Call a Protected API from a .NET MAUI App

Learn how to call a protected API from your .NET MAUI application.
Read more…

:writing_hand:t2: Brought to you by @andrea.chiarelli

Hey Devs! How did you like this post? Please share any comments or feedback with us on this thread

The client app breaks big time when attempting to run on an Android Emulator. The SSL certificate isn’t valid:

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

I’ve spent over a day trying to find a solution that doesn’t lead to more problems. Any advice would be appreciated.

I ended up configuring the client to use http for local debugging only by following this documentation.

I would be curious to know if anyone comes up with a solution for debugging with https on an Android emulator in the context of this solution.

Hey @RossB,
Welcome to the Auth0 Community and happy to learn you managed to set up your Android environment.
By the way, that document was mentioned in the article :slightly_smiling_face:

I’m not a mobile developer so I’m afraid I can’t help on this.
Doesn’t the same document help on this point? :thinking:

It does, but I’m not sure if it works with your HttpClient workaround solution (I think this is the article where you do that?).

I’ve been scouring all of your Blazor/Maui articles recently and my head is in a blur. I’d have to review to remember exactly why https wasn’t working for me initially. Thank you very much for this project setup series, though!

You’re welcome! :slightly_smiling_face:

Thanks for this great walkthrough! I was struggling with this a few weeks ago on a side-project and after leaving it for a bit and coming back I found this article and it solved my problem!

1 Like

Glad to have helped you, and thank you for sharing this awesome feedback! :tada:

It is a good example, but what would the best practice be to make this production ready. The access key will expire eventually so maybe a refresh token would be a good idea with a delegating handller on the http client. The login result has a delegating handler, buit that would meean you have to log in before you handle DI?

Hello @DylanSnel,
Welcome to the Auth0 Community :wave: and thank you for reading my article.
Maybe this one about managing tokens in MAUI can answer your question.
Let me know if I can help further.

Hi Andrea,

the article is really good and thank you for the detailled instructions.
I have applied all the instructions and I am able to run the example on a Android device connected locally, but I have an Exception when I press “Call API” button (“The request was canceled due to the configured HttpClient.Timeout of 100 seconds elapsing.”)

On Android Emulator, I have applied all the modifications reported on Microsoft link of the article, but the login page is not displayed and the APP is freezed trying to reach Auth0 url
Thank you
Fabrizio

Hi @Fabrizio1,
Welcome to the Auth0 Community!

I’m not sure if you are using the sample project attached to the article with their specific versions of the framework and the libraries or if you applied the instructions to your own project.
I’m asking this because MAUI is constantly evolving and it’s not uncommon for different versions of the framework/libraries to generate errors.

That said, it’s hard to figure out what is happening in both cases without debugging or other information.

In the Android emulator case, it looks like the emulator is not able to navigate the Internet for some reason. Can you make sure that it can access the Web, for example by navigating to any website?

In the Android device case, it seems that you can’t reach the API hosted on your local machine. Again, make sure that the API is accessible from your device.

You may have already done these tests, but honestly I don’t have enough information to help you further.

Thank you Andrea,

I solved the problem with vulkan=off in advancedFeatures.ini of Android Emulator.
So, now the login phase is solved. But the callback is giving me the already known problem of:Javax.Net.Ssl.SSLHandshakeException Message=java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. I am reading some articles on this issues, but until now I have not found the solution!

Hey @Fabrizio1,
Happy to learn that you have solved the login step.
Regarding the error you mentioned, have you taken a look at the document mentioned in the article before you started testing?
I’m not a mobile developer but your error makes me think that your app doesn’t trust your development certificate.
That document contains instructions on how to configure HTTPS support, and specifically how to bypass the certificate security check for development purposes.

Let me know if this helps.

Hey Andrea,

I read the articles (at my best!). The question is where to insert the two statements:

HttpsClientHandlerService handler = new HttpsClientHandlerService();
HttpClient client = new HttpClient(handler.GetPlatformMessageHandler());

considering the statement of the example (OnApiCallClicked):
HttpResponseMessage response = await _httpClient.GetAsync(“api/messages/protected”);

Because now _httpClient is a parameter of MainPage

Fabrizio

Hey Andrea,

an update. I have modified CreateMauiApp() updating the following statement:

builder.Services.AddHttpClient(“DemoAPI”,
client => { client = new HttpClient(handler.GetPlatformMessageHandler());
client.BaseAddress = new Uri(“https://10.0.2.2:6061”); }
).AddHttpMessageHandler();
builder.Services.AddTransient(
sp => sp.GetRequiredService().CreateClient(“DemoAPI”)
);

and now it works!
Thank you again for the article and the support!

Fabrizio

Hey @Fabrizio1, glad to hear that you were able to solve it!
Thank you for sharing your solution! :pray: