Menu
I am developing a Windows Store application that communicate to Dynamics CRM Online using Azure Active Directory for the authentication.
The application uses this CRM 2013 SDK example: SampleCode\CS\ModernAndMobileApps\ModernSoapApp
and refers to this nuget package for the authentication:
Microsoft.Preview.WindowsAzure.ActiveDirectory.Authentication
I am able to authenticate correctly, the main line is this:
AuthenticationResult result = await _authenticationContext.AcquireTokenAsync("Microsoft.CRM", ClientID, redirectUrl, string.Empty, string.Empty);
The problem is that I need to add a logout functionality and I can't get rid of the persistent token.
I tried to do a logout with the following line:
(AuthenticationContext.TokenCache as DefaultTokenCache).Clear();
but the application is able to get a valid token by itself when I call again the AcquireTokenAsync method instead showing the page for entering the credentials.
What am I missing to perform a full logout?
428
To clear token cache that is made by the Acquire TokenAsync call, you could use the method authContext. TokenCache. Clear(); to make this.
The expiry time of token is approx. 30 mins to 1 hr.
Azure AD uses the LogoutURL to redirect users after they're signed out. Azure AD supports redirect binding (HTTP GET), and not HTTP POST binding.
If you would like to sign the user out of the STS too, issue a logout request: https://login.windows.net/{tenantid or "common"}/oauth2/logout?post_logout_redirect_uri={URL}. The URL needs to be a reply url registered with your app in AAD.
You're clearing the local credential cache. Silent auth might be happening due to the STS cookie (what does Fiddler trace when you call AcquireTokenAsync again)?
Hope that helps. Possible duplicate of this question.
190
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
