How to share user token between two different applications ?

%3CLINGO-SUB%20id%3D%22lingo-sub-2148602%22%20slang%3D%22en-US%22%3EHow%20to%20share%20user%20token%20between%20two%20different%20applications%20%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2148602%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20everyone%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20would%20like%20to%20achieve%20this%3A%3C%2FP%3E%3CP%3EI%20have%20two%20applications%20using%20adb2c%20for%20authentication.%20I%20would%20like%20a%20user%20to%20be%20able%20to%20sign%20in%20interactively%20in%20the%20first%20application%20and%20then%20be%20logged%20in%20silently%20in%20the%20second%20application.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20I%20have%20for%20now%3A%3C%2FP%3E%3CP%3EBoth%20applications%20are%20registered%20in%20Azure%20environment%2C%20with%20two%20different%20client%20id.%3C%2FP%3E%3CP%3EBoth%20applications%20share%20the%20exact%20same%20code%2C%20same%20cache%20and%20same%20configuration%2C%20except%20for%20the%20client%20id.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20issue%20is%3A%3C%2FP%3E%3CP%3EIf%20I%20use%20the%20same%20client%20id%20for%20both%20applications%20(as%20if%20they%20were%20registered%20as%20a%20single%20application)%2C%20the%20user%20can%20sign%20interactively%20in%20one%20application%20and%20then%20be%20logged%20in%20silently%20in%20the%20second%20one.%3C%2FP%3E%3CP%3EBut%2C%20if%20I%20use%20two%20different%20client%20id%2C%20it%20is%20no%20longer%20working.%20If%20the%20user%20first%20signed%20in%20interactively%20in%20application%201%2C%20when%20I%20call%26nbsp%3BGetAccountsAsync()%20in%20application%202%20to%20get%20the%20user%20account%20in%20cache%2C%20it%20returns%20no%20account.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20code%3A%3C%2FP%3E%3CP%3ETo%20acquire%20token%20interactively%3A%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-csharp%22%3E%3CCODE%3Eprivate%20async%20Task%3CAUTHENTICATIONRESULT%3E%20AcquireTokenInteractiveAsync()%0A%7B%0A%20%20%20try%0A%20%20%20%7B%0A%20%20%20%20%20%20AuthenticationResult%20ar%20%3D%20await%20pubClientApp.AcquireTokenInteractive(config.ApiScopes)%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20.WithB2CAuthority(config.GetAuthoritySignUpSignIn()).WithExtraQueryParameters(ui_locale).ExecuteAsync()%3B%0A%20%20%20%20%20%20return%20ar%3B%0A%20%20%20%7D%0A%20%20%20catch%20(MsalException%20ex)%0A%20%20%20%7B%0A%20%20%20%7D%0A%20%20%20catch%20(Exception%20ex)%0A%20%20%20%7B%0A%20%20%20%7D%0A%20%20%20return%20null%3B%0A%7D%3C%2FAUTHENTICATIONRESULT%3E%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETo%20acquire%20token%20silently%3A%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-csharp%22%3E%3CCODE%3Eprivate%20async%20Task%3CAUTHENTICATIONRESULT%3E%20AcquireTokenSilentAsync()%0A%7B%0A%20%20%20try%0A%20%20%20%7B%0A%20%20%20%20%20%20var%20accounts%20%3D%20await%20pubClientApp.GetAccountsAsync()%3B%0A%20%20%20%20%20%20if%20(accounts.Count()%20%26gt%3B%200)%0A%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20AuthenticationResult%20ar%20%3D%20await%20pubClientApp.AcquireTokenSilent(config.ApiScopes%2Caccounts.FirstOrDefault()).ExecuteAsync()%3B%0A%20%20%20%20%20%20%20%20%20return%20ar%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%7D%0A%20%20%20catch%20(Exception%20ex)%0A%20%20%20%7B%0A%20%20%20%7D%0A%20%20%20return%20null%3B%0A%7D%3C%2FAUTHENTICATIONRESULT%3E%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20your%20help%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Frequent Visitor

Hi everyone

 

I would like to achieve this:

I have two applications using adb2c for authentication. I would like a user to be able to sign in interactively in the first application and then be logged in silently in the second application.

 

What I have for now:

Both applications are registered in Azure environment, with two different client id.

Both applications share the exact same code, same cache and same configuration, except for the client id.

 

My issue is:

If I use the same client id for both applications (as if they were registered as a single application), the user can sign interactively in one application and then be logged in silently in the second one.

But, if I use two different client id, it is no longer working. If the user first signed in interactively in application 1, when I call GetAccountsAsync() in application 2 to get the user account in cache, it returns no account.

 

My code:

To acquire token interactively:

private async Task<AuthenticationResult> AcquireTokenInteractiveAsync()
{
   try
   {
      AuthenticationResult ar = await pubClientApp.AcquireTokenInteractive(config.ApiScopes)               .WithB2CAuthority(config.GetAuthoritySignUpSignIn()).WithExtraQueryParameters(ui_locale).ExecuteAsync();
      return ar;
   }
   catch (MsalException ex)
   {
   }
   catch (Exception ex)
   {
   }
   return null;
}

 

To acquire token silently:

private async Task<AuthenticationResult> AcquireTokenSilentAsync()
{
   try
   {
      var accounts = await pubClientApp.GetAccountsAsync();
      if (accounts.Count() > 0)
      {
         AuthenticationResult ar = await pubClientApp.AcquireTokenSilent(config.ApiScopes,accounts.FirstOrDefault()).ExecuteAsync();
         return ar;
      }
   }
   catch (Exception ex)
   {
   }
   return null;
}

 

Thanks for your help :)

0 Replies