{"id":3923,"date":"2023-11-04T23:13:56","date_gmt":"2023-11-04T23:13:56","guid":{"rendered":"http:\/\/localhost:10003\/integrating-azure-active-directory-with-your-app\/"},"modified":"2023-11-05T05:48:27","modified_gmt":"2023-11-05T05:48:27","slug":"integrating-azure-active-directory-with-your-app","status":"publish","type":"post","link":"http:\/\/localhost:10003\/integrating-azure-active-directory-with-your-app\/","title":{"rendered":"Integrating Azure Active Directory with your app"},"content":{"rendered":"
One of the primary concerns for businesses using online services is ensuring that their user’s credentials and data are secure. As a developer, one way to address this concern is by integrating Azure Active Directory (Azure AD) with your app.<\/p>\n
Azure AD is a cloud-based identity and access management service that enables you to manage user identities and access to resources in your app. It provides a single sign-on experience for users, multi-factor authentication, role-based access control, and many other features.<\/p>\n
In this tutorial, we’ll walk you through the process of integrating Azure AD with your app. We’ll cover the following topics:<\/p>\n
To follow this tutorial, you’ll need the following:<\/p>\n
Let’s start by creating an Azure AD tenant and registering your app. An Azure AD tenant is a dedicated instance of an Azure Active Directory that your organization controls and manages. It’s used to store information about your organization’s users, groups, and applications.<\/p>\n
To create an Azure AD tenant, follow these steps:<\/p>\n
Once the Azure AD tenant is created, let’s register your app with Azure AD. To do that, follow these steps:<\/p>\n
Now that your app is registered with Azure AD, you need to configure Azure AD for your app.<\/p>\n
\"AzureAd\": {\n \"Instance\": \"https:\/\/login.microsoftonline.com\/\",\n \"Domain\": \"<your-tenant-name>.onmicrosoft.com\",\n \"ClientId\": \"<your-client-id>\",\n \"TenantId\": \"<your-tenant-id>\"\n}\n<\/code><\/pre>\nHere are the descriptions of each configuration setting:<\/p>\n
\n- Instance<\/strong>: The URL of the Azure AD instance.<\/li>\n
- Domain<\/strong>: The name of your Azure AD tenant.<\/li>\n
- ClientId<\/strong>: The client ID of your app, which you can find on the app registration page in the Azure portal.<\/li>\n
- TenantId<\/strong>: The ID of your Azure AD tenant, which you can also find on the app registration page.<\/li>\n<\/ul>\n
\n- In the “Startup.cs” file, add the following code to configure Azure AD authentication:<\/li>\n<\/ol>\n
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)\n .AddAzureAD(options => Configuration.Bind(\"AzureAd\", options));\n\nservices.AddAuthorization(options =>\n{\n options.FallbackPolicy = new AuthorizationPolicyBuilder()\n .RequireAuthenticatedUser()\n .Build();\n});\n<\/code><\/pre>\nThis code configures Azure AD as the authentication scheme for your app and sets up a fallback policy that requires users to be authenticated.<\/p>\n
\n- Finally, decorate any controllers or actions in your app that need authentication with the “Authorize” attribute. For example:<\/li>\n<\/ol>\n
[Authorize]\npublic class HomeController : Controller\n{\n \/\/ ...\n}\n<\/code><\/pre>\nStep 3: Authenticating users with Azure AD<\/h1>\n
With Azure AD authentication configured, let’s authenticate users with Azure AD.<\/p>\n
\n- Add a “Login” button to your app that redirects users to the Azure AD login page. The URL for the login page is:<\/li>\n<\/ol>\n
https:\/\/login.microsoftonline.com\/<your-tenant-name>.onmicrosoft.com\/oauth2\/v2.0\/authorize\n<\/code><\/pre>\nMake sure to replace “” with the name of your Azure AD tenant.<\/p>\n\n- When a user logs in successfully, Azure AD will redirect them back to the URL you specified in the app registration. You can handle this redirect by adding the following code to your app’s code:<\/li>\n<\/ol>\n
[AllowAnonymous]\npublic async Task<IActionResult> SignIn()\n{\n var redirectUrl = Url.Action(nameof(HomeController.Index), \"Home\");\n\n var authProperties = new AuthenticationProperties\n {\n RedirectUri = redirectUrl\n };\n\n return Challenge(authProperties, AzureADDefaults.AuthenticationScheme);\n}\n<\/code><\/pre>\nThis code sets the URL that Azure AD will redirect users to after they sign in and uses the “Challenge” method to initiate the authentication process.<\/p>\n
Step 4: Securing resources with Azure AD<\/h1>\n
Now that users can authenticate with Azure AD, let’s secure resources in your app.<\/p>\n
\n- Add role-based access control to your app by defining roles in Azure AD and assigning them to users. You can do this by following these steps:<\/li>\n<\/ol>\n
\n- In the Azure portal, go to the app registration for your app.<\/li>\n
- Click on “Manifest” in the left-hand navigation menu.<\/li>\n
- Add the roles you want to use to the “appRoles” section of the manifest file. For example:<\/li>\n<\/ul>\n
\"appRoles\": [\n {\n \"allowedMemberTypes\": [\n \"User\"\n ],\n \"description\": \"Admins can manage the app.\",\n \"displayName\": \"Admin\",\n \"id\": \"1b4c2882-4825-43fa-840b-8e4ec1ab8abc\",\n \"isEnabled\": true,\n \"lang\": null,\n \"origin\": \"Application\",\n\n\n \"value\": \"admin\"\n }\n]\n<\/code><\/pre>\n\n- Assign roles to users in Azure AD by following these steps:\n
\n- Go to the user’s profile in Azure AD.<\/li>\n
- Click on “Roles and administrators” in the left-hand navigation menu.<\/li>\n
- Click on “Add assignment” and select the roles you want to assign to the user.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
\n- In your app’s code, use the “Authorize” attribute with role-based authorization to secure resources. For example:<\/li>\n<\/ol>\n
[Authorize(Roles = \"admin\")]\npublic class AdminController : Controller\n{\n \/\/ ...\n}\n<\/code><\/pre>\nThis code restricts access to the “AdminController” to users who have the “admin” role assigned to them in Azure AD.<\/p>\n
Conclusion<\/h1>\n
In this tutorial, we’ve shown you how to integrate Azure Active Directory with your app. By using Azure AD, you can provide your users with a secure, single sign-on experience and enhance the security of your app with multi-factor authentication and role-based access control.<\/p>\n","protected":false},"excerpt":{"rendered":"
Introduction One of the primary concerns for businesses using online services is ensuring that their user’s credentials and data are secure. As a developer, one way to address this concern is by integrating Azure Active Directory (Azure AD) with your app. Azure AD is a cloud-based identity and access management Continue Reading<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","footnotes":""},"categories":[1],"tags":[10,366,368,369,367,212,365,364],"yoast_head":"\nIntegrating Azure Active Directory with your app - Pantherax Blogs<\/title>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n