Reputation: 51
Replace basic authentication with Azure AD authentication in Web API
I have a Web API that used basic authorization to access the Web API from front end. So we used to pass Authorization header from Frontend Application that contains user login and password in encrypted form and sent to WEB API, where we read authorization header and fetch user login details(UserName, Password) and validate user credentials from Active directory. Now we are implementing Azure AD integration and we are not able to send user password in Authorization header. So API fails to validate user credentials and it break the flow. Also I am getting httpcontext.current.user as null.see below code
public class UserdataController : ApiController { private readonly KMMContext db = new KMMContext(HttpContext.Current?.User?.Identity?.Name ?? "");
Upvotes: 0
Views: 770
Answers (1)
Reputation: 3332
You'll need to use MSAL.
A good starting point is here https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-overview
Some examples can also be found here. This one is for a javascript/nodejs client since it was not mentioned which frontend framework was used. https://github.com/Azure-Samples/active-directory-javascript-nodejs-webapi-v2
Basically your WebAPI will now be receiving a JWT token instead of the user credentials.
Upvotes: 0
Related Questions
- How to Authenticate Azure AD users?
- Azure AD Authentication with .NET Core Web API
- ASP.NET Core Web API + Azure AD Authentication
- Azure Active Directory Token
- Authenticating External System Connections to Web API with Azure AD
- Authenticating a user in Azure AD through a web api?
- Using Azure Active Directory authentication in ASP.NET Core 2.0 from Web App to Web API
- Web API authentication using OAuth 2.0 token and Azure Active Directory (Without Authentication Server)
- Authentication for web api using azure AD
- How can I use AAD for an Azure version of "Windows Authentication" from a Web App to a Web API App?