This article will discuss about implementing Authentication of ASP.NET Core MVC applications with Azure Active Directory B2C. Azure Active Directory B2C (Azure AD B2C) is a cloud identity management solution for web and mobile apps. The service provides authentication for apps hosted in the cloud and on-premises. I couldn’t find any documentation on how to use Azure AD B2C in ASP.NET Core MVC applications.
To get started first you need to create an Azure B2C tenant from Azure Portal. It is simple and straight forward.
Once it is completed. You need to create an ASP.NET Core MVC application. You can use
dotnet new mvc command or you can use new project option in Visual Studio. Next you need to create an App Registration. You can do it from App Registrations menu of Azure B2C.
If you’re using VS Code, set the Redirect URI as
https://localhost:5001/signin-oidc and if you’re using Visual Studio use the port number of your application assigned by Visual Studio. Next add two nuget packages to your project.
Microsoft.Identity.Web package includes the basic set of dependencies for authenticating with the Microsoft Identity platform. And the
Microsoft.Identity.Web.UI includes UI functionality encapsulated in an area named
Next add the following configuration settings in your appsettings.json file.
- For Domain, use the domain of your Azure AD B2C tenant.
- For ClientId, use the Application (client) ID from the app registration you created in your tenant.
- Leave all other values as they are.
Next modify the
ConfigureServices with the following code.
services.AddControllersWithViews(); code. And modify the
Configure method and add
endpoints.MapRazorPages(); in the
Now you’re ready to run the application. If you run the application now it will automatically will be redirected to Azure AD B2C login page. It may not be a good user experience. You can fix this removing the following code.
And create a partial view with the following code.
And modify the
_Layout.cshtml file and include the partial view in the header like this.
Now if you run the application you will be able to see Sign in button when you’re launching the app and when you click on Sign in you will be redirected to Azure B2C login page and you will be able to Sign in or Sign up. By default once you login, you will be able to see your email address. You can change it to name using the following code.
ValidateIssuer = false configuration you will get an exception like this.
And if you like to store the information of the logged in users, you can add code like this - this code will called once the user logged in to the application. And in the code sample I am reading the claims and saving the information to database using
In this blog post I explained how to use Azure B2C to login to an ASP.NET Core MVC application and store information about the user to the application database. Azure B2C offers customized user registration and login workflow and UI customization as well. It is called User flows. I will explain how to create User flows and how to use them in your ASP.NET Core MVC application.
Happy Programming :)