I'm in the process of migrating from Azure Mobile Services to App Services and currently struggling to find the AAD User objectidentifier with the new OWIN authentication configured in Startup.MobileApp.cs
. `
MobileAppSettingsDictionary settings = config.GetMobileAppSettingsProvider().GetMobileAppSettings();
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
TokenValidationParameters = new TokenValidationParameters { ValidAudience = ConfigurationManager.AppSettings["MS_AadClientID"]},
Tenant = ConfigurationManager.AppSettings["MS_AadTenants"]
});
Previously I was looking for:
claim.Type.Contains("urn:microsoft:credentials")
but none of the Claims on the User.Identity
provide an objectidentifier. Claims
The objectidentifier is available on https://myapp.azurewebsites.net/.auth/me
.
{"typ":"http:\/\/schemas.microsoft.com\/identity\/claims\/objectidentifier",
"val":"xxxxxxxx-xxxx-xxxx-xxxxx-xxxxxxxxxxxx"}
Does anybody know if it's possible to access the value without making a call to the URL?
Thanks,
Viv
After digging through both the iOS and .NET server code , I found a method in the Microsoft.Azure.Mobile.Server.Authentication IPrincipalExtensions
class.
by making a call to user.GetAppServiceIdentityAsync<AzureActiveDirectoryCredentials>(request);
you can get the AzureActiveDirectoryCredentials.ObjectId
.
Be warned though as this is not available if you authenticate directly through the webservice.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.