azure-samples / active-directory-dotnet-desktop-msgraph-v2 Goto Github PK

Sample showing how a Windows desktop .NET (WPF) application can get an access token using MSAL.NET and call the Microsoft Graph API or other APIs protected by the Microsoft identity platform (Azure Active Directory v2)

Home Page: https://aka.ms/aadv2

License: MIT License

C# 49.39% PowerShell 50.61%

aadv2 desktop-app ms-graph quickstart

active-directory-dotnet-desktop-msgraph-v2's Introduction

page_type

languages

products

description

sample

csharp

azure

azure-active-directory

dotnet

ms-graph

This sample demonstrates how to use the MSAL.NET to get an access token and call the Microsoft Graph.

This sample is for MSAL 4.x, if you are interested in the same code for MSAL 2.x, look at the releases tab or the previousVersions/Msal2x branch

WPF application signing in users with Microsoft and calling the Microsoft Graph

Getting Started	Library	Docs	Support

This simple sample demonstrates how to use the Microsoft Authentication Library (MSAL) for .NET to get an access token and call the Microsoft Graph (using OAuth 2.0 against the Microsoft identity platform endpoint).

Steps to Run

You can get full explanation about this sample, and build it from scratch by going to Windows desktop .NET guided walkthrough.

This sample is pre-configured. If you just want to quickly run it just:

Clone the code.

  git clone https://github.com/Azure-Samples/active-directory-dotnet-desktop-msgraph-v2.git

Run the application from Visual Studio (Debug | Start without Debugging)

[Optional] Use your own application coordinates

If you want to use your own application coordinates, please follow these instructions:

Choose the Azure AD tenant where you want to create your applications

Sign in to the Azure portal using either a work or school account or a personal Microsoft account.
If your account gives you access to more than one tenant, select your account in the top right corner, and set your portal session to the desired Azure AD tenant (using Switch Directory).
In the left-hand navigation pane, select the Azure Active Directory service, and then select App registrations.

Register the client app (WpfApp)

Navigate to the Microsoft identity platform for developers App registrations page.
Select New registration.
- In the Name section, enter a meaningful application name that will be displayed to users of the app, for example WpfApp.
- In the Supported account types section, select Accounts in any organizational directory and personal Microsoft accounts (e.g. Skype, Xbox, Outlook.com).
- Select Register to create the application.
On the app Overview page, find the Application (client) ID value and record it for later. You'll need it to configure the Visual Studio configuration file for this project.
In the list of pages for the app, select Authentication.
In the Redirect URIs list, under Suggested Redirect URIs for public clients (mobile, desktop) be sure to add https://login.microsoftonline.com/common/oauth2/nativeclient.
Select Save.
Configure Permissions for your application. To that extent in the list of pages click on API permissions
- click the Add a permission button and then,
- Ensure that the Microsoft APIs tab is selected
- In the Commonly used Microsoft APIs section, click on Microsoft Graph
- In the Delegated permissions section, ensure that the right permissions are checked: User.Read. Use the search box if necessary.

Configure the code to use your application's coordinates

Open the active-directory-wpf-msgraph-v2\App.xaml.cs file
Find the app key ClientId and replace the existing value with the application ID (clientId) of the WpfApp application copied from the Azure portal.
If connecting to a national cloud, open the 'active-directory-wpf-msgraph-v2\MainWindow.xaml.cs' file and update string graphAPIEndpoint to the appropriate endpoint. See a list of national cloud Graph enpoints here.
Run the application from Visual Studio (Debug | Start without Debugging)

Troubleshooting

System.Security.Cryptography.CryptographicException: 'Key not valid for use in specified state

What happens You execute the app on my machine, zip the bin\release folder and share it with a colleague and this does no longer work with an exception (see #56 for details).

How to remediate Remove the tokencache file (which ends in .msalcache.bin3) from the bin\debug and bin\release folder before moving your app to the new system. The token cache in this sample uses DPAPI, which is only for you

Consider taking a moment to share your experience with us.

Community Help and Support

We use Stack Overflow with the community to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [msal.dotnet].

If you find a bug in the sample please raise the issue on GitHub Issues.

If you find a bug in msal.Net, please raise the issue on MSAL.NET GitHub Issues.

To provide a recommendation, visit our User Voice page.

Developers who wish to gain good familiarity of programming for Microsoft Graph are advised to go through the An introduction to Microsoft Graph for developers recorded session.

Contributing

If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

More information

For more information see MSAL.NET's conceptual documentation:

active-directory-dotnet-desktop-msgraph-v2's People

Contributors

Stargazers

Watchers

Forkers

simonthoresen behnam-emamian dineshary glitterhorn ordinaryorange stevenflood navalev efelito visualphyzx blackdiamond561 shivbijlani rwike77 hundunmuchi 0ac1 archieag kjyam98 russelrillema shabbirh junch buocnhay sunyuejun2017 zhaozhongming aiwangmicrosoft jackbob2020110 kreestyan ashco-2019 cloudyus kunalranglani jyothishmb chrisniebuhrmsft dev-platformaxcloud gobimages utsavll0 techiesajid isabella232 francedot yueyinger hegde-pradeep vuanhtung jglozano 1n5an1ty jigyasapriyadarshini advisweb sthi-1005 cafc79 sampanna99 bussajayasimhareddylearning just15 aravindi-git king1990-dev rahulkumargupta echetto avenashkrish marothi-codes chintalpatel89 akthodu silam sivakesh-raman rvrsh3ll moroboro ehtick parthapratimdinda ganb arulanand-dev deepsmady floxter grzglo dickson-mwendia 5l1v3r1 wilson1234567891962 pravkrsah phamtiendat1998 jiml8866 digitalarche deepakporwal kzanev kevinblue1221 tsamf systemops-de zlatko-bandrov santhoshvernekar darrellncouch andresrm199 ganeshshinde0 nareshsirvi95 buyani chesney-nyame18 sntushelo yravindrareddy haroon1308 jjswhub saurers kballadi vinodhasokan

active-directory-dotnet-desktop-msgraph-v2's Issues

How to use Azure AD application roles & role claims

If I add application roles in the Manifest as below, how can I get and validate the roles in the WPF app?

"appRoles": [
    {
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "Writer",
      "id": "d1c2ade8-98f8-45fd-aa4a-6d06b947c66f",
      "isEnabled": true,
      "description": "Writers Have the ability to create tasks.",
      "value": "Writer"
    },
    {
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "Observer",
      "id": "fcac0bdb-e45d-4cfc-9733-fbea156da358",
      "isEnabled": true,
      "description": "Observers only have the ability to view tasks and their statuses.",
      "value": "Observer"
    },
    {
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "Approver",
      "id": "fc803414-3c61-4ebc-a5e5-cd1675c14bbb",
      "isEnabled": true,
      "description": "Approvers have the ability to change the status of tasks.",
      "value": "Approver"
    },
    {
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "Admin",
      "id": "81e10148-16a8-432a-b86d-ef620c3e48ef",
      "isEnabled": true,
      "description": "Admins can manage roles and perform all task actions.",
      "value": "Admin"
    }
  ],

Regression introduced by PR #97

#97 appears to have caused a regression. Selecting the "Use Preview Broker" option results in exception (example attached below). It looks like the runtimes subdirectory tree with the msalruntime.dll file is missing from the compiled output.

This seems like the same problem described by WAM / Troubleshooting in the MSAL.NET repo, but the error message is different.

Reverting back to 71cfce1 (prior to #97) fixes the problem.

Error Acquiring Token Silently:
MSAL.Desktop.4.51.0.0.MsalClientException: 
	ErrorCode: wam_runtime_init_failed
Microsoft.Identity.Client.MsalClientException: The type initializer for 'Microsoft.Identity.Client.NativeInterop.API' threw an exception. See https://aka.ms/msal-net-wam#troubleshooting ---> System.TypeInitializationException: The type initializer for 'Microsoft.Identity.Client.NativeInterop.API' threw an exception. ---> System.ComponentModel.Win32Exception: The operation completed successfully
   at Microsoft.Identity.Client.NativeInterop.API..cctor()
   --- End of inner exception stack trace ---
   at Microsoft.Identity.Client.NativeInterop.Module.AddRef(String handleName)
   at Microsoft.Identity.Client.NativeInterop.Core..ctor()
   at Microsoft.Identity.Client.Broker.RuntimeBroker.<>c.<.cctor>b__24_0()
   --- End of inner exception stack trace ---
   at Microsoft.Identity.Client.Internal.Requests.Silent.SilentRequest.<ExecuteAsync>d__5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.<RunAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Identity.Client.ApiConfig.Executors.ClientApplicationBaseExecutor.<ExecuteAsync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at active_directory_wpf_msgraph_v2.MainWindow.<CallGraphButton_Click>d__3.MoveNext() in C:\Proj\Azure samples\active-directory-dotnet-desktop-msgraph-v2\active-directory-wpf-msgraph-v2\MainWindow.xaml.cs:line 67
Inner Exception: System.TypeInitializationException: The type initializer for 'Microsoft.Identity.Client.NativeInterop.API' threw an exception. ---> System.ComponentModel.Win32Exception: The operation completed successfully
   at Microsoft.Identity.Client.NativeInterop.API..cctor()
   --- End of inner exception stack trace ---
   at Microsoft.Identity.Client.NativeInterop.Module.AddRef(String handleName)
   at Microsoft.Identity.Client.NativeInterop.Core..ctor()
   at Microsoft.Identity.Client.Broker.RuntimeBroker.<>c.<.cctor>b__24_0()

For the Azure App Registration Quick Start - Please upgrade the sample to support .NET 6.

*Hi,

From Microsoft Azure App Registration Portal:

At the moment when I choose the following app type:

App registrations - > (App Name) - Quickstart

Then: Mobile and desktop application - Windows desktop - Quickstart: Acquire a token and call Microsoft Graph API from a Windows desktop app

The sample works but it is built on a old version of .Net.

Can I suggest this is upgraded to .NET 6 (WPF).

Thanks,

Ward.

Sourced from microsoftgraph/msgraph-sdk-dotnet#1415

Is it possible to request MSGraph with AppId and Secret for console app

I need authentication using AppId and Secret so app can without prompting dialog popup. I have searched a lot for repository but didn't find any sample running code .

Mention prompt=select_account to avoid automatic re-signin

should be same with ad

But after logged in once it will reuse my credentials and i cannot cancel or use different account somehow it is cached.

I Also tried to delete Internet Explorer Cache and Cookies but still it will login.

    Uri uri = new Uri("https://login.microsoftonline.com/common/oauth2/v2.0/authorize?" +
        "&client_id=" + ClientId +
        "&response_type=code" +
        "&redirect_uri=" + RedirectUri +
        "&response_mode=query" +
        "&scope=offline_access%20Files.Read%20Files.Read.All%20Files.Read.Selected%20Files.ReadWrite%20Files.ReadWrite.All%20User.Read");
    WebBrowser.Navigate(uri);

Use your own application coordinates

Followed the steps given in [Optional] Use your own application coordinates section.

Got this error when used personal account to login

Error Acquiring Token:
MSAL.Desktop.4.13.0.0.MsalUiRequiredException:
ErrorCode: invalid_grant
Microsoft.Identity.Client.MsalUiRequiredException: AADSTS70000: The provided value for the 'code' parameter is not valid.
Trace ID: 1166ef2a-e2d5-466d-aa83-185779210b00
Correlation ID: 6fb3cb29-c7f9-4dfb-a160-709ab2dc3447
Timestamp: 2020-05-22 19:06:42Z
at Microsoft.Identity.Client.OAuth2.OAuth2Client.ThrowServerException(HttpResponse response, RequestContext requestContext)
at Microsoft.Identity.Client.OAuth2.OAuth2Client.CreateResponse[T](HttpResponse response, RequestContext requestContext, Boolean addCorrelationId)
at Microsoft.Identity.Client.OAuth2.OAuth2Client.d__11`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)

Got this error when used a new user under the new active directory.

Error Acquiring Token:
MSAL.Desktop.4.13.0.0.MsalServiceException:
ErrorCode: invalid_client
Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Trace ID: 281bacfa-59c3-47d0-9e47-faf8d7b10b00
Correlation ID: 97af5c20-b421-414d-bf96-d3e6470038de
Timestamp: 2020-05-22 19:15:26Z
at Microsoft.Identity.Client.OAuth2.OAuth2Client.ThrowServerException(HttpResponse response, RequestContext requestContext)
at Microsoft.Identity.Client.OAuth2.OAuth2Client.CreateResponse[T](HttpResponse response, RequestContext requestContext, Boolean addCorrelationId)
at Microsoft.Identity.Client.OAuth2.OAuth2Client.d__11`1.MoveNext()
--- End of stack trace from previous location where exception was thrown --

Enable support for packaged desktop apps (MSIX packages)

For packaged desktop apps (MSIX packages, also called desktop bridge) the executing assembly folder is read-only.
In that case we need to use Windows.Storage.ApplicationData.Current.LocalCacheFolder.Path + "\msalcache.bin"
which is a per-app read/write folder for packaged apps.
See https://developer.microsoft.com/en-us/windows/bridges/desktop/

for context see the issue raised by customers in
MicrosoftDocs/azure-docs#61287

Azure

Replace the redirect URI by https://login.microsoftonline.com/common/oauth2/nativeclient

Why?
Public client application should not use urn:ietf:wg:oauth:2.0:oob but https://login.microsoftonline.com/common/oauth2/nativeclient

What needs to be done?

Create a new app to use the https://login.microsoftonline.com/common/oauth2/nativeclient redirect URI
Change the code of the sample to use .WithDefaultRedirectUri
Change the apps.json and the sample.json to specify https://login.microsoftonline.com/common/oauth2/nativeclient
Update the text of the quickstart article (see (https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-windows-desktop)
Use 2 branches (for the download zip file) until the portal reflects the new version of the quickstart.

Invalid redirect uri error - possible missing step

Running the sample using a personal account - i.e. with 'Tenant' set to 'common'

When running the sample app, after following the steps in the Readme the error 'Error Acquiring Token Silently:
MSAL.Desktop.4.55.0.0.MsalServiceException:
ErrorCode: WAM_provider_error_3399614473
Microsoft.Identity.Client.MsalServiceException: WAM Error
Error Code: 3399614473
Error Message: ApiContractViolation
WAM Error Message: (pii)
Internal Error Code: 557973642' is returned.

The detail of this is: '**Possible causes:

Invalid redirect uri - ensure you have configured the following url in the application registration in Azure Portal: ms-appx-web://microsoft.aad.brokerplugin/00000000-bcbc-0000-dede-s8s8s8s8s8s8**' (dummy GUID replaces actual ClientID).

Resolution:
Adding this as an additional Redirect URI (i.e. in addition to 'https://login.microsoftonline.com/common/oauth2/nativeclient') resolves the error.

I'd suggest the readme be amended to include this step for the scenario where applicable.

The login behaves differently on different systems.

This example was used to test the behavior on a local machine as well as on a server that is accessed on a user-specific basis. Locally, no login window is requested and the AccessToken is determined on the TokenCacheHelper as desired. This is the perfect use case.

The problem:

Once the application is tested on the server, the user is prompted to log in for each request. The ...msalcache.bin3 file was removed before transferring to the server and automatically generated after the first login.
The interface was integrated into our system. The login window opens every time behind the application and the main application must be minimized to log in.

The use case we need:

I would like to handle login either by Ids only (Client ID, ClientSecret ID and Tenant ID) or to handle login by TokenCache after one time login so that user is asked for credentials only once. It is important for us to get the AccessToken after authorization.
The login window should not open in the background in our case. It must open in the foreground.

I have downloaded the sample solution. Migrated the .NET framework version to 4.6.2. Replaced the client and tenant ID and started the application. In the next step I transferred the files from the release folder to the server for testing.

We use the .NET framework version 4.6.2.

Server Windows specifications:
Edition Windows 11 Enterprise multi-session
Version 21H2
Installed on ‎10/‎7/‎2022
OS build 22000.978

Local Windows specifications:
Edition Windows 11 Pro
Version 21H2
Installed on ‎17.‎11.‎2021
OS build 22000.1098
Performance Windows Feature Experience Pack 1000.22000.1098.0

Does anyone have any idea what can be doing to solve this problems?

System.Security.Cryptography.CryptographicException: 'Key not valid for use in specified state.

Hi,

I downloaded the sample and got it working wothout issues. Also adding my own coordinates by registering the app on azure and using the client and tenant id also works absolutely fine.

The issue comes when we try to use the same app on some other system. As soon as we try using it on other system, it starts throwing the following exception on the line:

var accounts = await app.GetAccountsAsync();

Do let me know why this is happening and how can i resolve this.

Exception Details

System.Security.Cryptography.CryptographicException
HResult=0x8009000B
Message=Key not valid for use in specified state.

Source=System.Security
StackTrace:
at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
at active_directory_wpf_msgraph_v2.TokenCacheHelper.BeforeAccessNotification(TokenCacheNotificationArgs args) in E:\366Pi\BitBucket\DesktopApplication\active-directory-wpf-msgraph-v2\TokenCacheHelper.cs:line 65
at Microsoft.Identity.Client.TokenCache.OnBeforeAccess(TokenCacheNotificationArgs args) in C:\agent2_work\69\s\src\Microsoft.Identity.Client\TokenCache.cs:line 147
at Microsoft.Identity.Client.TokenCache.GetAccounts(String authority, Boolean validateAuthority, RequestContext requestContext) in C:\agent2_work\69\s\src\Microsoft.Identity.Client\TokenCache.cs:line 805
at Microsoft.Identity.Client.ClientApplicationBase.GetAccountsAsync() in C:\agent2_work\69\s\src\Microsoft.Identity.Client\ClientApplicationBase.cs:line 202
at active_directory_wpf_msgraph_v2.MainWindow.<CallGraphButton_Click>d__3.MoveNext() in E:\366Pi\BitBucket\DesktopApplication\active-directory-wpf-msgraph-v2\MainWindow.xaml.cs:line 49
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.<>c.b__6_0(Object state)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at MS.Internal.CulturePreservingExecutionContext.Run(CulturePreservingExecutionContext executionContext, ContextCallback callback, Object state)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg)
at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame)
at System.Windows.Application.RunDispatcher(Object ignore)
at System.Windows.Application.RunInternal(Window window)
at System.Windows.Application.Run(Window window)
at System.Windows.Application.Run()
at active_directory_wpf_msgraph_v2.App.Main()

This exception was originally thrown at this call stack:
System.Security.Cryptography.ProtectedData.Unprotect(byte[], byte[], System.Security.Cryptography.DataProtectionScope)
active_directory_wpf_msgraph_v2.TokenCacheHelper.BeforeAccessNotification(Microsoft.Identity.Client.TokenCacheNotificationArgs) in TokenCacheHelper.cs
Microsoft.Identity.Client.TokenCache.OnBeforeAccess(Microsoft.Identity.Client.TokenCacheNotificationArgs) in TokenCache.cs
Microsoft.Identity.Client.TokenCache.GetAccounts(string, bool, Microsoft.Identity.Client.Core.RequestContext) in TokenCache.cs
Microsoft.Identity.Client.ClientApplicationBase.GetAccountsAsync() in ClientApplicationBase.cs
active_directory_wpf_msgraph_v2.MainWindow.CallGraphButton_Click(object, System.Windows.RoutedEventArgs) in MainWindow.xaml.cs
System.Runtime.CompilerServices.AsyncMethodBuilderCore.ThrowAsync.AnonymousMethod__6_0(object)
System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, object, int)
System.Windows.Threading.ExceptionWrapper.TryCatchWhen(object, System.Delegate, object, int, System.Delegate)
System.Windows.Threading.DispatcherOperation.InvokeImpl()
...
[Call Stack Truncated]

get skype name

Through what permission I can get skype name from the graph API. I can log in into Microsoft account but unable to fetch skype name along with profile data.

I just want to login into my windows form application using Microsoft account and get skype username.

How to add custom user defined claims to azure ad access token.

I want to add custom user defined claim like moviename to be added to access token. I want to have claim addition logic to be present even before token generation logic. I read few articles like claim mapping or optional claims but didnt get it work for my requirement. Could you please guide me.

How to use this sample in Visual studio 2013

Hi,
I am trying to use this repository into Visual studio 2013. Although i am getting error and project could not able to load.

Please suggest.

Note : We could not able to upgrade our visual studio version. due to dependancies.

Use WAM

We should showcase WAM in all public client samples.