Dev Observability
Product
Pricing
Docs
Resources
Blog
Company
Debug Wordle

question-mark

Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Add .WithClientAssertion to support client assertions

See original GitHub issue

ADAL supports ClientAssertions. We will need to support the same in MSAL. See more:

Note: This looks very similar to UserAssertion

Describe the solution you’d like We should follow the new model of .With in the API With Claims:


Dictionary<string, string> claims = new[] 
{
 { "client_ip", ipAddres}
};

IClientAssertion clientAssertion = CreateClientAssertion(certificate, claims);
var app = ConfidentialClientApplicationBuilder.Create(clientId)
                      .WithClientAssertion(clientAssertion))
                      .Build();

With Signed assertion:

string SignedAssertion = 
          string.Concat(token, ".", UrlEncodeSegment(credential.Sign(certificate, token)));

IClientAssertion clientAssertion = CreateClientAssertion(SignedAssertion);
var app = ConfidentialClientApplicationBuilder.Create(clientId)
                      .WithClientAssertion(clientAssertion))
                      .Build();

Describe alternatives you’ve considered N/A

Additional context We have a current ask from customers for adding this to be able to move to MSAL.

Issue Analytics

State:
Created 4 years ago
Comments:8 (6 by maintainers)

Top GitHub Comments

1reaction

jmprieurcommented, Jul 2, 2019

this is now available in MSAL.NET 4.1

1reaction

jmprieurcommented, May 31, 2019

@henrik-me : something like ^^

Read more comments on GitHub >

Top Results From Across the Web

Client assertions (MSAL.NET) - Microsoft Entra

MSAL.NET has four methods to provide either credentials or assertions to the confidential client app: .WithClientSecret() .WithCertificate() .

ConfidentialClientApplicationBuil...

This will create an assertion that will be held within the client application's memory for the duration of the client. You can use...

AzureADB2C Client Credentials Grant with Client Assertion ...

The intention is to secure the API using AzureAD B2C - Client Credential Grant flow. I have created a custom policy on B2C...

Azure AD Authentication with Certificate

Azure Active Directory authentication with certificates can be quite tricky. You need a socalled client assertion. This article covers how ...

Client Assertions and the JWKS URI

A client assertion is a JWT that is directly produced by a client ... When a new key is added, it is used...

Top Related Medium Post

No results found

Top Related StackOverflow Question

No results found

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.

Top Related Reddit Thread

No results found

Top Related Hackernoon Post

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

Top Related Hashnode Post

No results found

"Key not valid for use in specified state" - happens in .Net Framework 4.7.2 only, not on .Net Core 2.2

Removed Account reappears after application restart