[FEATURE REQ] Add support for setting the OAuth 2.0 `prompt=` value - Githubissues

Azure / azure-sdk-for-net

This repository is for active development of the Azure SDK for .NET. For consumers of the SDK we recommend visiting our public developer docs at https://learn.microsoft.com/dotnet/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-net.

MIT License

5.35k stars 4.66k forks source link

[FEATURE REQ] Add support for setting the OAuth 2.0 `prompt=` value #38099

Open peombwa opened 1 year ago

peombwa commented 1 year ago

Library name

Azure.Identity

Please describe the feature.

Add support for setting the OAuth 2.0 prompt query parameter value when requesting an authorization code - https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code.

Microsoft Graph PowerShell relies on Azure.Identity to use MSAL. We currently have a requirement to support auth with AD FS, which requires having prompt=login to bypass single sign-on as explained at https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-prompt-login.

It does appear that there isn't an option available to specify the prompt value as the token credential classes default to prompt=select_account or prompt=none based on the login hint: https://github.com/Azure/azure-sdk-for-net/blob/36f54e7c06860db09315000b933ecb3d156944f5/sdk/identity/Azure.Identity/src/Credentials/InteractiveBrowserCredential.cs#L235-L241

jsquire commented 1 year ago

Thank you for your feedback. Tagging and routing to the team member best able to assist.