-
Notifications
You must be signed in to change notification settings - Fork 89
Client Applications
Hemanth Chittanuru edited this page Aug 6, 2020
·
2 revisions
Before instantiating your app with MSAL Go,
- Understand the types of Client applications available- Public Client and Confidential Client applications.
- You'll need to register the application with Azure AD. You will therefore know:
- Its
clientID(a string representing a GUID) - The identity provider URL (named the instance) and the sign-in audience for your application. These two parameters are collectively known as the authority.
- Possibly the
TenantIDin the case you are writing a line of business application (just for your organization, also named single-tenant application) - In case it's a confidential client app, its application secret (
clientSecretstring) or certificate - For web apps, you'll have also set the
redirectUriwhere the identity provider will contact back your application with the security tokens.
- Its
publicClientApp, err := msalgo.CreatePublicClientApplication(clientID, authority)To instantiate a confidential client application, you will need a client secret, certificate or assertion JWT. You will need to create a client credential using these.
- Instantiating with client secret
credential, err := msalgo.CreateClientCredentialFromSecret(clientSecret)- Instantiating with certificate
file, err := os.Open(keyFile)
if err != nil {
log.Fatal(err)
}
defer file.Close()
key, err := ioutil.ReadAll(file)
if err != nil {
log.Fatal(err)
}
credential, err := msalgo.CreateClientCredentialFromCertificate(thumbprint, key)- Instantiating with assertion JWT
credential, err := msalgo.CreateClientCredentialFromAssertion(assertion)After creating these client credentials, you can pass them in to create a ConfidentialClientApplication.
confidentialClientApp, err := msalgo.CreateConfidentialClientApplication(
clientID, authority, credential)