microsoftgraph
diff --git a/‎src/Applications/beta/examples/Get-MgBetaServicePrincipalSynchronizationTemplate.md‎
Lines changed: 11 additions & 0 deletions b/‎src/Applications/beta/examples/Get-MgBetaServicePrincipalSynchronizationTemplate.md‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/Applications/v1.0/examples/Get-MgServicePrincipalSynchronizationTemplate.md‎
Lines changed: 11 additions & 0 deletions b/‎src/Applications/v1.0/examples/Get-MgServicePrincipalSynchronizationTemplate.md‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs‎
Lines changed: 18 additions & 4 deletions b/‎src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs‎
Lines changed: 18 additions & 4 deletions
@@ -0,0 +1,11 @@
+### Example
+
+```powershell
+
+Import-Module Microsoft.Graph.Beta.Applications
+
+Get-MgBetaServicePrincipalSynchronizationTemplate -ServicePrincipalId $servicePrincipalId
+
+```
+This example shows how to use the Get-MgBetaServicePrincipalSynchronizationTemplate Cmdlet.
+
@@ -0,0 +1,11 @@
+### Example
+
+```powershell
+
+Import-Module Microsoft.Graph.Applications
+
+Get-MgServicePrincipalSynchronizationTemplate -ServicePrincipalId $servicePrincipalId
+
+```
+This example shows how to use the Get-MgServicePrincipalSynchronizationTemplate Cmdlet.
+
@@ -160,7 +160,19 @@ private static async Task<DeviceCodeCredential> GetDeviceCodeCredentialAsync(IAu
                 TokenCachePersistenceOptions = GetTokenCachePersistenceOptions(authContext),
                 DeviceCodeCallback = (code, cancellation) =>
                 {
-                    GraphSession.Instance.OutputWriter.WriteObject(code.Message);
+                    if (GraphSession.Exists)
+                    {
+                        try
+                        {
+                            GraphSession.Instance.OutputWriter.WriteObject(code.Message);
+                            return Task.CompletedTask;
+                        }
+                        catch (InvalidOperationException)
+                        {
+                            // Fall through to console output if OutputWriter is unavailable.
+                        }
+                    }
+                    Console.WriteLine(code.Message);
                     return Task.CompletedTask;
                 }
             };
@@ -272,12 +284,14 @@ public static async Task<IAuthContext> AuthenticateAsync(IAuthContext authContex
             return signInAuthContext;
         }
 
-        private static async Task<IAuthContext> SignInAsync(IAuthContext authContext, CancellationToken cancellationToken = default)
+        internal static async Task<IAuthContext> SignInAsync(IAuthContext authContext, CancellationToken cancellationToken = default, TokenCredential tokenCredential = null)
         {
             if (authContext is null)
                 throw new AuthenticationException(ErrorConstants.Message.MissingAuthContext);
-            var tokenCredential = await GetTokenCredentialAsync(authContext, cancellationToken).ConfigureAwait(false);
-            var token = await tokenCredential.GetTokenAsync(new TokenRequestContext(GetScopes(authContext)), cancellationToken).ConfigureAwait(false);
+            tokenCredential ??= await GetTokenCredentialAsync(authContext, cancellationToken).ConfigureAwait(false);
+            // Use isCaeEnabled: true to match the TokenRequestContext that AzureIdentityAccessTokenProvider will use
+            // during API calls, ensuring MSAL caches a CAE-capable token that can be found silently later.
+            var token = await tokenCredential.GetTokenAsync(new TokenRequestContext(GetScopes(authContext), isCaeEnabled: true), cancellationToken).ConfigureAwait(false);
             JwtHelpers.DecodeJWT(token.Token, account: null, ref authContext);
             return authContext;
         }