In order to grant permission for accessing resources in another tenant using AuthorizeForScopes, you need to follow these steps:
Add the AzureAd
package to your project.
Configure the Authentication
settings in your Startup.cs
file to include the TenantId
of the other tenant. For example:
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
options.CallbackPath = "/signin-oidc";
options.TenantId = "ANOTHER_TENANT_ID"; // add the TenantId of the other tenant
options.Instance = "https://login.microsoftonline.com/";
options.ClientId = Configuration["AzureAd:ClientId"];
options.ClientSecret = Configuration["AzureAd:ClientSecret"];
AuthorizeForScopes
attribute in your Controllers or Actions to grant access to specific scopes. For example:[AuthorizeForScopes(Scopes = new[] { "https://ANOTHER_TENANT_NAME.onmicrosoft.com/scope1", "https://ANOTHER_TENANT_NAME.onmicrosoft.com/scope2" })]
public async Task<IActionResult> MyAction()
{
// code goes here
}
Expose an API
section in the App Registration portal and adding the required scopes.Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2023-02-24 11:00:00 +0000
Seen: 9 times
Last updated: Mar 26 '23
What is Fullscreen Activity in Android?
What does 'Invalid argument (callbackUrlScheme): must be a valid URL scheme' mean?
How can SSL passthrough be implemented with Traefik in Kubernetes?
What is authentication using C# ASP.NET Core MVC?
What are the steps to create a semi-circular shape divided into 8 parts using HTML, CSS, or SVG?
What is the way to name parameters and REST API urls in Spring Boot?
How can ASP.NET Core be configured to incorporate various authorization strategies?