Client app to call into a WebAPI secured by Azure AD

app.config

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <startup> 
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
    </startup>
  <appSettings>
    <add key="AADInstance" value="https://login.windows.net/{0}" />
    <add key="Tenant" value="" />                                               <!-- The name of you Azure AD tenant -->
    <add key="ClientId" value="" />                                             <!-- Client ID of the app your authenticating as, in this case we only have one app so it's the client id of the WebAPI  -->
    <add key="ApiResourceId" value="" />                                        <!-- Client ID of the secured api app, the resource you want to access -->
    <add key="ApiBaseAddress" value="https://apiauth.azurewebsites.net/" />     <!-- Actual URL where Web API is hosted -->
    <add key="AppKey" value=""/>                                                <!-- generated secret from the app you are Authenticating with -->
  </appSettings>
</configuration>

Program.cs

using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System;
using System.Configuration;
using System.Globalization;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading.Tasks;

namespace ApiAuthClient
{
    class Program
    {
        private static string aadInstance = ConfigurationManager.AppSettings["AADInstance"];
        private static string tenant = ConfigurationManager.AppSettings["Tenant"];
        private static string clientId = ConfigurationManager.AppSettings["ClientId"];
        static string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
        private static string apiResourceId = ConfigurationManager.AppSettings["ApiResourceId"];
        private static string apiBaseAddress = ConfigurationManager.AppSettings["ApiBaseAddress"];
        private static string appKey = ConfigurationManager.AppSettings["AppKey"];
        private static HttpClient httpClient = new HttpClient();
        private static AuthenticationContext authContext = new AuthenticationContext(authority);

        static void Main(string[] args)
        {
            bool retValue = CallWebAPI().Result;
            Console.WriteLine("Completed");
            Console.ReadKey();
        }

        static async Task<bool> CallWebAPI()
        {
            // Authenticate the user and get a token from Azure AD
            ClientCredential clientCredential = new ClientCredential(clientId, appKey);
            AuthenticationResult authResult = authContext.AcquireToken(apiResourceId, clientCredential);

            // Create an HTTP client and add the token to the Authorization header
            HttpClient httpClient = new HttpClient();
            httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authResult.AccessTokenType, authResult.AccessToken);

            // Call the Web API to get the values
            Uri requestURI = new Uri(apiBaseAddress + "api/values");
            Console.WriteLine("Reading values from '{0}'.", requestURI);
            HttpResponseMessage httpResponse = await httpClient.GetAsync(requestURI);
            Console.WriteLine("HTTP Status Code: '{0}'", httpResponse.StatusCode.ToString());
            if (httpResponse.IsSuccessStatusCode)
            {
                //
                // Code to do something with the data returned goes here.
                //
            }
            return (httpResponse.IsSuccessStatusCode);
        }
    }
}