Azure Active Directory in ASP.NET Core

Question

I have implemented Azure Active Directory in ASP.NET Core. I'm using swagger for my API.

Startup.cs:

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));

services.AddControllersWithViews(options =>
        {
            var policy = new AuthorizationPolicyBuilder()
                .RequireAuthenticatedUser()
                .Build();
            options.Filters.Add(new AuthorizeFilter(policy));
        });

appsettings.json:

"IdentityUrl": "https://localhost:44392/",
"ADClientId": "77******-****-****-****-********eac",
"ADDomain": "*******",
"ADTenantId": "a7******-****-****-****-********5cd",
"ADInstance": "https://login.microsoftonline.com/",

I'm getting this error:

I have specified clientId in appsettings but still I'm getting this error.

score 0 · Answer 1 · answered Aug 29 '21 at 05:06

I don't understand why you use the settings with that names on your appsettings

The official Microsoft docs says:

{
  "AzureAd": {
    // Azure cloud instance among:
    // - "https://login.microsoftonline.com/" for Azure public cloud
    // - "https://login.microsoftonline.us/" for Azure US government
    // - "https://login.microsoftonline.de/" for Azure AD Germany
    // - "https://login.partner.microsoftonline.cn/common" for Azure AD China operated by 21Vianet
    "Instance": "https://login.microsoftonline.com/",

    // Azure AD audience among:
    // - "TenantId" as a GUID obtained from the Azure portal to sign in users in your organization
    // - "organizations" to sign in users in any work or school account
    // - "common" to sign in users with any work or school account or Microsoft personal account
    // - "consumers" to sign in users with a Microsoft personal account only
    "TenantId": "[Enter the tenantId here]",

    // Client ID (application ID) obtained from the Azure portal
    "ClientId": "[Enter the Client Id]",
    "CallbackPath": "/signin-oidc",
    "SignedOutCallbackPath": "/signout-oidc"
  }
}

Have you redefine the AzureAD parameters binding? If not, check to use the official one.

After I made those changes i'm getting this kind of error in my swagger. And its causing from the code I have added in startup.cs . "Failed to fetch. Possible Reasons: CORS Network Failure URL scheme must be "http" or "https" for CORS request." — Akshatha-M, Aug 30 '21 at 10:45

score 0 · Answer 2 · answered Sep 01 '21 at 06:59

Follow this document and I test in my side, I can call api successfully.

  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "ClientId": "2c0xxxxxxx57",
    "Domain": "tenantname.onmicrosoft.com", // for instance contoso.onmicrosoft.com. Not used in the ASP.NET core template
    "TenantId": "common",
    "Audience": "8fxxxx78"
  }

in startup.cs

public void ConfigureServices(IServiceCollection services)
        {
            services.AddMicrosoftIdentityWebApiAuthentication(Configuration);
            services.AddControllersWithViews();
        }

And [this answer](https://stackoverflow.com/a/68799358/15581227) may provide more details for you. — Tiny Wang, Sep 01 '21 at 08:15

Azure Active Directory in ASP.NET Core

2 Answers2