I'm writing a simple C# mobile application which I've registered at https://apps.dev.microsoft.com/ to access live.com/outlook.com mailboxes (not outlook 365 mbx). I'm using ADAL for authenticating using the client id and redirect URI from the registration. I'm not sure if I should be generating a password from the registration site and how I should be using the generated password. What I'm experiencing is that I get the usual prompt to authenticate, I provide my credentials, I see a token being returned (RequestSecurityTokenResponse) with my data (firstname, lastname, etc.) meaning that the authentication process was successful and yet the authentication process ends with error "AADSTS50020: We are unable to issue tokens from this api version for a Microsoft account. Please contact the application vendor as they need to use version 2.0 of the protocol to support this."
I not sure on how to interpret the error: is the error saying I'm not using v2.0 of the protocol or is it saying I'm not calling v2.0 of their authentication endpoint.
The difficulty I'm facing is that Microsoft has changed so many times protocols and interfaces and has mixed up live.com/outlook.com and azure/office365 that in the end I don't know what I should be providing as the authority url and the resource uri to access live.com/outlook.com mailboxes.
What I noticed is that apart the authentication UI I'm not getting the UI where I should be authorizing the application to act on my behalf.
Below is the outgoing request with the smtp address obfuscated.
https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIARWPsU7CQABAubaQghqRaIIbAy6aa3uFttwlDmog0gEGXSQu19JCY8thbcU4ObjLBzg5OpjoYAyf4MRiYtg00RhmTRzF5SVvey8zV5JQScISQqqeA2idRxIiRYoMS8cUQ8VANixj14HUxSp0DAuXKmXVsh0tzGWyaDi_ix-FndGH_zZprV09ATAG4AuACw5MuMXmVhx11X-w0Dt3plzSZx2vd8sXu1HUPyGyzOLIZ-xIYq7r2Y5ks0AOqOdLoUPbD3xq5gHrjfiihjVLN7QStPU2hmWDupAirQJtza5gRbeo5rZfeTAWwFRYEfnsQj5d-BQVnohiKsvlE4XErwBukrPk7aX3-7vD5eblwc_1y_d-4jkp980qik_7x11crwaBKesmrQ-qhhm2VKaE-2Fto7XXsNBZo9bZRAQNU2CUXo3DHvGcyCWDDmF0tkhUSSGMWX81&wfresh=0&id=&pcexp=false&username=xyz%40hotmail.com&popupui=1&contextid=70F2DEC5506FD639&bk=1491815919&uaid=480c9031b6394304bae56ce1da5a258f&pid=0
Here is the code I've used:
string authority = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
PlatformParameters authParms = new PlatformParameters(PromptBehavior.Always, null);
AuthenticationContext authContext = new AuthenticationContext(authority, TokenCache.DefaultShared);
AuthenticationResult result = await authContext.AcquireTokenAsync(
"https://outlook.office.com/mail.read",
clientId,
new Uri(redirectUri),
authParms);