Net6 Web Api Azure AD Authentication And Authorization With Azure Ad Groups

preview_player
Показать описание
Net6 Web Api Azure AD Authentication And Authorization With Azure Ad Groups | Using Azure AD groups authorization in ASP.NET Core | How to do Authorization based on Azure AD groups and Authenticate using Azure AD in .net core application?

Generally the Azure Token will have the groups related information, however if the user have 5+ number of groups in the token, Azure token will be created with "hasgroups"=true. This is called Groups overage.

In this scenario, our Azure AD Groups Authorization Web API application has to call Azure Graph API to check if the user has the required group or not. Web API using Azure Graph API can validate the groups by passing the required group IDs. If the groups are assigned to the user, Graph API will return the groups information to Web API application and Web API can validate the presence of Azure Group Groups.

To test Web API Azure AD with Postman, we need to use Oauth2.0 and generate an implicit token. We need to pass the required scopes to Azure AD. Postman authorize Azure AD can be done after specifying the required groups.

#AzureADGroupsAuthorization#
#Net6AzureAD#
#WebAPIAzureGraphAI#

Chapters
00:00 Web API Azure AD Azure AD Groups Authorization Intro
03:19 Net6 Azure AD Groups Authorization app creation
05:15 Explanation to Azure AD code
26:00 Azure AD Groups overage in .Net6 Web API
28:00 Web API calling Azure Graph API
31:00 Web API Azure AD Testing With Postman

  1. AzureTeach•Net
  2. Net6 Web Api Azure AD Authentication And Authorization With Azure Ad Groups
  3. Using Azure AD groups authorization in ASP.NET Core
  4. How to do Authorization based on Azure AD groups and Authenticate using Azure AD in .net core
  5. WebAPI Azure AD Groups Authorization
  6. Azure AD Groups authorization in Web API
Рекомендации по теме
Net6 Web Api 0:33:41

Net6 Web Api Azure AD Authentication And Authorization With Azure Ad Groups

.Net Core Web 0:28:20

.Net Core Web API Azure AD Authentication and Authorization

Net6 Minimal Api 0:15:48

Net6 Minimal Api | Azure AD Authentication and Authorization

.NET Core Step-by-Step 0:28:55

.NET Core Step-by-Step Guide: Configuring Azure AD B2C Authentication for a Web App and Web API

Authentication and Authorization 0:37:25

Authentication and Authorization [4 of 8] | .NET on Azure for Beginners

Secure ASP.NET Web 0:29:40

Secure ASP.NET Web API with Microsoft Entra ID or Azure MSAL

Azure AD Web 0:27:32

Azure AD Web Api Authentication Multitenant | .Net6 Web API Azure AD Multi Tenant Authentication

Web Api Calling 0:33:19

Web Api Calling Web Api Azure AD(Active Directory) Authentication and Authorization

Scaling and Maintaining 1:16:43

Scaling and Maintaining AI Apps on Azure

Swagger Azure AD 0:27:17

Swagger Azure AD Client Credentials Flow with net core web api

JWT AUTHENTICATION In 0:25:56

JWT AUTHENTICATION In ASP NET Core with Azure AD | Getting Started With ASP.NET Core Series

You Won't Believe 0:42:39

You Won't Believe How Easy Azure AD SSO Is in .NET Core

Authenticate .NET Core 0:11:44

Authenticate .NET Core with Azure AD

Web Api Authentication 0:16:08

Web Api Authentication And Authorization Using Azure ad | add roles to user

Master Azure AD 0:23:33

Master Azure AD Authentication in 30 Minutes with Angular and .NET Core 8!

Demo - Azure 0:06:34

Demo - Azure AD apps .NET core web APIs

How to add 0:22:43

How to add Azure Active directory Authentication in an existing ASP.Net core web application (MVC).

Authorize Server (Backend) 0:15:13

Authorize Server (Backend) (.Net Core) using Azure AD JWT Token and React App

How You Can 0:06:30

How You Can Use The Microsoft Graph API in C#

Asp.Net Core Web 0:14:45

Asp.Net Core Web App with Azure Graph Api Integration - Get All Users Information

.NET 8 Authentication 0:20:25

.NET 8 Authentication with Identity in a Web API with Bearer Tokens & Cookies 🔒

swagger azure ad 0:17:27

swagger azure ad authentication | web api azure ad authentication | Swagger Azure AD Login

Roles and Scopes 0:09:42

Roles and Scopes in Azure Identity | azure ad roles scopes | oauth2.0 roles vs scopes

Azure AD Integration 0:07:39

Azure AD Integration with ASP.Net Core Web application.

Комментарии
Автор

Wow, really helpful your all contents on YouTube

TellaTrix
Автор

Please help me. Why if I add mail.read permission and try to get _graphService.Me.Messages, do I get "Message: Resource could not be detected"? I added mail.read and user.read to the scope and ApiPermissions

Alex-jwrs
Автор

Thank you very much for the valuable content. Unable to understand the reason you add user.read in the url and delegate permission to it. Please explain the reason.

arusuvaiunavu
Автор

Hello, friend, how can get name of groups asigned to my account in token???, thanks for your help, have a nice day

Автор

I am Getting users in Context as null.Anyone please help me on this?

rudrapatisravani
Автор

Awesome content...that's really helps me... thanks again

dupadhyay
Автор

This is a really good video as I'm attempting to get the groups. In your group claims, you are using the GroupID, what about using the sAMAccountName and "Emit groups as a role claims? I just think that there's too much working into getting something simple. (I now understand about the header restriction, thank you!) Also, the base controller suggestion (and common practice here at work), however, the application I'm creating has two auth aproviders -- and the base controller is deeply wired into one of our base controller.

Without using graph, Windows Server AD based groups are the only ones appearing in the roles collection; meaning that (for instance), my account has two of them -- but I'm in several groups. Are you saying that the only way I can use groups is through the groupID rather than a group name? (if so, that seems entirely too laborious) Please advise.

mikemcwilliams
Автор

I created an app on Power Apps and also created users on Azure. Now I need to integrate these users into my application by assigning them specific roles. can you help me please

mahmoudkchaou-fb
Автор

amazing ! thank you very much i was struggling all these times with this Azure AD authentication and authorization, you made it really easy for me now

zia
Автор

The Allow Admin Consent is disabled, because of which not able to run the application, any help is appreciated

sharmavadali
Автор

very simple and crisp explanation. thanks v much! really helpful

apoorvasd
Автор

Good explanation and helpful. Do you have a video how one can call the same using webapi instead of postman or swagger.

viksdeeps
Автор

Hi, After adding I am getting access token and id token using angular 12 but I can see group claims only in id token where as I can't see group claims in access token. Can you help me from this.

shashankgonuguntla
Автор

please provide code to generate JWT token in client application instead of using postman

nagamallikaannapureddy
Автор

Superb tutorial and explanation. Thanks so much for the insight!

ulteriormotive
Автор

hi, i want to make a system that can only be accessed by certain AD groups

to access the API you created in the video you need to enter the username and password through the login screen

i want the microsoft login screen to only be needed on the frontend, so my backend only receives the jwt token and validates if it can access each route, is it possible to do that? do you have a video explaining this?

MatheusAlmeidaC
Автор

Nowadays, Seem like azure have updated about returning claims groups to the new format but thanks for this video.

KanokpitsunLertprommakul
Автор

thank you very much for this video..The content is really solid..appreciating you a lot.thanks once again

piyalibasak
Автор

Great content, really helpful, thanks!

Stefano-wufs
Автор

hello, thanks for this video, how to generate this token 14:08 in C# ?

bouzidiyakoub