Scroll Top

How to Implement Azure AD in Existing .Net MVC based System

This document explains how to implement Azure Ad to any existing .net MVC based project.
small blue circle floating icon
smaill cross floating icon
small rhombus floating icon
floating star icon
small triangle floating icon
Protect WordPress website mobile banner

How to Implement Azure AD in Existing .Net MVC based System

This document explains how to implement Azure Ad to any existing .net MVC based project.
Azure AD feature image
This document explains how to implement Azure Ad to any existing .net MVC based project. It is assumed that we already have a .net MVC based application prebuilt and we need to implement Azure AD based authentication for the same. Also it is assumed that multiple users of Azure AD we need to map to single application user internally.

Schema design & overall planning to implement Azure AD:

In order to implement the same first step is to design DB table to map Azure AD users with .net based user. Here is the schema for the same.

Moreover, we need to

1) login with admin user and Create One User under AzureAd as well as one user under system. Please follow this link that explains how to set up and create Azure AD. Link

2) Make an entry under above table.

3) Fetch details including  ClientId,Domain,TenentId,PostBackURL from Azure AD account

Once all above details are ready we are good to modify current .net MVC application. Here first and most important thing to note down is we need to remove any .net based authentication we have used mainly because we can not maintain two authentication simulteneously. 

Steps to Modify Existing .Net MVC based application

Step 1 : Modify Existing Login 

Firstly we need to modify existing login routine and make sure we write logic to verify user against Azure Active directory. This woudl be done under startup.cs by implementing OpenId authentication. Below is a screenshot the Oauth2 based authentication.

Azure AD step 1 image

Step 2:

Wherever we have Authentication check we can check almost in the same way here is a screen shot that validates if loggedin user is authenticated or not.

Azure AD step 2 image

Step 3: Modify Logout routine. 

As per above screen shot we need to modify logout routine and make sure system logs out from Active directory sign in.

Azure AD step 3 image

Step 4: Implement a custom Authorization filter and apply that 

We need to modify and override default Authorize attribite and create a custom Authorization filter. 

Azure AD step 4 image
We need to apply this configureAuth attribute instead of Authorize attribite mentioned below on top of all methods or controller. Moreover, all configuration must be stored under standard web.config file. Including clientID, Domain,
Azure AD step 4b image
Azure AD step 4c image
Finally, For user after Signout call back page using below code
Azure AD step 4d image