I have a project developed by ASP.net MVC5 and the .NET Framework version is 4.7 and I have been implemented AAD authentication by OWIN OpenID Connect Middleware. It's working well. But in recent days I am studying MSAL.net and it helps us to do the same process in an easier way, every demo was developed in ASP.net Core, please help me that is there a way in .NET Framework to implement AAD authentication by MSAL.net?
Thanks!
Related
We would like to achieve SSO(Google, Microsoft, Twitter, Facebook) for a .net core 3.1 web api (console api controllers) application. I have gone through few links that achieves this with the help of MVC or angular front end and IdentityServer4. Our application is purely an web api. Can some one guide me with sample code or link to achieve this? How does SignInWithGoogle/FB/Twitter/Microsoft button and its click will be handled?
We are using OAuth1.0 for xero and now we have to change this to 2.0.
To do the migration what is the first most step?
Is there any code changes to existing application? We are using c# mvc
There is a new Xero C# SDK for OAuth2.0 although you could also plug in any standard OAuth2.0 or OpenID Connect library.
We have a microservices architecture made of .Net 4.6.1 Web API's that all use the same machineKey in their web.config's, which is required for them to be able to communicate. They are all deployed to in house company servers. We want to start using .Net Core 2 for new Web API's, but .Net Core Web API's use the new Data Protection API, which doesn't use the machineKey anymore, but uses a shared key file. So my question is:
How can we create a new .Net Core 2 Web API and add it to our existing .Net 4.6.1 microservices architecture, and get them communicating using the machineKey that they already use?
After much research I have come to the conclusion that this cannot be achieved, because .Net Core 2 API's do not support machineKey encryption. So, I retrofitted our .Net 4.6 API's with the .Net Core Data Protection API and configured them to use the same keyset. Then in our .Net Core API's I configured the Data Protection API's to use the same keyset as the .Net 4.6 API's. Then I created authentication middleware for our .Net Core 2.1 API's that decrypted the access tokens and created claims.
Here's a good article about replacing the machineKey in ASP.NET with Data Protection API:
https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/compatibility/replacing-machinekey?view=aspnetcore-2.1
Here's a good thread about creating ASP.NET Core 2 Middleware:
ASP.NET Core 2.0 authentication middleware
I am already having mvc application in .net along with SAML authentication with wsFederation. I need to implement ping federate for my application. Please help me with this issue.
PingFederate supports WS-Federation. See docs here for version 8 and version 9.
I am working with a project where frontend is Angular 4. It consumes Asp.Net WEB API services. I have implemented token based authentication for accessing restricted api calls along with refresh token implementation.
Now i want to implement additional authentication mechanism like Native AD, ADFS and other third party services like OKTA using SAML 2 authentication.
I want to understand flow how it will work with web api along with Angular SPA.
These are the flows you could use. https://developer.okta.com/authentication-guide/implementing-authentication/ and Okta already have SDKs that can help you https://developer.okta.com/quickstart/#/angular/nodejs/generic. <- uses Implicit flow.