Azure-Samples
diff --git a/‎.github/ISSUE_TEMPLATE.md
Lines changed: 4 additions & 1 deletion b/‎.github/ISSUE_TEMPLATE.md
Lines changed: 4 additions & 1 deletion
diff --git a/‎1-WebApp-OIDC/1-1-MyOrg/AppCreationScripts/createdApps.html
Lines changed: 4 additions & 0 deletions b/‎1-WebApp-OIDC/1-1-MyOrg/AppCreationScripts/createdApps.html
Lines changed: 4 additions & 0 deletions
diff --git a/‎4-WebApp-your-API/4-3-AnyOrg/ToDoListClient/appsettings.json
Lines changed: 7 additions & 7 deletions b/‎4-WebApp-your-API/4-3-AnyOrg/ToDoListClient/appsettings.json
Lines changed: 7 additions & 7 deletions
diff --git a/‎4-WebApp-your-API/4-3-AnyOrg/TodoListService/Controllers/TodoListController.cs
Lines changed: 4 additions & 4 deletions b/‎4-WebApp-your-API/4-3-AnyOrg/TodoListService/Controllers/TodoListController.cs
Lines changed: 4 additions & 4 deletions
diff --git a/‎4-WebApp-your-API/4-3-AnyOrg/TodoListService/appsettings.json
Lines changed: 3 additions & 3 deletions b/‎4-WebApp-your-API/4-3-AnyOrg/TodoListService/appsettings.json
Lines changed: 3 additions & 3 deletions
diff --git a/‎5-WebApp-AuthZ/5-1-Roles/appsettings.json
Lines changed: 4 additions & 4 deletions b/‎5-WebApp-AuthZ/5-1-Roles/appsettings.json
Lines changed: 4 additions & 4 deletions
@@ -27,7 +27,10 @@ Please add an 'x' for the scenario(s) where you found an issue
    1. [ ] With specific token caches: [2-WebApp-graph-user/2-2-TokenCache](../blob/master/2-WebApp-graph-user/2-2-TokenCache)
    1. [ ] Calling Microsoft Graph in national clouds: [2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph](../blob/master/2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph)
 1. [ ] Web app calling several APIs [3-WebApp-multi-APIs](../blob/master/3-WebApp-multi-APIs)
-1. [ ] Web app calling your own Web API [4-WebApp-your-API](../blob/master/4-WebApp-your-API)
+1. [ ] Web app calling your own Web API
+   1. [ ] with a work and school account in your organization: [4-WebApp-your-API/4-1-MyOrg](../blob/master/4-WebApp-your-API/4-1-MyOrg)
+   1. [ ] with B2C users: [4-WebApp-your-API/4-2-B2C](../blob/master/4-WebApp-your-API/4-2-B2C)
+   1. [ ] with any work and school account: [4-WebApp-your-API/4-3-AnyOrg](../blob/master/4-WebApp-your-API/4-3-AnyOrg)
 1. Web app restricting users
    1. [ ] by Roles: [5-WebApp-AuthZ/5-1-Roles](../blob/master/5-WebApp-AuthZ/5-1-Roles)
    1. [ ] by Groups: [5-WebApp-AuthZ/5-2-Groups](../blob/master/5-WebApp-AuthZ/5-2-Groups)
 
@@ -0,0 +1,4 @@
+<html><body><table>
+<thead><tr><th>Application</th><th>AppId</th><th>Url in the Azure portal</th></tr></thead><tbody>
+<tr><td>webApp</td><td>533843a1-3f30-4e5b-8800-7d974c29837e</td><td><a href='https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/CallAnAPI/appId/533843a1-3f30-4e5b-8800-7d974c29837e/objectId/fe605bc2-667f-4f18-b534-eb243eb686b1/isMSAApp/'>WebApp</a></td></tr>
+</tbody></table></body></html>
@@ -1,10 +1,10 @@
 {
   "AzureAd": {
     "Instance": "https://login.microsoftonline.com/",
-    "Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
+    "Domain": "msFreeTenant.onmicrosoft.com",
     "TenantId": "common",
-    "ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
-    "ClientSecret": "[Copy the client secret added to the app from the Azure portal]",
+    "ClientId": "176b110b-80ce-4943-8fb7-3b19fe210d46",
+    "ClientSecret": "3W/iqNToW00tW7bt358jPMNXeZ4Icn/w9QxjP8ZWQxA=",
     "CallbackPath": "/signin-oidc",
     "SignedOutCallbackPath": "/signout-callback-oidc"
   },
@@ -17,15 +17,15 @@
   },
   "TodoList": {
     /*
-      TodoListScope is the scope of the Web API you want to call. This can be: "api://b10faa7f-02e8-451c-a405-2a7e9e7072f0/.default",
+      TodoListScope is the scope of the Web API you want to call. This can be: "api://0892ebc9-a57e-4b64-814f-4bd0798f8132/.default",
       - a scope for a V2 application (for instance api://b3682cc7-8b30-4bd2-aaba-080c6bf0fd31/access_as_user)
       - a scope corresponding to a V1 application (for instance <GUID>/user_impersonation, where  <GUID> is the
         clientId of a V1 application, created in the https://portal.azure.com portal.
     */
-    "TodoListAppId": "[Enter_client_ID_Of_TodoListService-v2_from_Azure_Portal,_e.g._2ec40e65-ba09-4853-bcde-bcb60029e596",
-    "TodoListScope": "api://[Enter_client_ID_Of_TodoListService-v2_from_Azure_Portal,_e.g._2ec40e65-ba09-4853-bcde-bcb60029e596]/.default",
+    "TodoListAppId": "0892ebc9-a57e-4b64-814f-4bd0798f8132",
+    "TodoListScope": "api://0892ebc9-a57e-4b64-814f-4bd0798f8132/.default",
     //api://83ade765-7b4f-4208-b69f-c28a2b4bebec/.default",
-    "TodoListBaseAddress": "https://localhost:44351",
+    "TodoListBaseAddress": "https://localhost:44351/",
     "AdminConsentRedirectApi": "https://localhost:44351/api/Home"
   },
   "RedirectUri": "https://localhost:44321/",
 
@@ -164,16 +164,16 @@ private bool TodoItemExists(int id)
         }
         public async Task<List<string>> CallGraphApiOnBehalfOfUser()
         {
-            string[] scopes = { "user.read.all" };
+            string[] scopes = { "user.read" };
 
             // we use MSAL.NET to get a token to call the API On Behalf Of the current user
             try
             {
                 List<string> userList = new List<string>();
                 string accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scopes);
-                IEnumerable<User> users = await CallGraphApiOnBehalfOfUser(accessToken);
-                userList = users.Select(x => x.UserPrincipalName).ToList();
-                return userList;
+                //IEnumerable<User> users = await CallGraphApiOnBehalfOfUser(accessToken);
+                //userList = users.Select(x => x.UserPrincipalName).ToList();
+                return null;
             }
             catch (MsalUiRequiredException ex)
             {
 
@@ -1,10 +1,10 @@
 {
   "AzureAd": {
     "Instance": "https://login.microsoftonline.com/",
-    "Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
+    "Domain": "msFreeTenant.onmicrosoft.com",
     "TenantId": "common",
-    "ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
-    "ClientSecret": "[Copy the client secret added to the app from the Azure portal]",
+    "ClientId": "0892ebc9-a57e-4b64-814f-4bd0798f8132",
+    "ClientSecret": "rZ0TVcb901KRnDQ4TEcvdPuxr2ABimk80Mg4nV8Tl4o=",
     "GraphAPI": "https://graph.microsoft.com/v1.0"
   },
   "https_port": 44351,
 
@@ -1,14 +1,14 @@
 {
   "AzureAd": {
     "Instance": "https://login.microsoftonline.com/",
-    "Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
-    "TenantId": "[Enter 'common', or 'organizations' or the Tenant Id (Obtained from the Azure portal. Select 'Endpoints' from the 'App registrations' blade and use the GUID in any of the URLs), e.g. da41245a5-11b3-996c-00a8-4d99re19f292]",
-    "ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
+    "Domain": "ms0604.onmicrosoft.com",
+    "TenantId": "d963c147-dc13-433f-9520-6db1ff177c34",
+    "ClientId": "42d382ca-83ad-4384-b7ca-c732d90be3f2",
     "CallbackPath": "/signin-oidc",
     "SignedOutCallbackPath ": "/signout-callback-oidc",
 
     // To call an API
-    "ClientSecret": "[Copy the client secret added to the app from the Azure portal]"
+    "ClientSecret": "Ne_h-tm_5oT6k5B_IM17_WNp.RItqTb.-E"
   },
   "Logging": {
         "LogLevel": {
Original file line number	Diff line number	Diff line change
`@@ -164,16 +164,16 @@ private bool TodoItemExists(int id)`
`164`	`164`	`}`
`165`	`165`	`public async Task<List<string>> CallGraphApiOnBehalfOfUser()`
`166`	`166`	`{`
`167`		`- string[] scopes = { "user.read.all" };`
	`167`	`+ string[] scopes = { "user.read" };`
`168`	`168`
`169`	`169`	`// we use MSAL.NET to get a token to call the API On Behalf Of the current user`
`170`	`170`	`try`
`171`	`171`	`{`
`172`	`172`	`List<string> userList = new List<string>();`
`173`	`173`	`string accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scopes);`
`174`		`- IEnumerable<User> users = await CallGraphApiOnBehalfOfUser(accessToken);`
`175`		`- userList = users.Select(x => x.UserPrincipalName).ToList();`
`176`		`- return userList;`
	`174`	`+ //IEnumerable<User> users = await CallGraphApiOnBehalfOfUser(accessToken);`
	`175`	`+ //userList = users.Select(x => x.UserPrincipalName).ToList();`
	`176`	`+ return null;`
`177`	`177`	`}`
`178`	`178`	`catch (MsalUiRequiredException ex)`
`179`	`179`	`{`