swagger azure ad authentication | web api azure ad authentication | Swagger Azure AD Login

Показать описание

swagger azure ad authentication | web api azure ad authentication | Swagger Azure AD Login | .Net6 Web API Azure AD Authentication
How to integrate Swagger with Azure Active directory(Azure AD) - This swagger azure ad video has the answer. Swagger uses open api specification and we can use it to integrate with any authentication provider like azure ad. For Swagger azure ad login first the application have to be integrated with azure ad authentication to implement swagger azure ad login.

I have used Connected services feature of Visual studio to integrate Web API with Azure AD. It generates Web API Azure AD code, adds required nuget packages, creates azure app registration and configures app settings with swagger azure ad configuration also it creates a default scope access_as_user.

Swagger Azure AD Login requires writing code for AddSecurityDescription, AddSecurityRequirement. AddSecurityDefinition will have content that will be displayed on the Swagger UI. It need .Net6 Web API description, Scopes and also authentication type, Swagger Azure AD Authorization Url, here in this Swagger Azure AD authentication, it is oAuth2.0 and this Swagger Azure AD Login example uses AuthorizationCodeFlow. There are other types of code flows like Password, Implicit, Client Credentials.

Swagger Azure AD Authentication AddSecurityRequirement needed to specify the type of authentication needed, Also it need scopes to be passed.
One last configuration that is needed is to configure the client id.

You need to add the swagger azure ad app registration as a client application by going to api's app registration and expose api, add client application. This will ensure that swagger azure active driectory authentication's app registration have access to the api that we have developed.

Once you run swagger azure ad authentication api solution, it will open the swagger UI. you will see an authorize button on the screen. It will open swagger authenticaiton popup, you need to select the scopes. Once you click on swagger authorize button, it will redirect you to azure ad login page. Once you login, it will return the token to Swagger azure ad app which can be used to access the api.

00:00 Swagger Azure Ad Authentication Intro
00:30 Configure Azure AD to Swagger Azure AD App
04:42 Swagger Azure AD login code
10:49 Swagger Azure AD Client App registration
15:40 Swagger Azure AD Authentication app Testing

#SwaggerAzureAD
#WebAPIAzureAD
#SwaggerWebAPIAzureAD

Buy Me A Coffee :

GitHub:

Рекомендации по теме

Комментарии

Wow ! It has lot of configuration. Really informative content.

TellaTrix

Perfact explanation. Most awaited video.

shivamacharya

Thanks for your video.
Since I have access to swagger securely:

Is it possible in Swagger to create an End-Point to get the Azure token?
And then, using this Token, access the App from another App without having to register the second App?

Otherwise. How could I access this API without having to register my APP with Azure? Maybe using Swagger to get the Token? Is this possible?

juliopinedajung

Your explained very well. Thank you very much! I appreciate it.

ionix

Great explanation. Which users will have a successful login when trying to acquire the token? All users from your directory, or is a specific permission required?

guilhermefaria

I thank you for sharing your knowledge. By the way, is is neccessary to register a new SwaggerClientAppRegistration registration for Swagger in Azure AD? Cannot it be possible somehow to create a Swagger client in the SwaggerAzureADApi registration, please?

shatvani

Can you direct me, how can I do the same in web api .Net Core 6. Both client call and API call will be in same. Long story shot I need Id Token with user roles, without pop-up. Like get the token silent. Your help is much appreciated.

viksdeeps

Unfortunatelly when I open the Swagger API in Chrome or Edge after I click on Authorize button nothing happens but in the Firefox authorization works but when I want to try out the WeatherForcast endpont it gives me this error: 'The user or administrator has not consented to use the application with ID ... named API. Send an interactive authorization request for this user and resource.' Could you tell me what is the problem, here, please?

shatvani

Thank you very much for your video! Really well explained!

volkerkleffmann

How to authenticate the generated bearer token without opening the login window after clicking authorize.

Abhishek-yyxg

16:35 this is fine for testing in Swagger, but do you have a video showing how to authenticate a request m2m without any user to manually authenticate?

acncernedcitizen

thx for the details. Why must swagger have it's own app registration though? Swagger is within the API app no?

walkingdadjokes

Hi I have a question please, why do we need 2 applications ? It's working with one

onurakmese

If I create an Azure Entra ID service to generate a bearer token, with a client_id and client_secret. Can I integrate this in the swagger? Because in your approach you are not using the client secret. I need to use the client secret because I'm building a swagger for a client with oauth2 authentication endpoints, and the idea is to generate the bearer token with a client_id client_secret and the scope. Thanks in advance

Kokolino_

just in case... there`s no more uploaded sample project in github you shared here.

dancristian

Thank you for the video. Can you configure swagger to call controller that configure with [Authorize(Roles = "Api.ReadWrite")]? Thank you in advance

aavuong

can we create an andpoint "login" to get the token and put it in authorize botton to gain access? any link to share? thanks man!

dancristian

Thanks I like it but project not exist in GitHub link and how we can have a logout end point ?

M_Oussama

Do you have something similar on swagger azure ad b2c authentication? I tried to apply this on Azure AD b2c but some steps are different, especially app registration on AD B2C.

drouxn

Is there anyway to refresh the token this way?

_keano

swagger azure ad authentication | web api azure ad authentication | Swagger Azure AD Login

swagger azure ad authentication | web api azure ad authentication | Swagger Azure AD Login

Swagger Azure AD Client Credentials Flow with net core web api

Swagger API access with JWT Bearer token example.

Securing OpenAPI/Swagger with Azure AD and .NET Interactive Notebooks

Swagger ui with oAuth2

Secure ASP.NET Web API with Microsoft Entra ID or Azure MSAL

How to add JWT authorization + Swagger configured + ASP.NET Core 3.1 API with AzureAD

.Net Core Web API Azure AD Authentication and Authorization

Add Swagger in ASP .NET Core 5 | Enable Token Bearer functionality in Swagger

JWT AUTHENTICATION In ASP NET Core with Azure AD | Getting Started With ASP.NET Core Series

Authorize Server (Backend) (.Net Core) using Azure AD JWT Token and React App

.NET 8 Authentication with Identity in a Web API with Bearer Tokens & Cookies 🔒

Authenticate .NET Core with Azure AD

Swagger Basic Authentication || Web API || ASP.NET Core

Enabling Authorization in Swagger tool in asp.net core

Securing Your Web API with Azure AD B2C JWT Validation Policy: A Step-by-Step Guide | Azure | LSC

ASP.NET Authentication using Identity in 10 Minutes - Authentication and Authorization in .NET8

ASP.NET 5 WEB API Development - 07 explore swagger ui

.NET Core Step-by-Step Guide: Configuring Azure AD B2C Authentication for a Web App and Web API

Adding JWT Authentication & Authorization in ASP.NET Core

How to add Azure Active directory Authentication in an existing ASP.Net core web application (MVC).

Net6 Minimal Api | Azure AD Authentication and Authorization

.NET 6 Web API Authentication | Minimal API & Swagger (CRUD)

oAuth for Beginners - How oauth authentication🔒 works ?