0

I have the following setup for my application:

services
    .AddAuthentication(options =>
    {
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultForbidScheme = JwtBearerDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
        options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    })
    .AddOpenIdConnect(options =>
    {
        options.ClientId = Configuration["ClientId"];
        options.Authority = $"https://login.microsoftonline.com/{Configuration["TenantId"]}";
        options.ClientSecret = Configuration["ClientSecret"];
    })
    .AddJwtBearer(options =>
    {
        options.Audience = Configuration["ClientId"];
        options.Authority = $"https://login.microsoftonline.com/{Configuration["TenantId"]}";
    })
    .AddCookie();

services.AddAuthorization();

OIDC and JWT work just fine. Calls from clients using JWT tokens get authenticated. When making browser calls without token user gets redirected to AzureAD auth portal; comes back to the 'signin-oidc' endpoint; OIDC, by using the specified SignInScheme, places the cookie values in the response and gets redirected to the URL that generated challenge.

After redirection I can inspect the Cookies in the request and I can find the .AspNetCore.Cookies values in the request, but no authentication is happening for these requests. They get redirected back to the AzureAD portal for authentication.

Any ideas?

Arturo Martinez
  • 3,737
  • 1
  • 22
  • 35
  • Please cross check with the aspnet core samples provided [here](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2). – Kalyan Krishna Mar 25 '19 at 20:45
  • One point try to change the Authority to` https://login.microsoftonline.com/tenant/v2.0` when using v2.0 endpoint – Nan Yu Mar 26 '19 at 06:17

0 Answers0