How To Integrate ASP.NET Core and Azure Active Directory

In this post, I am going to explain to you about how we can integrate ASP.NET Core and Azure Active Directory. In the first scenario if you are new to Azure Active directory than please read Basics of Authentication in Azure AD from here .This article explains how to manually configure Azure Active Directory with advanced settings so let's start.

Configure Azure Active Directory: First step is to configure Azure ACTIVE directory, so first we need to configure  applications in Azure Active Directory, so the  simple steps are to login in your azure portal http://manage.windowsazure.com/ , all I am using is the new Azure portal so all you need to do is click on Browse and click on Active Directory,

Active Directory

Now click on Application Tab and then register a new application , then select the options “Add an application my organization is developing” once you will do that following screen will appear.

application

Select the options “Web Applications” and click on next step, it will ask us two new things as mentioned in the following image.

Web Applications

let’s talk about those in more details:

  1. SIGN-ON-URL:

    This is called login URL of your applications , When a user “signs in” to an application, they go through an authentication process where they are required to prove that who they are. Here you can use localhost and once moved to production you can change it. If your applications is running at localhost: 5385 than you can use localhost: 5385 here but such value gives you trouble in advanced stages so the best suggestion is to use the URL of your applications.

  2. APP ID URI:

    This must be a unique URL, here mostly what we do is use a URL with our tenant Azure (*.onmicrososoft.com) along with the name of applications. (eg. http://dutechnosys.onmicrosoft.com/DogDemo).
Once we have entered those two values then our application is created but now we need to do some additional changes, click on configuration tab to add one additional value called REPLY URL as mentioned in below image.

url

“REPLY URL” is where Azure Active directory is redirected after the loginprocess, you can use local host here and can change it any time.The Reply URL is the location to which Azure AD will send the authentication response, including a token if authentication was successful. In the case of a native application, the Redirect URI is a unique identifier to which Azure AD will redirect the user-agent in an OAuth 2.0 request. All I am using here is http://localhost:59917/Home/Contact Now copy the "CLIENT ID" displayed on the same screen configuration (it is a guid) since you'll need to configure the application:

configure

After all the above steps we are done with ADD and now the next step is to use the ASP.NET core set applications to use Azure active directory as authenticationprovider.

Step Two Configure ASP.NET applications core: You just need to create a new application using asp.net as mentioned in the below image.

configure

Visual Studio 2015: In Solution Explorer, right click on your existing project and select the Configure Azure AD Authentication option. Once you do that it will open your Existing azure active directory you can check from copied client ID. By the way, from here you can also add your applications into Azure Active Directory.

new

Once you  complete the steps it will verify your account and after successful verification it will replace your existing AccountController.cs ,Startup.Auth.Cs, _LoginPartial.cshtml,

If you want to see important changes than those are available in Startup.Auth.Cs file,
  1. privatestaticstringclientId = ConfigurationManager.AppSettings["ida:ClientId"];  
  2. privatestaticstringaadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];  
  3. privatestaticstringtenantId = ConfigurationManager.AppSettings["ida:TenantId"];  
  4. privatestaticstringpostLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];  
  5. privatestaticstring authority = aadInstance + tenantId;  
  6.   
  7. publicvoidConfigureAuth(IAppBuilder app)  
  8. {  
  9.     app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);  
  10.   
  11.     app.UseCookieAuthentication(newCookieAuthenticationOptions());  
  12.   
  13.     app.UseOpenIdConnectAuthentication(  
  14.         newOpenIdConnectAuthenticationOptions   
  15.         {  
  16.             ClientId = clientId,  
  17.                 Authority = authority,  
  18.                 PostLogoutRedirectUri = postLogoutRedirectUri  
  19.         });  
  20. }  
Don’t forgot to check web.confg to modify the value in future,

modify

Now it’s time to run applications, once your build is successful it will ask you to add SSL error, add that in browser and it will show yo the following image

run
Click on Accept and you are ready to move on. 

Conclusion:

In this post I talked about the developer experience of building Web Applications and Web API applications that are protected by Azure AD. A great article by Mr. Tom Archer will explain details about Getting Started with Azure Active Directory and Visual Studio connected services (MVC Projects).
 
Read more articles on Azure:

X

Build smarter apps with Machine Learning, Bots, Cognitive Services - Start free.

Start Learning Now