I have created Azure Web App with AAD authentication.
But unable to read the Signed in User group details.
I have created web app/app registration Like this https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-provider-aad.
Once the Web App authenticated application redirect https://contoso.azurewebsites.net/.auth/login/done
Once AAD user authorized. we need to pull the Group details (I Need MailNickName).
using (var httpClient = new HttpClient())
{
httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {Request.Headers["X-MS-TOKEN-AAD-ACCESS-TOKEN"]}");
var tenantId = ClaimsPrincipal.Current.Claims.Single(x => x.Type == "http://schemas.microsoft.com/identity/claims/tenantid").Value;
var userId =ClaimsPrincipal.Current.Claims.Single(x => x.Type == "http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
var httpResponse =httpClient.GetAsync("https://graph.microsoft.com/v1.0/me/memberOf").Result;
httpResponse.EnsureSuccessStatusCode();
var jsonResult =await httpResponse.Content.ReadAsStringAsync();
/* IUserMemberOfCollectionWithReferencesPage groups;
while (groups.Count > 0)
{
foreach (Group g in groups)
{
rol.Add(g.MailNickname);
}
if (groups.NextPageRequest != null)
{
groups = await groups.NextPageRequest.GetAsync();
}
else
{
break;
}
}
return rol.Where(x => x.Length <= 8).ToList();*/
}
Note : We are not using OpenID Connect.
I need the lsit of (g.MailNickname) for the Signed User. I got unauthorized error.
Thanks in Advance.