Azure App Services User Claims AAD Missing ObjectId
Question
I'm in the process of migrating from Azure Mobile Services to App Services and currently struggling to find the AAD User objectidentifier with the new OWIN authentication configured in Startup.MobileApp.cs . `
MobileAppSettingsDictionary settings = config.GetMobileAppSettingsProvider().GetMobileAppSettings();
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
TokenValidationParameters = new TokenValidationParameters { ValidAudience = ConfigurationManager.AppSettings["MS_AadClientID"]},
Tenant = ConfigurationManager.AppSettings["MS_AadTenants"]
});
Previously I was looking for:
claim.Type.Contains("urn:microsoft:credentials")
but none of the Claims on the User.Identity provide an objectidentifier. Claims
The objectidentifier is available on https://myapp.azurewebsites.net/.auth/me .
{"typ":"http:\/\/schemas.microsoft.com\/identity\/claims\/objectidentifier",
"val":"xxxxxxxx-xxxx-xxxx-xxxxx-xxxxxxxxxxxx"}
Does anybody know if it's possible to access the value without making a call to the URL?
Thanks,
Viv
1 answers
solution1
0 2016-11-22 08:56:40
After digging through both the iOS and .NET server code , I found a method in the Microsoft.Azure.Mobile.Server.Authentication IPrincipalExtensions class.
by making a call to user.GetAppServiceIdentityAsync<AzureActiveDirectoryCredentials>(request); you can get the AzureActiveDirectoryCredentials.ObjectId .
Be warned though as this is not available if you authenticate directly through the webservice.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.