I have an existing web application that have a custom made authentication and login module. I would like to add login for some users via ADFS openid-connect but all examples I see is based on OWIN which I cannot use. My plan is to let some external users login via Azure AD and once they are authenticated in Azure I will create temporary users in the web application.
Can I use the ADAL framework or do I have to custom code all communication with Azure AD through the use of for example .Net HTTPClient ?
Thanks.
userinfoendpoint you will need an access token to do so. Sometimes the ID token will already contain the claims. If you already have an ID token and validated it, you've already come quite far on your own. The ID token will at least contain the user id ("sub") so this might be enough to create a local login. By the way: Apparently you can use OWIN alongside MVC4 so you may just use owin libraries:cloudidentity.com/blog/2014/07/28/… – mode777The Claims requested by the profile, email, address, and phone scope values are returned from the UserInfo Endpoint, as described in Section 5.3.2, when a response_type value is used that results in an Access Token being issued. However, when no Access Token is issued (which is the case for the response_type value id_token), the resulting Claims are returned in the ID Token.– mode777