the URI. For example, the underscore character (_) isn't allowed.
- To learn more, see MSAL for .NET, UWP and NetCore configuration options.