When you setup an ASP.NET Core web API project and go through the wizard to associate it with an Azure Active Directory tenant it will add the necessary plumbing within your project to get it all working. However, if you are ever in a place where you need to use on-behalf-of flow to obtain another … Continue reading Attaching the Bearer Token to Claims Identity in ASP.NET Core to implement On-Behalf-Of Flow
Application ID ‘c8f9a6ef-a5c6-4d19-993d-2c4ded2b55d6’ is a Web app / API. AADSTS50011: The reply address 'https://localhost:44318/' does not match the reply addresses configured for the application: 'c8f9a6ef-a5c6-4d19-993d-2c4ded2b55d6'. Do not get reply URL confused with home page URL. There is a dedicated place for Reply URLs and you can have more than one!
So I’ve been working a lot with Azure Active Directory B2C recently and thought I would jot down some of the idiosyncrasies I’ve found while using the Azure Portal. The implementation leaves much to be desired and can be very jarring and seem disjointed to new users. I’ll focus on a few of the common … Continue reading Setting up and Managing Azure Active Directory B2C: The Complete Guide to Azure Portal Weirdness
So in my last post on the topic, I was describing some challenges I faced when receiving 401 not authorized errors when attempting to pass a seemingly correct bearer token to my Azure Active Directory protected WebAPI. I’ve discovered the solution. Not only was I able to get it working but it also works flawlessly … Continue reading AspNetCore.TestHost + Azure Active Directory (Part II)
I’ve been continuing my journey to deepen my understanding of Active Directory and Active Directory B2C and establish best practices and a reference architecture for creating automated integration tests for a Web API protected by either Azure Active Directory or Azure Active Directory B2C. I wanted to write about an issue that I encountered when … Continue reading Azure AD B2C Tip: Make sure you explicitly grant permissions between apps with delegated permissions
I've been hankering to enable my Azure AD protected WebAPI to be manually testable using Swagger UI. In order to do that, I need Swagger UI to authenticate against Azure Active Directory and make calls to my Azure-AD protected WebAPI. I've had to take a step back as my first attempt to do it with … Continue reading Enable Swagger to authenticate against Azure AD (Revised)
I have been evaluating new practices for implementing Integration Testing WebAPIs and I’ve been trying to use TestHost to test a WebAPI that I have secured with Azure Active Directory. I am able to use PostMan to obtain a bearer token from Azure AD's oauth2/token endpoint and call HTTP GET on '/api/Values'. However, when I … Continue reading AspNetCore.TestHost + Azure Active Directory (Part I)
I’ve been trying to figure out how to enable authentication on Swagger UI setup on an ASP.NET Core API hosted on Service Fabric (currently hosted locally). I initially setup the Service Fabric project using the wizard and immediately connected it with an application in my Azure AD B2C tenant. This appears to work but when … Continue reading Swagger UI authentication with Azure AD B2C on Service Fabric .NET Core