Reputation: 2564
Get User Information while Authenticating from Azure Active Directory
I have a web forms application which I developed for testing Authentication/Authorization scenarios. While creating the test project, I selected "No Authentication" which created my project to have no authentication mechanism code. I published the web site to my azure tenant and enabled the Azure Active Directory Authentication from the "Authentication / Authorization" under features. I created an Azure AD app pointing to my web application. After hitting the default page, the app now authenticates and everything seems to work fine.
However, when I run the app locally from within Visual Studio, I am not able to get the user information as there are no appropriate headers available, eg X-MS-CLIENT-PRINCIPAL-NAME. My next step was to call the graph API to get the detailed user information.
NOTE: I am able to include the OWIN code in my web project to authenticate users, but I want minimal code change to my existing on-prem windows authentication application.
Any help / guidance
Upvotes: 0
Views: 2839
Answers (1)
Reputation: 15052
However, when I run the app locally from within Visual Studio, I am not able to get the user information as there are no appropriate headers available, eg X-MS-CLIENT-PRINCIPAL-NAME. My next step was to call the graph API to get the detailed user information.
This is expected. The X-MS-CLIENT-PRINCIPAL-NAME header (and related headers) is added by the Authentication / Authorization module which runs in app service. when you run locally from Visual Studio, you won't have this module and thus won't have this request header.
If you want to use the same code both locally and in App Service, instead of looking at the request headers, I suggest using .NET APIs which surface up user information, such as ClaimsPrincipal.Current.Identity.Name. This should be populated correctly whether you're using Windows Authentication locally or Authentication / Authorization in Azure App Service.
You can find more information about the underlying mechanics of Authentication / Authorization here: https://cgillum.tech/2016/02/01/architecture-of-azure-app-service-authentication-authorization/.
Upvotes: 3
Related Questions
- How to get Name of Authenticated user in ASP.NET Core application using Azure Active Directory
- Get user details with Azure Auth MFA - Multi factor authentication
- Get logged in user with Azure Web Apps Auth
- Get Current logged in user details from Azure AD in Web API controller
- Get user details with azure active directory as authentication provider
- Obtain user from Azure Web App using AD authentication
- Get user details with ClaimsPrincipal.Current
- Get user name from Azure authenticated AD in .Net Web API
- Read Azure AD login user details in ASP.net
- Getting user info from Azure API App when authenticated via browser form