Use standard Active Directory in ASP.NET Core app?

Question

I am creating a new ASP.NET Core 1.0 app. One of the requirements is to use Active Directory for user authentication. Unfortunately our organization only uses the "old" Active Directory. We do not use Azure Active Directory at all.

When I create a new project in Visual Studio 2015, there is no option for this under "Change Authentication":

What's the best way to do this?

Answer 1

It's currently not possible.

ASP.NET Core only has support for OpenID Connect OIDC. Current ADFS versions, which is what you need to do single organisation on premises only support WSFed,, which is not yet implemented in Core and is unlikely to be implemented in Core by RTM. ADFS also supports OAuth, but the AAD team, who write the code for that piece have been concentrating on OIDC.

Answer 2

ASP.NET Core 1.0 RC2 can leverage Windows Authentication. The following code will get you access to the AD user identity object in the Configure() function. I have not discovered an elegant way to map this identity to Microsoft.AspNetCore.Identity authorizations in ApplicationDbContext yet.

    app.Use(async (context, next) =>
    {
            var identity = (ClaimsIdentity) context.User.Identity;
            await next.Invoke();
    });

I have posted a similar question that you may want to follow: Best practice for storing ASP.NET Core Authorization claims when authenticating users against Active Directory?