CODEWITHSUNDEEP
asp.net-coreazure-active-directoryazure-ad-msal
Enzo Sambucetti
Enzo Sambucetti

Reputation: 25

AAD Authentication between client and .Net Core API

I m getting this error when I reach the API from the client. I use MSAL, and I can see in the request the token is load.

this is the error

Here is my startup configuration.

public void ConfigureServices(IServiceCollection services) { services.AddControllers();

        services.AddAuthentication(defaultScheme: AzureADDefaults.AuthenticationScheme)
        .AddAzureAD(options =>
        {
            options.ClientId = "example";
            options.TenantId = "example";
            options.ClientSecret = "example";
            options.Instance = "https://login.microsoftonline.com/";
        });

        services.AddCors(options =>
        {
            options.AddDefaultPolicy(
                builder =>
                {
                    builder.WithOrigins("https://localhost:5001", "http://localhost:5000")
                        .AllowAnyHeader()
                        .AllowAnyMethod()
                        .AllowCredentials()
                        .WithExposedHeaders("Content-Disposition");
                });
        });
    }
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        app.UseCors();

        //app.UseCors(options =>
        //{
        //    options.WithOrigins("https://localhost:5001", "http://localhost:5000")
        //        .AllowAnyHeader()
        //        .AllowAnyMethod()
        //        .AllowCredentials()
        //        .WithExposedHeaders("Content-Disposition");
        //});

        app.UseRouting();


        app.UseAuthentication();
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }

Upvotes: 0

Views: 97

Answers (1)

Enzo Sambucetti
Enzo Sambucetti

Reputation: 25

I solve the problem chaingin the Configure Services like this:

 services.AddAuthentication(defaultScheme: AzureADDefaults.JwtBearerAuthenticationScheme)
                .AddAzureADBearer(options =>
                {
                    options.Instance = Environment.GetEnvironmentVariable("AAD_INSTANCE");
                    options.TenantId = Environment.GetEnvironmentVariable("AAD_TENANT_ID");
                    options.ClientId = Environment.GetEnvironmentVariable("AAD_CLIENT_ID");
                    options.ClientSecret = Environment.GetEnvironmentVariable("AAD_CLIENT_SECRET");
                });

Upvotes: 0

Related Questions