A noob question on the way.
I have developed Azure Ad authentication for a Web APi using the example from Git site [https://github.com/Azure-Samples/ms-identity-aspnet-webapi-onbehalfof/tree/master/TodoListService] I have been facing an issue with Azure Ad authentication. Please find the code below.
Action method from Controller1 class.
public class HospitalsController : ApiController
public async Task<IEnumerable<hospitals>> GetAll()
//return data;....
My startup.auth.cs file
public partial class Startup
string clientId = System.Configuration.ConfigurationManager.AppSettings["ClientId"];
string redirectUri = System.Configuration.ConfigurationManager.AppSettings["RedirectUri"];
static string tenant = System.Configuration.ConfigurationManager.AppSettings["Tenant"];
string authority = String.Format(System.Globalization.CultureInfo.InvariantCulture, System.Configuration.ConfigurationManager.AppSettings["Authority"], tenant);
public void ConfigureAuth(IAppBuilder app)
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
Tenant = tenant,
TokenValidationParameters = new TokenValidationParameters { SaveSigninToken = true, ValidAudience = "clientid" }
public static class WebApiConfig
public static void Register(HttpConfiguration config)
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
config.Filters.Add(new ExceptionHandlingAttribute());
When ever i am calling a action method/api method call from hospital controller by passing token getting the error as "Authorization has been denied for this request."
Can some one help me here ?.
Please add any comments if any addition info required ?
Thanks in advance.
It was a blunder mistake from my side.
I had to add a few lines of code inside the "PmAuthorize" attribute to give roles for the user.
That gave me answer.