Azure Active Directory authentication in existing project
October 18, 2014
Recently, I needed to add Azure Active directory authentication to an existing web project. There was an automated tool for Visual Studio 2012 but there does not seem to be a similar component for 2013. A lot of the advice I found suggested creating a new project and importing a bit of the code / config from the other application — that’s what I did here. What follows is not a how-to but rather a log of the steps I took to use AAD authentication (mostly for future reference).
References
First off there are some references that were missing in the project. I needed to add
- System.IdentityModel
- System.IdentityModelServices
In addition to the system references, the Microsoft Token Validation Extension should be installed from NuGet.
Code
- Copy over DatabaseIssuerNameRegistry.cs (I added this under utils)
- IssuingAuthorityKey.cs (model\tenant)
- Tenant.cs
- TenantDbContext.cs
- IdentityConfig.cs (This needs to be in the app_start directory)
Azure
On your Azure active directory settings you will need to add an application. Click on Applications -> Add -> URL: Localhost:Port (or real URL) and give it the ID of the site you are developing.
Config
Copy over the following config sections replacing any reference to ID / URL with the settings that were applied to the Application added in the Active Directory settings.
- configuration\configSections\system.identityModel
- configuration\configSections\system.identityModel.services
- configuration\location
- configuration.system.identityModel - The DatabaseIssuerNameRegistry should have the fully qualified name of the DatabaseIssuer class.
- configuration\system.web\authentication
- configuration\system.web\authorization
- configuration.system.identityModel.services
- 
configuration\appSettings - ida:FederationMetadataLocation - Use your active directory path
- ida:Realm
- ida:AudienceUri
 
- configuration\system.webServer
Again this is not an exhaustive guide but rather a checklist for making sure the correct code/configuration is included in the existing project.
Hi 👋 I'm Ryan Lanciaux. I run Spaceship Studio, LLC. a consultancy specializing in fast and dynamic web and native mobile applications.
I live in Ann Arbor with my wonderful family! In my freetime, I create electronic music.
