Unable to Authenticate MAUI Application on Android

Question

Unable to Authenticate MAUI Application on Android

Onyango, David 31

I have a Blazor hybrid app that successfully authenticates against Azure client OpenID authentication scheme on windows but fails on android device. Is there a working example to reference specifically for Android?

Andrew Taylor 0 Reputation points

2025-06-15T00:21:20.02+00:00
This is a common scenario in Blazor Hybrid where platform-specific configurations are required for Android. Here's a step-by-step guide to resolve Azure OpenID authentication issues on Android:

Redirect URI Configuration

Android requires a custom URI scheme in the format: msal{client-id}://auth (replace {client-id} with your Azure app registration's Client ID).

Add this URI to Azure AD:

Go to your Azure App Registration → Authentication → Add a platform → Mobile and desktop applications.

Check the redirect URI box for msal{client-id}://auth.

AndroidManifest.xml Setup

Add an intent filter to your MainActivity to handle the redirect:

<>xml <activity android:name="microsoft.identity.client.BrowserTabActivity">

Use Platform-Specific Authentication

For Blazor Hybrid (MAUI), leverage the WebAuthenticator from .NET MAUI Essentials:

<>csharp var

Working Examples

Official Sample: Microsoft Identity Platform Blazor Hybrid Sample (check the Mobile branch).

MAUI Documentation: .NET MAUI WebAuthenticator Setup.

Troubleshooting

Ensure the Android package name matches your Azure AD registration.

Enable Internet and Network Security permissions in AndroidManifest.xml.

Use debug logging for MSAL (PublicClientApplication.EnablePiiLogging = true).

If issues persist, share the specific error message or behavior observed on Android for further diagnosis.This is a common scenario in Blazor Hybrid where platform-specific configurations are required for Android. Here's a step-by-step guide to resolve Azure OpenID authentication issues on Android:

1. Redirect URI Configuration

Android requires a custom URI scheme in the format: msal{client-id}://auth (replace {client-id} with your Azure app registration's Client ID).

Add this URI to Azure AD:

Go to your Azure App Registration → Authentication → Add a platform → Mobile and desktop applications.

Check the redirect URI box for msal{client-id}://auth.

2. AndroidManifest.xml Setup

Add an intent filter to your MainActivity to handle the redirect:

<> <activity android:name="microsoft.identity.client.BrowserTabActivity">

3. Use Platform-Specific Authentication

For Blazor Hybrid (MAUI), leverage the WebAuthenticator from .NET MAUI Essentials:

<> var

4. Working Examples

Official Sample:
Microsoft Identity Platform Blazor Hybrid Sample (check the Mobile branch).

MAUI Documentation:
.NET MAUI WebAuthenticator Setup.

5. Troubleshooting

Ensure the Android package name matches your Azure AD registration.

Enable Internet and Network Security permissions in AndroidManifest.xml.

Use debug logging for MSAL (PublicClientApplication.EnablePiiLogging = true).

If issues persist, share the specific error message or behavior observed on Android for further diagnosis. Answered with GitHub Copilot.
Onyango, David 31 Reputation points

2025-06-15T21:23:41.41+00:00

Hi Andrew, the link to the official sample you have provided does not exist (https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-6-ASPNETCore) . I appreciate the guidelines. However, these are the same processes I have followed before which haven't worked.

1 answer

Your answer

Onyango, David 31 Reputation points

2025-06-15T21:23:41.41+00:00

Hi Andrew, the link to the official sample you have provided does not exist (https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-6-ASPNETCore) . I appreciate the guidelines. However, these are the same processes I have followed before which haven't worked.

Answer 1

After several attempts from multiple sources, the link below gives the closest guidance so far but not a working one for Android from my practical experience. https://www.syncfusion.com/blogs/post/authenticate-the-net-maui-app-with-azure-ad. Microsoft needs to provide a working sample.

Github copilot came in hand to provide both silent and interactive login options which work. See snippet below.

try

        {

            var accounts = await _pca.GetAccountsAsync();

            var result = await _pca.AcquireTokenSilent(_scopes, accounts.FirstOrDefault())

                .ExecuteAsync();

            AuthResult = result;                

            return result;

        }

        catch (MsalUiRequiredException)

        {

#if ANDROID

            var activity = Microsoft.Maui.ApplicationModel.Platform.CurrentActivity;

            var result = await _pca.AcquireTokenInteractive(_scopes)

                .WithParentActivityOrWindow(activity)

                .ExecuteAsync();

#elif WINDOWS

            var windowHandle = ((MauiWinUIWindow)Microsoft.Maui.Controls.Application.Current.Windows[0].Handler.PlatformView).WindowHandle;

            var result = await _pca.AcquireTokenInteractive(_scopes)

                .WithParentActivityOrWindow(windowHandle)

                .ExecuteAsync();

#else

            var result = await _pca.AcquireTokenInteractive(_scopes)

                .ExecuteAsync();

#endif

return result;

}

Share via

Unable to Authenticate MAUI Application on Android

1 answer

Your answer