Azure A.D Authentication For MVC .Net Core Web Applications


Azure A.D (Active Directory) from Microsoft Azure (top tier cloud services Provider) is an access management for which helps users to get privileges to their resources to their Microsoft products like One Drive, Office or outlook etc. by registering a single account provider most commonly a Microsoft or outlook account. Azure A.D does not only provide access to Microsoft based services but can be used to authenticate with other platforms as well acting as a middleware for authentication in application platforms providing safety to user credentials.

Yes, there are other services for this purpose of management such as Oauth, Firebase, Facebook SDK or JSON web token etc. It is basically up to the developer to specify the middleware for authentication to their application or provide access to a database of some kind through a REST API (Application Programming Interface). For MVC .NET based application the standard of Microsoft Azure A.D is preferred because MVC applications are written in Microsoft’s very own C# which makes integration of libraries and packages easier as well as optimized performance for your C# App.

MVC (Model View Controller) base applications are separated into three parts the model basically known as the scheme or structure for your application. The controller which has all service workers to control actions in the application when a client requests something from the front end. Finally, we have the View which other users use to interact with our application. During the interactions of the View to the controller data is sent mostly through to the backend end (database) of the application so it is always the traditional standard to secure your backend with a middleware to know if the request or action is being sent by a valid user or not. That is why services such as Azure A.D are used since they have their own algorithms to check for validity of users or cryptographic features to assess that the payload (additional data) along the request is of suspicious intentions or not. 

For Adding Azure A.D authentication in your C# MVC.

  • MVC Web Application is made without any verification required.
  • Choose a project through “Solution Explorer”. “SSL Enabled” property is changed to “true” in Properties.
  • Web Config files are installed along with libraries to give access to Azure A.D.
  • “Startup.cs” file is made and the code below is implemented for configuration.
  • “AccountController” is then added with two methods Sign in and Sign out.
  • A folder for partial view named “LoginPartial.cshtml” is made for them two methods. Their code is given below.

Net Application to work as it acts like a special signature for your application to let Azure know which application is authorized to avail the service.  That is the approach to setting up Azure A.D authentication feature in your Application. 

We have discussed above the perks of using Azure A.D authentication for our MVC. Net core applications however these desktop-based applications set up in your local systems which are very likely to be exploited from outside resource but for web applications written in it is highly recommended to use a third-party security service such as Azure A.D. 

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − 9 =

You May Also Like