.Net Core Azure Active Directory Authentication Problems (photos)

0
votes

I tried to follow this tutorial: https://www.bruttin.com/2017/11/21/azure-api-postman.html

What am I doing wrong? I'm using the default template of .net core web api 2.2 in visual studio 2019 and I want to use Azure AD to authenticate. To test the authentication I am using Postman, but I can't get it to work. The photos below show the steps in order in that I am trying.

AuthURL = "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize" TokenURL = "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token"

  1. Create Project Create Project
  2. Choose API Choose API
  3. Enter Domain and check "Read Directory Data" Enter Domain
  4. appsettings.js is generated appsettings.js
  5. Default StartUp.cs File StartUp.cs
  6. Values Controller user the Authorize Attribute Values Controller Authorization
  7. Generate a Secret in Azure Portal Azure Portal Secret
  8. Fill out token request form in PostMan - Successfully get token. Postman token request - Successfully created
  9. Attempt to use the token and access is denied. Access Denied

What am I doing wrong!!!!!

1
asp.net-coreazure-active-directorypostman

1 Answers

0
votes

AuthURL = "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize" TokenURL = "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token"

One point is you are acquire Azure AD V2.0 tokens , if that is an Azure AD v2.0 Web API , you should append /v2.0 to your Authority when config the web api , see source code of Microsoft Identity Web .

You could click here for code sample about web api which protected by Azure AD V2.0 .

If you are using the Azure AD V1.0 , you should use https://login.microsoftonline.com/[tenant_id]/oauth2 endpoint and use resource not scope when acquiring access token .

Microsoft identity platform (v2.0) overview

Azure Active Directory for developers (v1.0) overview