I called this question and this MSDN post , but could not fix the problem.
The following code demonstrates how to perform WAAD authentication using a web browser:
AuthenticationContext auth = new AuthenticationContext("https://login.windows.net/" + myDomain); AuthenticationResult result = auth.AcquireToken(resource, clientID, resourceAppIDURI);
This opens the browser, and the user is prompted for details.
However, I have a GUI client that can independently accept the username / password / domain. Thus, we intend to collect details from the GUI client and directly provide the WAAD server and receive user authentication.
How to do it?
Just by looking at AcquireToken() overloads, I got some hints (this might also be wrong):
AuthenticationResult AcquireToken (string resource, Credential credential);
and
AuthenticationResult AcquireToken (string authorizationCode, string redirectUri, ClientCredential credential);
But I don't understand how to create a class ClientCredential (a subclass of Credential ). It is important to note that this class belongs to the namespace Microsoft.WindowsAzure.ActiveDirectory.Authentication .
The following are its constructors:
ClientCredential(string clientId, SecureString secureClientSecret); ClientCredential(string clientId, string clientSecret);
Searching the Internet, I could not get many answers, I got this link . But again, the SecureString part is a mystery to me. How can a username / password / domain be transferred using SecureString ?