[英]How can I configure an ASP.NET MVC Core 6 web app to use two different Azure AD tenants as authentication authorities?
I have an ASP.NET MVC Core 6 web app that is hosted on an on-premises server.我有一个托管在本地服务器上的 ASP.NET MVC Core 6 Web 应用程序。 We have two different Azure tenants.
我们有两个不同的 Azure 租户。 It is straightforward enough to add authentication to a single tenant to allow users to login to the web app.
向单个租户添加身份验证以允许用户登录 Web 应用程序非常简单。 I have a new requirement to allow users from another tenant to also login to the app.
我有一个新要求,允许另一个租户的用户也登录到该应用程序。 How can I add in two Azure AD authorities?
如何添加两个 Azure AD 权限?
I have seen some samples on how to add multiple authentication authorities, but they are always different ones (login with Azure and login with Google, for example) and not two Azure.我看过一些关于如何添加多个身份验证机构的示例,但它们总是不同的(例如,使用 Azure 登录和使用 Google 登录)而不是两个 Azure。
you need to add two AddOpenIDConnect handlers, give them different names您需要添加两个 AddOpenIDConnect 处理程序,给它们不同的名称
.AddOpenIdConnect("oidc1", options => { });
.AddOpenIdConnect("oidc2", options => { });
Then give each one different callback paths, like:然后给每一个不同的回调路径,比如:
options.CallbackPath = "/signin-oidc1";
options.CallbackPath = "/signin-oidc2";
and as well还有
SignedOutCallbackPath = "/signout-callback-oidc1";
SignedOutCallbackPath = "/signout-callback-oidc2";
That is a good starting point.这是一个很好的起点。 Then you use one of the following to choose how the user should authenticate.
然后使用以下选项之一来选择用户应如何进行身份验证。
HttpContext.ChallengeAsync("oidc1");
HttpContext.ChallengeAsync("oidc2");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.