stackoom
  简体   繁体   中英

How to authenticate user with Azure Active Directory using OAuth 2.0?

 原文  2015-02-18 10:08:31       c#/ authentication/ azure/ oauth-2.0/ azure-active-directory

Question

I have a REST API written in C# and I need to authenticate with an existing Azure AD service. I currently have the username and password of the user wishing to authenticate. I need to authenticate with Azure AD and receive an access token from the server.

Can someone please point me in the direction of some articles/tutorials that explain how to do this?

2 answers

solution1
 18  2015-02-19 02:33:16

You should avoid handling the users credentials. There are serious security implications when collecting a users credentials that are mitigated by using OAuth 2.0 or OpenID Connect to get a token without directly handling the credentials. Also, if you have your own credential collection UI then you may find that sign in fails in the future if multi-factor authentication is turned on. In that case, more information may be necessary to authenticate the user than you are collecting, a one time password for instance. If you allow Azure AD to present the authentication experience via OAuth 2.0 or OpenID Connect, then you are insulated from the specific authentication method being employed. Collecting the users Azure AD credentials is a bad practice to be avoided if at all possible.

I don't have enough detail on the exact scenario to be confident that the following sample applies, but it will at least provide a good starting point. This sample shows how to create a native app that calls a REST API that can then call an Azure resource in the safest way possible.

https://github.com/AzureADSamples/WebAPI-OnBehalfOf-DotNet

You can find lots of other samples here that can be used to construct a solution for your particular scenario.

https://github.com/AzureADSamples

If you provide some more detail I can give more specific guidance.

solution2
 4  2016-02-17 02:44:23

See: http://www.cloudidentity.com/blog/2014/07/08/using-adal-net-to-authenticate-users-via-usernamepassword/

Summary: Create a UserCredential 

UserCredential uc = new UserCredential(user, password);

Call one of the AcquireToken() functions with the UserCredential 

public AuthenticationResult AcquireToken(string resource, string clientId, UserCredential userCredential);
public Task<AuthenticationResult> AcquireTokenAsync(string resource, string clientId, UserCredential userCredential);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to authenticate user against Azure Active Directory Using Azure Active Directory OAuth with Identity Model in ASP.NET Core 2.0 How to properly authenticate user against Active Directory? How to authenticate current user with Active Directory? Using OAuth to connect to a Windows Azure Active Directory How to integrate swagger with Azure Active Directory OAuth How to Authenticate User with password for Azure Active Directory from a desktop client without registering client Authenticate against a user in active directory? How to add the external user in azure active directory using graph api How to authenticate with Azure Active Directory programatically in a Connect App for Business Central?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM