ITokenStorageProvider example/docs?

[michael-hawker]

There doesn't seem to be any info on the ITokenStorageProvider interface and having an example. It also means the MSAL example provided is incompatible without modification.

I'm also noticing that because you implemented the contract as async the calls are getting scheduled behind when they're needed so I'm not seeing the token cache data getting picked up by MSAL until after it is needed?

[michael-hawker]

This may get easier with the v3 update as well, as it looks like they expose the async setters for their paradigm. It'd be nice to see a working example of the token cache though with the current, is there a complete sample using the cache somewhere?

[peombwa]

@michael-hawker here are some samples that use the ITokenStorageProvider :

1. Console app using a file based token storage provider.
2. ASP.Net 4.6 Web App using a session based token storage provider.
3. .Net Core Web API using a session based token storage provider.

[peombwa]

The implementation of ITokenStorageProvider should be a class that reads and writes to a token store e.g. Redis cache or a session object and we internally use this implementation to serialize and deserialize MSAL's token.

I agree with you that our documentation on the auth providers is scarce, and we will do a better job of extensively documenting them once we upgrade to MSAL v3. Going forward, all our SDK documentation will move to docs.microsoft.com.

[michael-hawker]

Thanks @peombwa, I was able to update and run the first Console app example and see it store the token. I'll try copying this into my other app next!

[rpowell6]

I am new to MSAL and have found the information on GitHub to be invaluable. To that end, I have encountered an issue with the ITokenStorageProvider interface when attempting to create a SessionTokenCacheProvider class. I am receiving an error message indicating no type is available for the ITokenStorageProvider interface. I have loaded what I believe to be the latest versions of the Microsoft.Graph and Microsoft.Graph.Auth libraries but to no avail. What am I missing? Any assistance would be greatly appreciated.

[peombwa]

@rpowell6 MSAL changed how token serialization is done as from MSAL v3 and we retired ITokenStorageProvider as a consequence of this change. We now recommend you configure your token serialization infrastructure when creating a client application using MSAL's builders pattern, then pass the client application instance to our auth providers. Here is an example from MSAL on how to serialize a token.

// Create client  app.
IPublicClientApplication clientApp = PublicClientApplicationBuilder.Create(ClientId)
    .Build();

// Enable token serialization.
// From MSAL's example - https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/token-cache-serialization#simple-token-cache-serialization-msal-only.
TokenCacheHelper.EnableSerialization(clientApp.UserTokenCache);

// Pass the client application to our auth providers.
DeviceCodeProvider authProvider = new DeviceCodeProvider(clientApp, scopes);

[rpowell6]

Peter,

Thanks for your prompt reply. I will take a closer look at the example you have provided and let you know how it turns out. Thanks again for you expert advice.

Best regards

Randall Powell

[cid:gw_6a5cf058-0b5b-46eb-8ba1-d614a42b779c.PNG] Randall Powell System Integrator

GW Communication Solutions, LLC 801 Hammond Street, Suite 350, Coppell, TX 75019

www.unitekglobalservices.comhttp://www.unitekglobalservices.com/

Important: Neither Unitek Global Services, Inc. nor its affiliates (together, “Unitek”), wish to receive, on a non-solicited basis, directly or indirectly, any non-public information related to any public issuer. Additionally, this e-mail may contain information that is confidential, privileged or otherwise protected from disclosure. If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error. Unintended recipients are prohibited from taking action on the basis of information in this e-mail. Unitek reserves the right, to the extent and under circumstances permitted by applicable law, to review, retain, monitor and intercept e-mail messages to and from its systems. Unitek may also retain and reproduce electronic messages for state, federal, or other regulatory agencies as required by applicable law. From: Peter Ombwa [mailto:notifications@github.com] Sent: Thursday, August 22, 2019 12:03 PM To: microsoftgraph/msgraph-sdk-dotnet-auth Cc: Randall Powell; Mention Subject: Re: [microsoftgraph/msgraph-sdk-dotnet-auth] ITokenStorageProvider example/docs? (#38)

@rpowell6https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frpowell6&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810865595&sdata=%2FH0y4uMKE1x%2FBBUcvh%2B8BzugInL4pDaAvbOsVDjw%2BGo%3D&reserved=0 MSAL changed how token serialization is done as from MSAL v3 and we retired ITokenStorageProvider as a consequence of this change. We now recommend you configure your token serialization infrastructure when creating a client application using MSAL's builders pattern, then pass the client application instance to our auth providers. Here is an examplehttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzureAD%2Fmicrosoft-authentication-library-for-dotnet%2Fwiki%2Ftoken-cache-serialization%23simple-token-cache-serialization-msal-only&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810875593&sdata=LPDrhbF9W1SL%2BxbZyH6e%2FeHj2W1Md7MZGjr0AM3gaFc%3D&reserved=0 from MSAL on how to serialize a token.

// Create client app.

IPublicClientApplication clientApp = PublicClientApplicationBuilder.Create(ClientId)

.Build();

// Enable token serialization.

// From MSAL's example - https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/token-cache-serialization#simple-token-cache-serialization-msal-only.

TokenCacheHelper.EnableSerialization(clientApp.UserTokenCache);

// Pass the client application to our auth providers.

DeviceCodeProvider authProvider = new DeviceCodeProvider(clientApp, scopes);

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmicrosoftgraph%2Fmsgraph-sdk-dotnet-auth%2Fissues%2F38%3Femail_source%3Dnotifications%26email_token%3DAM64VMXBSBDKTJTF5UJISDTQF3BEDA5CNFSM4HM6O4CKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD45XSYY%23issuecomment-523991395&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810875593&sdata=nFuPii9us%2BkuaCvH7rKdcw9Gu8rdLNvPPXkh4xprPRA%3D&reserved=0, or mute the threadhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAM64VMVWHTB4HYZIN7SWFNTQF3BEDANCNFSM4HM6O4CA&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810885594&sdata=UKkm9bKYxM5cIjoX0IfFddmbHYbrOgPmo0K5%2BXQy3nE%3D&reserved=0.

[rpowell6]

Mr. Ombwa,

First, let me again thank you for your prompt response. Second, let me say that I am very new to MSAL and I only had a basic understanding of ADAL to begin with. So, if I sound confused, trust me, I am.

What began one week ago as a simple request from my boss to include a couple of bits of user profile information from Azure AD in an app I am developing has turned into one of the most frustrating exercises of my life. I have borrowed and attempted to implement a number of different code samples (primarily from GitHub) but with no success.

I was attempting to utilize the GetAuthenticatedClient method from the following SDKHelper class (obtained from another GitHub sample) in order to acquire a GraphServiceClient object. As highlighted in red, the SDKHelper.GetAuthenticatedClient method also included a call to a SessionTokenCache class that inherited from the ITokenStorageProvider interface as its base class. That’s where things broke down. Lacking an alternative and now thoroughly frustrated, that’s when I reached out to the GitHub community.

My code appears as follows:

public class SDKHelper { // Properties used to get and manage an access token. private static string redirectUri = ConfigurationManager.AppSettings["RedirectUrl"]; private static string clientId = ConfigurationManager.AppSettings["ClientId"]; private static string clientSecret = ConfigurationManager.AppSettings["ClientSecret"]; private static string nonAdminScopes = ConfigurationManager.AppSettings["ida:NonAdminScopes"]; private static string adminScopes = ConfigurationManager.AppSettings["ida:AdminScopes"];

   // Get an authenticated Microsoft Graph Service client.
   public static GraphServiceClient GetAuthenticatedClient()
   {
          if (!redirectUri.EndsWith("/")) redirectUri = redirectUri + "/";
          bool? isAdmin = HttpContext.Current.Session["IsAdmin"] as bool?;
          string allScopes = nonAdminScopes;

          if (isAdmin.GetValueOrDefault())
          {
                 allScopes += " " + adminScopes;
          }
          string[] scopes = allScopes.Split(new char[] { ' ' });

   HttpContextBase context =        HttpContext.Current.GetOwinContext().Environment["System.Web.HttpCon textBase"] as HttpContextBase;

        The following call to the SessionTokenCacheProvider class fails due to its dependence upon the (now deprecated) ITokenStorageProvider interface/base class:
          SessionTokenCacheProvider sessionTokenCacheProvider = new SessionTokenCacheProvider(context);

        The call to the CreateClientApplication class was updated to call the ConfidentialClientApplicationBuilder class instead:
   //IConfidentialClientApplication cca = AuthorizationCodeProvider.CreateClientApplication(appId, redirectUri, new ClientCredential(appSecret), sessionTokenCacheProvider);

          IConfidentialClientApplication cca = ConfidentialClientApplicationBuilder
                 .Create(clientId)
                 .WithRedirectUri(redirectUri)
                 .WithClientSecret(clientSecret) // or .WithCertificate(certificate)
                 .Build();

   AuthorizationCodeProvider authenticationProvider = new AuthorizationCodeProvider(cca, scopes);

          return new GraphServiceClient(new AuthorizationCodeProvider(cca, scopes));

    }
}

}

In reviewing your email response, I first noted your reference to the PublicClientApplicationBuilder class which, if I understand correctly, is intended for use with desktop apps. Given I am developing a web app, it seems more likely the ConfidentialClientApplicationBuilder class is more appropriate for my needs.

In attempting to revamp my code utilizing your suggestions, I have encountered an issue with locating the TokenCacheHelper and DeviceCodeProvider classes referenced in your code sample. I clicked on the GitHub link you provided and scrolled to the following section regarding web apps and confidential client apps:

Token cache for a Web app (confidential client application) In the case of Web Apps or Web APIs, the cache can be very different, leveraging the session, or a Redis cache, or a database. A very important thing to remember is that for Web Apps and Web APIs, there should be one token cache per user (per account). You need to serialize the token cache for each account. Examples of how to use token caches for Web apps and Web APIs are available in the ASP.NET Core Web app tutorialhttps://ms-identity-aspnetcore-webapp-tutorial in the phase 2-2 Token Cachehttps://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/2-WebApp-graph-user/2-2-TokenCache. For implementations have a look at the following folder TokenCacheProvidershttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Web/TokenCacheProviders in the microsoft-authentication-extensions-for-dotnethttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet library (in the Microsoft.Identity.Client.Extensions.Webhttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Web folder. This library could be available in the future as a NuGet package. Please note: The link to the ASP.NET Core Web app tutorial is broken.

Using the TokenCacheProviders link, I navigated my way to the following folder: microsoft-authentication-extensions-for-dotnethttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/srchttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Webhttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Web/TokenCacheProvidershttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Web/TokenCacheProviders/Session/

where I found the following list of available libraries:

MsalAppSessionTokenCacheProvider.cshttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/blob/master/src/Microsoft.Identity.Client.Extensions.Web/TokenCacheProviders/Session/MsalAppSessionTokenCacheProvider.cs

update to msal40 with cache interaction changes (https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/commit/65b4b8aea0e3de6b4596a80f0d82c7438dadb16a#32https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/pull/32)https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/commit/65b4b8aea0e3de6b4596a80f0d82c7438dadb16a

3 months ago

MsalPerUserSessionTokenCacheProvider.cshttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/blob/master/src/Microsoft.Identity.Client.Extensions.Web/TokenCacheProviders/Session/MsalPerUserSessionTokenCacheProvider.cs

update to msal40 with cache interaction changes (https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/commit/65b4b8aea0e3de6b4596a80f0d82c7438dadb16a#32https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/pull/32)https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/commit/65b4b8aea0e3de6b4596a80f0d82c7438dadb16a

3 months ago

SessionServiceCollectionExtensions.cshttps://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/blob/master/src/Microsoft.Identity.Client.Extensions.Web/TokenCacheProviders/Session/SessionServiceCollectionExtensions.cs

bring in remaining web extensions code (https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/commit/cd11df54b7fb882a7d48ec052418c12702f1af6c#19https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/pull/19)https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/commit/cd11df54b7fb882a7d48ec052418c12702f1af6c

4 months ago

Your code sample makes use of a TokenCacheHelper class with an EnableSerialization method but I am unable to locate this method in any of the three pages and associated classes I surveyed. Likewise, I have been unable to locate a reference to the DeviceCodeProvider class.

I hate to be a nuisance but any assistance in locating these classes would be greatly appreciated.

Best regards,

rpowell6

[cid:gw_6a5cf058-0b5b-46eb-8ba1-d614a42b779c.PNG] Randall Powell System Integrator

GW Communication Solutions, LLC 801 Hammond Street, Suite 350, Coppell, TX 75019

www.unitekglobalservices.comhttp://www.unitekglobalservices.com/

Important: Neither Unitek Global Services, Inc. nor its affiliates (together, “Unitek”), wish to receive, on a non-solicited basis, directly or indirectly, any non-public information related to any public issuer. Additionally, this e-mail may contain information that is confidential, privileged or otherwise protected from disclosure. If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error. Unintended recipients are prohibited from taking action on the basis of information in this e-mail. Unitek reserves the right, to the extent and under circumstances permitted by applicable law, to review, retain, monitor and intercept e-mail messages to and from its systems. Unitek may also retain and reproduce electronic messages for state, federal, or other regulatory agencies as required by applicable law. From: Peter Ombwa [mailto:notifications@github.com] Sent: Thursday, August 22, 2019 12:03 PM To: microsoftgraph/msgraph-sdk-dotnet-auth Cc: Randall Powell; Mention Subject: Re: [microsoftgraph/msgraph-sdk-dotnet-auth] ITokenStorageProvider example/docs? (#38)

@rpowell6https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frpowell6&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810865595&sdata=%2FH0y4uMKE1x%2FBBUcvh%2B8BzugInL4pDaAvbOsVDjw%2BGo%3D&reserved=0 MSAL changed how token serialization is done as from MSAL v3 and we retired ITokenStorageProvider as a consequence of this change. We now recommend you configure your token serialization infrastructure when creating a client application using MSAL's builders pattern, then pass the client application instance to our auth providers. Here is an examplehttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzureAD%2Fmicrosoft-authentication-library-for-dotnet%2Fwiki%2Ftoken-cache-serialization%23simple-token-cache-serialization-msal-only&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810875593&sdata=LPDrhbF9W1SL%2BxbZyH6e%2FeHj2W1Md7MZGjr0AM3gaFc%3D&reserved=0 from MSAL on how to serialize a token.

// Create client app.

IPublicClientApplication clientApp = PublicClientApplicationBuilder.Create(ClientId)

.Build();

// Enable token serialization.

// From MSAL's example - https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/token-cache-serialization#simple-token-cache-serialization-msal-only.

TokenCacheHelper.EnableSerialization(clientApp.UserTokenCache);

// Pass the client application to our auth providers.

DeviceCodeProvider authProvider = new DeviceCodeProvider(clientApp, scopes);

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmicrosoftgraph%2Fmsgraph-sdk-dotnet-auth%2Fissues%2F38%3Femail_source%3Dnotifications%26email_token%3DAM64VMXBSBDKTJTF5UJISDTQF3BEDA5CNFSM4HM6O4CKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD45XSYY%23issuecomment-523991395&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810875593&sdata=nFuPii9us%2BkuaCvH7rKdcw9Gu8rdLNvPPXkh4xprPRA%3D&reserved=0, or mute the threadhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAM64VMVWHTB4HYZIN7SWFNTQF3BEDANCNFSM4HM6O4CA&data=02%7C01%7Crandall.powell%40glassandwire.com%7Cc01261c8d5a346ff489708d7272295af%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637020901810885594&sdata=UKkm9bKYxM5cIjoX0IfFddmbHYbrOgPmo0K5%2BXQy3nE%3D&reserved=0.

[pschaeflein]

@rpowell6 - What is your scenario? Getting information about the current user? Getting information about others in the organization?

The Auth provider to use depends upon the permission scope you need, which is hard to determine in the messages in this thread. It will likely be the AuthorizationCode or ConfidentialClient providers.

[rpowell6]

Paul,

Thanks for the reply. I am looking to extract user profile information for the currently logged in user. I found the process of iterating a user's payload claims collection to be pretty straightforward but getting to the profile information has been somewhat elusive.

I was initially working with ADAL but have shifted my efforts toward adapting to MSAL.

Again, any assistance getting me over my learning curve is greatly appreciated.

Best regards,

Get Outlook for Androidhttps://aka.ms/ghei36

[cid:gw_6a5cf058-0b5b-46eb-8ba1-d614a42b779c.PNG] Randall Powell System Integrator

GW Communication Solutions, LLC 801 Hammond Street, Suite 350, Coppell, TX 75019

www.unitekglobalservices.comhttp://www.unitekglobalservices.com/

Important: Neither Unitek Global Services, Inc. nor its affiliates (together, “Unitek”), wish to receive, on a non-solicited basis, directly or indirectly, any non-public information related to any public issuer. Additionally, this e-mail may contain information that is confidential, privileged or otherwise protected from disclosure. If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error. Unintended recipients are prohibited from taking action on the basis of information in this e-mail. Unitek reserves the right, to the extent and under circumstances permitted by applicable law, to review, retain, monitor and intercept e-mail messages to and from its systems. Unitek may also retain and reproduce electronic messages for state, federal, or other regulatory agencies as required by applicable law.

---

From: Paul Schaeflein notifications@github.com Sent: Friday, August 23, 2019 2:33:19 PM To: microsoftgraph/msgraph-sdk-dotnet-auth msgraph-sdk-dotnet-auth@noreply.github.com Cc: Randall Powell randall.powell@glassandwire.com; Mention mention@noreply.github.com Subject: Re: [microsoftgraph/msgraph-sdk-dotnet-auth] ITokenStorageProvider example/docs? (#38)

@rpowell6https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frpowell6&data=02%7C01%7Crandall.powell%40glassandwire.com%7C75ad3718c1cf42e11cc208d72800c14b%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637021856039929644&sdata=cIcP52Ao9uxfocRhoM8JZKfOYVggSQ9tvDsrYZ6%2FcvE%3D&reserved=0 - What is your scenario? Getting information about the current user? Getting information about others in the organization?

The Auth provider to use depends upon the permission scope you need, which is hard to determine in the messages in this thread. It will likely be the AuthorizationCode or ConfidentialClient providers.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmicrosoftgraph%2Fmsgraph-sdk-dotnet-auth%2Fissues%2F38%3Femail_source%3Dnotifications%26email_token%3DAM64VMVU7FMHRNPUKPR24DTQGA3P7A5CNFSM4HM6O4CKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5BEGGY%23issuecomment-524436251&data=02%7C01%7Crandall.powell%40glassandwire.com%7C75ad3718c1cf42e11cc208d72800c14b%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637021856039939640&sdata=7%2B5HpyWBxCaj3eS4NSm7IjGPfU%2Bzb3sjVni0QRy4IPE%3D&reserved=0, or mute the threadhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAM64VMWA4567MRUBX4TPZWTQGA3P7ANCNFSM4HM6O4CA&data=02%7C01%7Crandall.powell%40glassandwire.com%7C75ad3718c1cf42e11cc208d72800c14b%7C108b413fe870457bb41f2570accad4c9%7C0%7C0%7C637021856039949634&sdata=KoGKGJIyG9ipYWdmrbVC3YdkFGa9egaixjmbOOTykVE%3D&reserved=0.

[pschaeflein]

To get an access token for the current logged-in user, I would suggest the AuthorizationCode provider.

[ghost]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.