active-directory-dotnet-webapp-multitenant-openidconnect | NET 4.5 MVC web app | Azure library
kandi X-RAY | active-directory-dotnet-webapp-multitenant-openidconnect Summary
kandi X-RAY | active-directory-dotnet-webapp-multitenant-openidconnect Summary
A sample .NET 4.5 MVC web app that signs-up and signs-in users from any Azure AD tenant using OpenID Connect.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of active-directory-dotnet-webapp-multitenant-openidconnect
active-directory-dotnet-webapp-multitenant-openidconnect Key Features
active-directory-dotnet-webapp-multitenant-openidconnect Examples and Code Snippets
Community Discussions
Trending Discussions on active-directory-dotnet-webapp-multitenant-openidconnect
QUESTION
I am new to Visual Studio. I have downloaded a web app from Azure Multi-tenant. But when I am trying to run the app, I receive the following error message:
...ANSWER
Answered 2017-Jun-12 at 08:33active-directory-dotnet-webapp-multitenant-openidconnect/TodoListWebApp
By searching the project name on web, I found it is a sample .NET 4.5 MVC web app.
I am working on Mac Visual Studio
Web Application in Visual Studio for Mac is based on .NET Core and It can't work with sln/csproj files. I suggest you create a new project on your Visual Studio for Mac and copy the files from the original project.
Since the .NET Version on Mac is .NET Core which is difference from the sample app(.NET 4.5). You also need to modify some code. For example, ASP.NET Core application doesn't contain Global.asax.
For more information of how to create a asp.net core app, link below is for your reference.
QUESTION
The scenerio I am trying to tackle is as below.
1) Users can authenticate against my local database using the standard method - Works fine
2) Users can authenticate against social media platforms - Works fine
3) Now, I want certain users who have Azure AD accounts to be able to have a local account BUT get authenticated with their Azure AD. There are solutions for (1) & (2). But I couldn't found a solution that has support for all three. The closest is multi-tenant SaaS auth
For those users who should get authenticated with AD will be pre-configured in the system. (I will have their TenantID, ClientID etc... in my local DB). So, based on their user name If I can redirect to the relevant login page I should be able to support different ADs.
I am not sure how to wire it up properly (Or whether this approach is wrong/doable).
...ANSWER
Answered 2018-Jan-24 at 01:27When a user authenticates in Azure AD, your application receives a list of claims to represent that user. You can use these claims to identify the user and 'link' these attributes to a user in your DB - for example, you can use the Name claim to obtain the user Id (that is usually the user's email), and the NameIdentifier claim for a Unique Identifier for the user (more recommended as unique identifier), and also tenantId to represent the user's tenant/company - than you can wire up these user's attributes in your DB so the user can be represented as one user regardless where they have authenticated.
- This Guided Setup is based on ASP.NET 4.x but may help you with the overall concepts - including multitenancy.
- This Code Sample contains a ASP.NET Core that shows how to integrate with Azure AD with ASP.NET Core.
QUESTION
I have an existing web app that we will be adding Azure AD sign in for. The application is multi-tenanted and users currently sign on using our username and password system. The tenants we have may be using an Azure global account or an Azure Germany account. Since Microsoft Azure services for Azure AD are not dependent on a specific region I didn't think this would be an issue (see security + identity section here).
To begin with I have been looking over the documentation and following the Azure samples for multi-tenanted web apps here. The sample app is the base of my initial trial to see how all of this works and how it can then be put into our own system.
So, my sample Azure app is registered on the global version of Azure. The sign up process is successful for a test tenant on the global site. The problem comes from the Germany test tenant.
The app directs the user to the Germany login endpoint and prompts for consent as expected. The application sitting in the global Azure is then also copied into the Germany tenant's Enterprise Application area (you can see it click on it to see the information and publisher - which actually says "Foreign Cloud Applications"). So that seems to have worked out ok also. But, upon requesting a token using AcquireTokenByAuthorizationCode the following error is returned:
...ANSWER
Answered 2017-Aug-27 at 02:27In the OAuth context, the web application is a confidential client because it authenticates with the Azure AD using a client secret. Currently, it is not possible for a confidential client application to authenticate with the German instance of Azure AD using a key generated on the global Azure portal.
If your web application needs to acquire a token on behalf of a German user account to access an API or needs to validate the token, you will have to register it separately on the German Azure portal.
QUESTION
We have already running ASP.NET MVC web application which is using internal users via token authentication. This is implemented in standard way ASP.NET MVC template provides.
Now we have requirement to extend this authentication model and allow external Azure AD user to sign into web application for configured tenant. I have figured out everything on Azure AD side. Thanks to microsoft github example here
Now both Individual account authentication and Azure AD are working well independently. But its not working together. When I insert both middleware together its giving issue.
Here's my startup_auth.cs file.
...ANSWER
Answered 2017-Jul-07 at 22:44It sounds like your OpenID Connect auth is not connecting to your Cookie auth. It looks like you need to specify a SignInAsAuthenticationType
in your OpenIdConnectAuthenticationOptions
that matches the AuthenticationType
in your CookieAuthenticationOptions
or your ExternalCookie
auth type.
QUESTION
I want to create a second tenant in my subscription in my Azure Germany Account. I need it for testing reasons like in https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-webapp-multitenant-openidconnect// step 5.
As I understand, this is done usually in https://manage.windowsazure.com/. But this seems not to work in Azure Germany, because when I try to login there it gives me an error. When I want to open https://manage.windowsazure.de there is nothing as well as on https://manage.microsoftazure.de/.
What can I do?
...ANSWER
Answered 2017-Apr-20 at 17:21Currently, you need to sign up for a second subscription in order to get a second Azure AD tenant.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install active-directory-dotnet-webapp-multitenant-openidconnect
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page