Skip to content

Multi-Factor Authentication in Xamarin Forms iOS/Android/UWP App Using ADAL - Sample and Step by Step Guide

Notifications You must be signed in to change notification settings

rzdebskiy/XamarinFormsMFASample

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

XamarinFormsMFASample

Sample and step by step guide of integrating Multi-Factor Authentication in Xamarin Forms iOS/Android/UWP app using Active Directory Authentication Library (ADAL). Sample is based on Dependency Service ADAL Sample in Xamarin Blog, Windows Phone Silverlight implementation replaced with UWP.

Step by Step Guide

  1. Login to your Azure Subscription or start free trial
  2. To use Azure Active Directory you need to register your app for an access. Go to "Azure Active Directory" blade (section) - you will go to your corporate or automatically generated Azure Active Directory tenant and click "App registrations":

Azure Active Directory App Registrations

  1. Click "New application registration", enter name of the application to identify it, choose "Native" application type and enter "Redirect URI".

Azure Active Directory New App Registration

"Redirect URI" is any valid URI identifier (you don't need to register it with DNS) - it is important that you client app configuration uses the same.

  1. Change returnUri in MainPage.xaml.cs to valid URI you have configured in the previous step in Azure Active Directory App Registration or use existing one from this sample (ensure you configure the same in the previous step):
public static string returnUri = "http://MFATestPCL-redirect";
  1. Now you have your app registered:

Azure Active Directory App Registered

click on it to go to this new app details and settings and copy Application ID.

  1. Insert this Application ID (often referred also as Client ID) into MainPage.xaml.cs
public static string clientId = "<<INSERT YOUR CLIENT ID HERE>>";
  1. Now let's create user (or jump to the next if you already have it) - go again to "Azure Active Directory" blade (section), click "Users and Groups", then - "All users" and finally "New User"

Azure AD Users Azure AD All Users Create AD User

When filling out new user information pay attention to user name. In case you have corporate domain like 'companyname.com' use it after '@'. In case you have personal subscription - domain name could be auto generated - take a look at the top left bar - here you see auto-generated domain name. Add it after '@' and then use '.onmicrosoft.com' domain suffix - this is pattern for auto generated Azure Active Directory Domain (Tenant) names. Additionally go to profile section and give a user first and last name. Also pay attention to user password:

New AD User

click "Create" and now you have user.

  1. Ensure new user appeared in the list and click "Multi-Factor Authentication":

Users list

  1. Select user with checkbox and click "Enable"

Enable MFA

You should get the following message:

MFA Success

  1. Run the sample - screenshots on how it works:

iOS:

Android:

Note:

To simulate "Logout" behavior there is a button with label "Clear token and all cookies". It clears the cached token as well as all browser cookies. Second step is needed because ADAL can cache a cookie in a browser cache to reissue the token if user/admin chooses to "Save login information for specific number of days". In real app if you use additional browser-based functionality you can delete only authentication cookies ("MSISAuth", "MSISAuthenticated" and "MSISLoopDetectionCookie") - not all of them.

Useful notes, links and resources:

About

Multi-Factor Authentication in Xamarin Forms iOS/Android/UWP App Using ADAL - Sample and Step by Step Guide

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages