- SIGN-ON-URL:
This is called login URL of your applications , When a user “signs in” to an application, they go through an authentication process where they are required to prove that who they are. Here you can use localhost and once moved to production you can change it. If your applications is running at localhost: 5385 than you can use localhost: 5385 here but such value gives you trouble in advanced stages so the best suggestion is to use the URL of your applications.
- APP ID URI:
This must be a unique URL, here mostly what we do is use a URL with our tenant Azure (*.onmicrososoft.com) along with the name of applications. (eg. http://dutechnosys.onmicrosoft.com/DogDemo).
Once we have entered those two values then our application is created but now we need to do some additional changes, click on configuration tab to add one additional value called REPLY URL as mentioned in below image.
![url]()
“REPLY URL” is where Azure Active directory is redirected after the loginprocess, you can use local host here and can change it any time.The Reply URL is the location to which Azure AD will send the authentication response, including a token if authentication was successful. In the case of a native application, the Redirect URI is a unique identifier to which Azure AD will redirect the user-agent in an OAuth 2.0 request. All I am using here is
http://localhost:59917/Home/Contact Now copy the "CLIENT ID" displayed on the same screen configuration (it is a guid) since you'll need to configure the application:
![configure]()
After all the above steps we are done with ADD and now the next step is to use the ASP.NET core set applications to use Azure active directory as authenticationprovider.
Step Two Configure ASP.NET applications core: You just need to create a new application using asp.net as mentioned in the below image.
![configure]()
Visual Studio 2015: In Solution Explorer, right click on your existing project and select the Configure Azure AD Authentication option. Once you do that it will open your Existing azure active directory you can check from copied client ID. By the way, from here you can also add your applications into Azure Active Directory.
![new]()
Once you complete the steps it will verify your account and after successful verification it will replace your existing AccountController.cs ,Startup.Auth.Cs, _LoginPartial.cshtml,
If you want to see important changes than those are available in Startup.Auth.Cs file,
- privatestaticstringclientId = ConfigurationManager.AppSettings["ida:ClientId"];
- privatestaticstringaadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
- privatestaticstringtenantId = ConfigurationManager.AppSettings["ida:TenantId"];
- privatestaticstringpostLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];
- privatestaticstring authority = aadInstance + tenantId;
-
- publicvoidConfigureAuth(IAppBuilder app)
- {
- app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
-
- app.UseCookieAuthentication(newCookieAuthenticationOptions());
-
- app.UseOpenIdConnectAuthentication(
- newOpenIdConnectAuthenticationOptions
- {
- ClientId = clientId,
- Authority = authority,
- PostLogoutRedirectUri = postLogoutRedirectUri
- });
- }
Don’t forgot to check web.confg to modify the value in future,
![modify]()
Now it’s time to run applications, once your build is successful it will ask you to add SSL error, add that in browser and it will show yo the following image
![run]()
Click on Accept and you are ready to move on.
Conclusion:
In this post I talked about the developer experience of building Web Applications and Web API applications that are protected by Azure AD. A great article by Mr. Tom Archer will explain details about Getting Started with Azure Active Directory and Visual Studio connected services (
MVC Projects).