stackoom
  简体   繁体   中英

Azure AD B2C Single Sign-On Implementation

 原文  2016-04-22 06:14:02       c#/ asp.net-mvc/ azure/ single-sign-on/ azure-active-directory

Question

I am implementing Authentication using Azure AD in C# MVC 5.0 application. I've created Azure AD B2C tenant , My tenant is having three application registered in it.

I would like to implement Single Sign-on so if user is logged in any one of one application he will be directly logged in other applications as well.

I tried to find solutions on the web but found no clear help on how I can start with it and implement.

Any help from the community would be appreciated. Thanks in Advance.

2 answers

solution1
 2  2016-04-22 07:02:28

if user is logged in any one of one application he will be directly logged in other applications as well

Logging into one of applications doesn't make the user automatically logged in in other applications. This happens only after the user browses to the application and the SSO protocol takes control over the browser for the handshake sequence.

From the user perspective this doesn't make any difference. They navigate to any of your apps and they are logged in, they usually don't even notice the redirect/response sequence.

Think in terms of a ticket office in a movie theater (the SSO identity provider, Azure in your case) and multiple entrances to the theater (your applications). Buying a ticket (loggin in the identity provider) doesn't automatically make all ticket inspectors aware (you are not automatically logged in everywhere). Rather, when you approach particular entrance and you show your ticket, the particular ticket inspector accepts the ticket and you are allowed to enter (you log into one of applications and it accepts the token from the identity provider) without other inspectors noticing (other applications are not aware you just logged in somewhere).

As for the technical part, Azure implements both OAuth2 and WS-Fed protocols. You can find numerous tutorials on how to integrate a web app using either of the two. If you need assistance in specific technical issues, feel free to create new specific questions. Remember only to focus on specific issues, questions about possible recommendations ( Should I rather use OAuth2 or WS-Fed? or Which specific client library should I use for OAuth2? ) don't quite fit here and are likely to be closed.

solution2
 1  2016-04-22 06:41:27

If you have browser session cookies then you should be able to get SSO across all the app. You should also consider using Microsoft Authentication Library (MSAL) available at https://www.nuget.org/packages/Microsoft.Identity.Client . This library is still under preview.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Sign in with Azure AD B2C to Xamarin Android app Azure AD B2C - Wrong URL Azure AD B2C - Role management Azure Graph with B2C AD .Net Core 3.1 - how to generate Sign Up link for Azure AD B2C? Cannot get web app to redirect to Azure AD B2C Sign in Page Azure AD B2C - custom sign up page, email verification Azure AD B2C updating users sign in names results in error how to get Azure AD b2c sign-in logs through Microsoft Graph programatically How to use an azure ad b2c sign in policy on web app start up?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM