How to get Azure ID Token using C#?

In this post, we will get the Azure ID Token using the Console App in C# with the help of the OpenID scope.

The ID token is the core extension that OpenID Connect makes to OAuth 2.0. ID tokens are issued by the authorization server and contain claims that carry information about the user.

For more information on the ID token, refer to the Microsoft Documentation.

Prerequisites

  1. Download Postman
  2. Visual Studio
  3. Service Principal in Azure – To know how to create a service principal, go through my post on Creating Service Principal using PowerShell.
  4. The user trying to get the id_token should not have enabled the Multifactor Authentication.

Set the Permission and Grant Admin Consent

This task we have already completed in another post where we got the id_token using the Postman. We will continue directly with the Visual Studio Console App.

Getting id_token using C#

Create a new Console Application in Visual Studio. Give the project name and choose .NET Core 3.1. Install the NuGet package RestSharp.

Write the following code in Main method.

static void Main(string[] args)
        {
            var client = new RestClient("https://login.microsoftonline.com/{{tenantId}}/oauth2/v2.0/token");
            client.Timeout = -1;
            var request = new RestRequest(Method.POST);
            request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
            
            request.AddParameter("client_id", "{{clientId}}");
            request.AddParameter("scope", "user.read openid profile offline_access");
            request.AddParameter("client_secret", "{{clientSecret}}");
            request.AddParameter("username", "{{userName}}");
            request.AddParameter("password", "{{password}}");
            request.AddParameter("grant_type", "password");

            IRestResponse response = client.Execute(request);
            Console.WriteLine(response.Content);
        }

Import RestSharp in Program.cs file. Make sure to replace the tenantId, clientId, clientSecret, userName, and password with your values.

Run the console app and see the output on the console. The console output gives both access_token and id_token.

Get the source code from GitHub.

Thank you All!!! Hope you find this useful.

Up ↑

%d bloggers like this: