I already setup the MVC external login with my own OAuth2 provider. It seems the default "ASP.NET Identity" will still create the user locally (Using the default Entity Framework DB).
Is it possible to avoid this and completely leave the authentication to the external party? Like the Windows Authentication or JWT based WebAPI.
I tried to follow Use cookie authentication without ASP.NET Core Identity but it goes nowhere.
Related
I have an asp .net core 3.1 web application that uses the MS Identity (for users) and Entity (codefirst) framework to authenticate users stored in database.
All user rights/groups etc. are stored locally and used to allow/deny access to different areas of the application.
So what I think I need is a way to allow users in my web-app to choose to authenticate using AzureAD account, and when the authentication is done, the wep-app will sign-in the local-user somehow linked to the Azure user
Is this how to do this, or can you guide me to how to do this the correct way
To achieve the above requirements, You can use Azure AD authentication & external login in your asp.net application by implementing the code in your appsettings and controller as mentioned here .
As you wanted to implement the application ,
Consider other options before storing users of your Web applications in a local database. Instead of managing users in a local database, it's best practice to store and manage user information outside of the application, such as with Azure Active Directory or Azure Active Directory B2C. Consider Identity Server if the authentication service must run on-premises. Identity Server is a member of the.NET Foundation and is OpenID certified.
To implement from scratch you can refer this blog.
Please refer the below links for the similar discussion & Documentation to get started with :-
MICROSOFT DOCUMENTATION|Secure a hosted ASP.NET Core Blazor WebAssembly app with Identity Server
SO THREAD|Implement both Individual User Accounts and Azure AD Authentication & .NET Core Identity Server 4 Authentication VS Identity Authentication
BLOG| Integrating with External identity Providers
I need to make my new ASP.NET Core Blazor WASM application authenticate with our on-prem ADFS/WSFederation servers. Specifically, it needs to automatically log-in users that are already logged into our AD domain, without making them go to a login page. Basic single sign on behavior. (This is how ASP.NET worked by default with ADFS/WSFederation)
I can get SSO to work without using Identity, and I get get Identity to use a log-in screen that will allow you to choose a WSFederation server as an external log-in provider, but that still begins at a log-in screen.
Can ASP.NET Core Identity work in an SSO configuration (no login screens appear for domain users), or is Identity built on the assumption that Log-in screens will be used? If it can be done, how is that set up? If I can't use Identity, can I still use other middleware like Authorization?
I have selected Individual User Accounts while creating Blazor application. I have no idea where I can modify the Login page that was created, the file with source dode is not available anywhere.
How to modify Login page in that scenario?
When choosing your configuration the created template gets delivered with IdentityServer and ASP.NET Core Identity. IdentityServer makes the Endpoint OpenID/OAuth compatible. This is needed for the Blazor WebAssembly app to streamline the process of getting a token, validating it etc. ASP.NET Core Identity is used to save and retrieve the users from the database, loging them in by setting a Cookie and checking the correctness of provided passwords, hashing them etc. This link answers how you can modify the default Razor Pages delivered when an app with ASP.NET Core Identity is created.
Where are the Login and Register pages in an AspNet Core scaffolded app?
I really need your help. I am trying to implement IdentityServer4to generate tokens for authenticated users giving them access to the web application. However, I have set my IdentityServer Project in its own solution. Then I have a web application that runs. What I need to implement is:
1.Using Identity user signs in.
2. if successful redirect to identity server4 to generate token
3. Redirect back to application with genrated tok
You will have to add in IdentityServer configuration web application as a client with scopes. Please see here:
http://docs.identityserver.io/en/latest/topics/clients.html
https://github.com/IdentityServer/IdentityServer4/tree/main/samples/Quickstarts/2_InteractiveAspNetCore/src
An website created by Node.js/Express.js. Authentication provided by Passport.js. After login Express.js creates cookie.
Subdomain will be created with .Net Core. And it if found cookie, has to automatically authenticate user.
I know .Net Core Identity.
But I can't get any information in Google about this solution.
How .Net Core app can authenticate if cookie is founded?