Azure Active Directory authentication in existing project
October 18, 2014
Recently, I needed to add Azure Active directory authentication to an existing web project. There was an automated tool for Visual Studio 2012 but there does not seem to be a similar component for 2013. A lot of the advice I found suggested creating a new project and importing a bit of the code / config from the other application — that’s what I did here. What follows is not a how-to but rather a log of the steps I took to use AAD authentication (mostly for future reference).
First off there are some references that were missing in the project. I needed to add
In addition to the system references, the Microsoft Token Validation Extension should be installed from NuGet.
- Copy over DatabaseIssuerNameRegistry.cs (I added this under utils)
- IssuingAuthorityKey.cs (model\tenant)
- IdentityConfig.cs (This needs to be in the app_start directory)
On your Azure active directory settings you will need to add an application. Click on Applications -> Add -> URL: Localhost:Port (or real URL) and give it the ID of the site you are developing.
Copy over the following config sections replacing any reference to ID / URL with the settings that were applied to the Application added in the Active Directory settings.
- configuration.system.identityModel - The DatabaseIssuerNameRegistry should have the fully qualified name of the DatabaseIssuer class.
- ida:FederationMetadataLocation - Use your active directory path
Again this is not an exhaustive guide but rather a checklist for making sure the correct code/configuration is included in the existing project.