Identityserver 4 and Azure AD

c# azure-active-directory identityserver4
31,659

Solution 1

You can use signin to Azure AD from IdentityServer just as you would use signin to IdentityServer from e.g. a Javascript or MVC app.

I have done this recently, and all you need to do is register OpenIdConnect options to Azure Ad like this: 

public void ConfigureAuth(IAppBuilder app)
{
    app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

    app.UseCookieAuthentication(new CookieAuthenticationOptions());

    app.UseOpenIdConnectAuthentication(
        new OpenIdConnectAuthenticationOptions
        {
            ClientId = clientId,
            Authority = authority,
            PostLogoutRedirectUri = postLogoutRedirectUri,
        });
}

More info about this here: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-devquickstarts-webapp-dotnet

You should then in your Login action call the ChallengeAsync method: 

var authenticationProperties = new AuthenticationProperties { RedirectUri = "your redirect uri" };
await HttpContext.Authentication.ChallengeAsync(your policy, authenticationProperties);

Then provide a callback method as a GET method then follow the External Login samples provided in IdentityServer samples: https://github.com/IdentityServer/IdentityServer4.Samples/blob/dev/Quickstarts/4_ImplicitFlowAuthenticationWithExternal/src/QuickstartIdentityServer/Quickstart/Account/AccountController.cs

Solution 2

There is a sample with Azure AD on github , forked from External Login sample provided in IdentityServer samples.

The sample also fixed a known issue "State parameter generated by middleware is too large for Azure AD #978"

Share:
31,659
Patrick
Author by

Patrick

Updated on July 15, 2022

Comments

  • Patrick
    Patrick almost 2 years

    I'm looking into using Identity Server 4 for authentication within a C# based MVC application. I'd like to use accounts stored in Azure AD as a source of valid users but the documentation only seems to refer to Google and OpenID & only mentions Azure in passing.

    Does anybody know of any good documentation and/or tutorials on how to use Azure AD in the context of using it with Identity Server 4?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Update claims in ClaimsPrincipal
IdentityServer4 PostLogoutRedirectUri null
AADSTS90102: 'redirect_uri' value must be a valid absolute Uri
Check if username exist in Microsoft Azure Active Directory
InvalidOperationException: Key type not specified. Microsoft.AspNetCore.ApiAuthorization.IdentityServer.ConfigureSigningCredentials.LoadKey()
Unable to get bearer token from Azure AD to use with API App
How to get Azure AD user's last login time?
IdentityServer4 from .net framework 4.6
Exception: Correlation failed. Unknown location
Bearer error="invalid_token", error_description="The issuer is invalid"