Impersonate Azure credentials in c# RRS feed

  • Question

  • I want to create a simple app in C# to collect some data available for me when I am using Azure Portal e.g. an effective user permissions to Azure Data Lake Stores. I found a lot of examples to register app in AD but it is difficult when I am not an AD administrator. I can check this only on my corporate MSDN subscription but not on the client one.

    So I came up with the idea that I will use the same mechanism as Azure Storage Explorer or CLI, but have found no examples how to do it (maybe I do not know how to search it). Additionally I use MFA in my company (Symantec VIP).

    Is there anyone here who did something similar or could tell me where to look for a solution?

    • Moved by Femisulu-MSFT Saturday, April 27, 2019 2:17 AM better suited in AAD
    Friday, April 26, 2019 8:49 AM


All replies

  • For  example: 


    that code using device login. device login can support your account with MFA.

    • Edited by k.buchiMVP Saturday, April 27, 2019 7:41 AM
    Saturday, April 27, 2019 7:38 AM
  • Thank you for this example, but it seems not work for me. Maybe I am missing something?

    It stops on:

    var token = await authenticationContext.AcquireTokenByDeviceCodeAsync(deviceresult);
    I do not get any login screen - nothing.

    Monday, April 29, 2019 12:39 PM
  • You should access to url of deviceresult.VerificationUrl and enter code from deviceresult.UserCode.

    After that, you'll do normaly login process (enter account id and password with MFA).

    Monday, April 29, 2019 4:49 PM
  • Thank you, again!

    Ok, It works this way but when I run Azure CLI I do not have to go to the https://microsoft.com/devicelogin and enter the UserCode prior to login. Additionally I got a web page open in default browser to provide my credentials.

    Does Azure CLI (or Azure Storage Browser) provide this code somehow without user interaction?

    Monday, April 29, 2019 5:51 PM
  • If your app is .NET Framework, you can use login UI as follows:


    This sample can use FileCache. You will no require login after fist login with UI, because app uses token cache.


    DeviceCode login with FileCache. In this case, your app will no require login until token expired after fist login. 


    * Those are samples. If you want to production use, you should modified some topics. e.g. token refresh, token vault (store)..
    Monday, April 29, 2019 6:54 PM