How to retrieve the Microsoft Store ID key?

Question

I'm trying to learn how to retrieve the Microsoft Store ID key. For this, I followed the examples provided by Microsoft in Windows Universal Samples. I tried to use the Business to Business scenario (scenario 7). I already published a sample App and registered the app in Azure Active Directory. The problem is I don't know what value should I send as the publisherUserId parameter in the getCustomerCollectionsIdAsync/getCustomerPurchaseIdAsync functions. I tried to send the email of the current user (customer email) which only retrieves an empty result (Microsoft Store ID key).

 function getCustomerCollectionsId() {
    var token = getTokenFromAzureOAuthAsync().done(function (aadToken) {
        if (aadToken) {
            storeContext.getCustomerCollectionsIdAsync(aadToken, "***@hotmail.com")//"[email protected]"
                .done(function (result) {
                    output.innerText = result;
                    if (!result) {
                        WinJS.log && WinJS.log("getCustomerCollectionsIdAsync failed.", "sample", "error");
                    }
                });
        }
    });
}

function getCustomerPurchaseId() {
    var token = getTokenFromAzureOAuthAsync().done(function (aadToken) {
        if (aadToken) {
            storeContext.getCustomerPurchaseIdAsync(aadToken, "***@hotmail.com")//"[email protected]"
                .done(function (result) {
                    output.innerText = result;
                    if (!result) {
                        WinJS.log && WinJS.log("getCustomerPurchaseIdAsync failed.", "sample", "error");
                    }
                });
        }
    });
}

Answer 1

I have face the same problem, here is the solution works for me.

Go to https://portal.azure.com ,choose "Azure Active Directory" , choose "App registrations" , choose your application in the right panel. then Choose Manifest to edit it manifest. set following fields to the value:

"accessTokenAcceptedVersion": 1,
"identifierUris": [
    "https://onestore.microsoft.com",
    "https://onestore.microsoft.com/b2b/keys/create/collections",
    "https://onestore.microsoft.com/b2b/keys/create/purchase"
    ],
"signInAudience": "AzureADMyOrg",

And the resource field of your get token request (https://login.microsoftonline.com/xxx/oauth2/token) must be the exact string "https://onestore.microsoft.com/b2b/keys/create/collections" (notice that the domain part is "onestore.microsoft.com")

ps: My way to find out this solution:

• use charles ssl proxy to record request of my c# project with the storeContext.getCustomerCollectionsIdAsync api. find out that the url it send is "https://collections.mp.microsoft.com/v7.0/beneficiaries/me/keys" and the request body contain the token I send to it.
• use charles ssl proxy to record request of other app that works correctly like "Hotspot Shield", try to buy something from it, and cancel it. Find the request of the url and download the request body and base64 raw url to decode the second part of their token, find that the "aud" is "https://onestore.microsoft.com/b2b/keys/create/collections" and "ver" is "1.0".
• Change the config of the "App registrations" and the token get code to make the result token is version 1.0 and "aud" to the correct one.

I think that "Azure Active Directory" is update to version 2, but the document of "Microsoft Store ID key" is not update to that version ...