To set up AAD App Registration and WebAPI to enable [Authorize], follow these steps:
Create an Azure AD App Registration: a. Log in to the Azure portal b. Click on Azure Active Directory from the left-hand menu c. Navigate to “App registrations” and click “New registration” d. Fill in the required details and click “Register” to create the app registration e. Note the “Application (client) ID” as it will be used in later steps
Configure authentication for the WebAPI: a. In Visual Studio, navigate to the project properties page b. Click on the “Debug” tab and select “IIS Express” under “Launch” c. In the “App URL” field, append “/.auth/login/aad/callback” to the URL (e.g. https://localhost:44353/.auth/login/aad…) d. Save the changes and close the properties window
Configure the WebAPI to validate tokens: a. Install the “Microsoft.AspNetCore.Authentication.AzureAD.UI” NuGet package b. In the “Startup.cs” file, add the following code to the “ConfigureServices” method:
app.UseAuthentication();
Configure the WebAPI to require authorization: a. Add the [Authorize] attribute to the desired controller or action b. Deploy the WebAPI to an Azure App Service
Configure the Azure AD App Registration to allow the WebAPI to access it: a. In the “App registrations” screen in the Azure portal, navigate to the app registration created in step 1 b. Click on “API permissions” and click the “Add a permission” button c. Select “My APIs” and select the WebAPI that was deployed in step 4 d. Select the appropriate permissions and click “Add permissions” e. Grant admin consent for the new permission by clicking “Grant admin consent for…”
Once these steps are complete, the WebAPI should be configured to require authorization and users will need to authenticate via Azure AD before accessing the protected resources.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2023-05-29 20:06:04 +0000
Seen: 11 times
Last updated: May 29 '23
What is Fullscreen Activity in Android?
What does 'Invalid argument (callbackUrlScheme): must be a valid URL scheme' mean?
How can SSL passthrough be implemented with Traefik in Kubernetes?
What are the steps to create a semi-circular shape divided into 8 parts using HTML, CSS, or SVG?
What is the way to name parameters and REST API urls in Spring Boot?
How can ASP.NET Core be configured to incorporate various authorization strategies?
What are the steps to adjust the dot size in a plot created with mpl-scatter-density?