How to use Azure AD Authentication in web application

By | November 13, 2017

When you want to use Azure Active Directory Authentication in your web application, you have two choices. One when you create your application that time itself you can provide the organization details and Visual Studio will do the rest of the work for you. In background Visual Studio will create application registration for your newly created application. Below image shows where you can provide your organization details when you create a new application in Visual Studio

When you click on change authentication option you will be asked to provide you azure account details as shown below.

When you click on the OK button. Visual Studio will do all the magic and it will create web application solution which will have all the configuration done already. You can simple build the application and run, you will be redirected to you organizations AD page where you need to provide your credentials and then you will be able to login to your application.

But in most of the cases you will have to add Azure Active Directory Authentication in the existing application. In that case you can use connected services dialog to configure Azure Active Directory using following steps

  1. In Visual Studio, create or open an ASP.NET MVC project, or an ASP.NET Web API project.
  2. From the Solution Explorer, right-click the Connected Services node, and, from the context menu, select Add Connected Services.
  3. On the Connected Services page, select Authentication with Azure Active Directory.Connected Services page
  4. On the Introduction page of the Configure Azure AD Authenticationwizard, select Next.Introduction page
  5. On the Single-Sign On page of the Configure Azure AD Authenticationwizard, select a domain from the Domain drop-down list. The list of domains contains all domains accessible by the accounts listed in the Account Settings dialog. As an alternative, you can enter a domain name if you don’t find the one you’re looking for, such as mydomain.onmicrosoft.com. You can choose the option to create an Azure Active Directory app or use the settings from an existing Azure Active Directory app. Select Next when done.Single-sign on page
  6. On the Directory Access page of the Configure Azure AD Authentication wizard, ensure that the Read directory data option is checked.Directory access page
  7. Select Finish to add the necessary configuration code and references to enable your project for Azure AD authentication. You can see the Active Directory domain on the Azure portal.
  8. Visual Studio will display a What Happened article to show you how your project was modified. If you want to check that everything worked, open one of the modified configuration files and verify that the settings mentioned in the article are there.

If you want to do Azure Active Directory configuration in the existing application without using connected services dialog box you can refer another post (link) which explain it.

 

Leave a Reply

Your email address will not be published. Required fields are marked *