I have web SSO working from the Office 365 AD to my MVC4 application (using .NET 4.5). I am now trying to get Graph working. After a few false starts, I am using code from here - http://blog.rytmis.net/2012/12/windows-azure-active-directory-querying.html
The GetUserGroups method is failing. The problem is on this line in GetAuthorizationHeader:
assertionCredential = authContext.AcquireToken(GetServiceRealm(), credential);
The error is:
AAL 0x80100018: Token request from Access Control service failed. Check InnerException for more details
ACS50000: There was an error issuing a token.
ACS50001: Relying party with name '00000002-0000-0000-c000-000000000000/graph.windows.net@XXmydomainhereXX.onmicrosoft.com' was not found.
Trace ID: a3fc144b-53a3-4573-b3fd-a78bae0da20d
Timestamp: 2012-12-19 08:22:41Z
So, the code is failing to get the token that it needs to call the Graph stuff. What I can't work out is why the token request if failing. I'm probably doing something stupid, or perhaps the Graph interface has changed since the blog that I'm following was written.
Any pointers would be welcome.
Cheers,
Nick