Reputation: 18875
Challenge and Authentication Schemes not found for Azure AD Authentication with dotnet Core Web MVC app
I am creating an ASP.NET Core 3.1 MVC web app and try to set up Azure AD authentication (on my Mac using Visual Studio for Mac). I believe I did everything necessary to set up AD authentication in Startup.cs:
services.AddAuthentication(o =>
{
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
o.DefaultAuthenticateScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAD(options => Configuration.Bind("AzureAd", options))
.AddCookie();
I make sure I use the middleware:
app.UseAuthorization();
app.UseAuthentication();
When the app pops up in chrome browser, I got the following error:
An unhandled exception occurred while processing the request.
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action configureOptions).
My code shows both authenticationScheme and DefaultChallengeScheme setup, not sure why it cannot find those two schemes. anyone knows?
Nuget versions:
Microsoft.AspNetCore.Authentication (2.2.0)
Microsoft.AspNetCore.Authentication.AzureAD.UI (3.1.2)
Microsoft.AspNetCore.Authentication.OpenIdConnect (3.1.2)
Upvotes: 1
Views: 3917
Answers (2)
Reputation: 20067
As you are using OpenID Connect (OIDC) authentication, so invoke the AddOpenIdConnect method in the ConfigureServices method:
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.Authority = "https://login.microsoftonline.com/your_tenantId";
options.ClientId = "your_clientId";
});
And appsettings.json:
"AzureAd": {
"Domain": "xxx.onmicrosoft.com",
"Instance": "https://login.microsoftonline.com/",
"ClientId": "xxxxxxxxxxxxxxxx",
"TenantId": "xxxxxxxxxxxxxxxx",
"CallbackPath": "/signin-oidc"
}
In your Azure ad application registered, set redirect url with /signin-oidc.
Upvotes: 1
Reputation: 27538
You can modify your codes to :
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
AzureADDefaults.AuthenticationScheme will be used by default when a specific scheme isn't requested.
Also modify the middleware order :
app.UseAuthentication();
app.UseAuthorization();
To make sure the authentication middleware fires before authorization middleware .
Upvotes: 1
Related Questions
- Login not working using Azure Active Directory for ASP.NET Core app
- Azure Active Directory Auth with ASP.NET Core 6 MVC
- Azure AD Not Authenticating in .NET Core 3.1
- .Net Core Identity and Azure AD Authentication
- Authenticating through Azure Active Directory in a Web App
- Azure AD authentication for ASP.NET Core Web Application
- ASP.NET Core 2.0 AzureAD Authentication not working
- Azure AD Authentication for Asp.Net Core
- ASP.NET Core authentication with Azure Active Directory throws Bad Request
- Asp.net Core and Microsoft account authentication access denied