Microsoft Identity Pltaform with asp.net Core Identity

I’m trying to utilize Microsoft Identity Platform for some users of web application. I’m using this example:
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-aspnet-core-webapp

The problem is the example shows how to turn on Microsoft Identity "globally", for the whole app, and all the roles are populated from the platform. But in my case users are stored in DB, and sign in using Azure AD should be optional. The ideal flow will be to login the user with Microsoft Identity Platform, get the email after successful login and then authenticate user using existing asp.net core identity mechanism with populating users from DB (using UserStore and etc.). But I can’t find the way, how to do it, ho to handle "event" after successful login with the platform?

It is even possible with Microsoft Identity Platform?

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

Apparently MSAL library can’t act as external login provider for ASP.NET Identity, so it’s not possible.
Source: https://github.com/MicrosoftDocs/azure-docs/issues/53695

If someone needs to utilize Azure AD login with ASP.NET identity, it could be done in several ways:

  1. Using Microsoft.AspNetCore.Authentication.AzureAD.UI
    https://austincooper.dev/2020/02/02/azure-active-directory-authentication-in-asp.net-core-3.1/
    Azure AD as an "external provider"?

  2. Using WsFederation
    https://cmatskas.com/asp-net-core-saml-authentication-with-azure-ad/

  3. Using SAML directly using some 3rd party library or inhouse SAML stack implementation:
    https://matthijs.hoekstraonline.net/2020/04/14/authenticate-an-azure-ad-user-with-saml-for-asp-net-core/

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply