Ashish
Ashish

Reputation: 2564

Get User Information while Authenticating from Azure Active Directory

I have a web forms application which I developed for testing Authentication/Authorization scenarios. While creating the test project, I selected "No Authentication" which created my project to have no authentication mechanism code. I published the web site to my azure tenant and enabled the Azure Active Directory Authentication from the "Authentication / Authorization" under features. I created an Azure AD app pointing to my web application. After hitting the default page, the app now authenticates and everything seems to work fine.

However, when I run the app locally from within Visual Studio, I am not able to get the user information as there are no appropriate headers available, eg X-MS-CLIENT-PRINCIPAL-NAME. My next step was to call the graph API to get the detailed user information.

NOTE: I am able to include the OWIN code in my web project to authenticate users, but I want minimal code change to my existing on-prem windows authentication application.

Any help / guidance

Upvotes: 0

Views: 2839

Answers (1)

Chris Gillum
Chris Gillum

Reputation: 15052

However, when I run the app locally from within Visual Studio, I am not able to get the user information as there are no appropriate headers available, eg X-MS-CLIENT-PRINCIPAL-NAME. My next step was to call the graph API to get the detailed user information.

This is expected. The X-MS-CLIENT-PRINCIPAL-NAME header (and related headers) is added by the Authentication / Authorization module which runs in app service. when you run locally from Visual Studio, you won't have this module and thus won't have this request header.

If you want to use the same code both locally and in App Service, instead of looking at the request headers, I suggest using .NET APIs which surface up user information, such as ClaimsPrincipal.Current.Identity.Name. This should be populated correctly whether you're using Windows Authentication locally or Authentication / Authorization in Azure App Service.

You can find more information about the underlying mechanics of Authentication / Authorization here: https://cgillum.tech/2016/02/01/architecture-of-azure-app-service-authentication-authorization/.

Upvotes: 3

Related Questions