How can I get the Azure Active Directory's app roles inside ASP.NET Core MVC?
I created a new ASP.NET Core MVC 6.0 web application, and I defined it to use Microsoft Identity Platform for authentication, as follows:
Now I read this article which show how we can define different roles inside the AD app and assign users to them @
So I accessed the "ad" application inside Azure >> i added a role named "admins", as follow:-
But I am not sure how I can check this role ("admins") based on the login user inside my ASP.NET Core MVC web application? and can i use the [Authorized] attribute to check those roles? Can anyone help please?
Thanks
I agree with @Mohammad Hannan, the token you'll get will have those roles.
I tried to reproduce the same in my environment and got below results:
I created the application same as you and added App role like below:
You can assign this App role to users or groups like below:
Go to Azure Portal -> Azure AD -> Enterprise applications -> Your application -> Users and groups -> Add user/group
Now, add this API permission in application and make sure to grant admin consent like below:
I generated access token using client credentials flow via Postman like below:
POST https://login.microsoftonline.com/<tenantID>/oauth2/v2.0/token
client_id:<appID>
grant_type:client_credentials
scope: api://<appID/.default
client_secret: <secret>
Response:
When I decoded the above token in jwt.ms, I got roles claim successfully like below:
- How to tell when a self-hosted ASP.NET Core application is ready to receive requests?
- How to pass js function argument to inline c# in cshtml?
- C# HttpRequestMessage - Host ignores the Content-Type Header I send it and complains that I am sending the wrong Content Type
- User.Identity.IsAuthenticated is false in a non-auth methods after successful login in asp.net core
- InvalidOperationException: Cannot find compilation library location for package 'System.Security.Cryptography.Pkcs'
- How to validate uploaded files in ASP.Net MVC
- .Net Core [Authorize] - Or instead of And for permission test
- NSwag produces incorrect output for IFromFile in Minimal API when file parameter is wrapped in model class
- Get individual error messages from modelstate
- Property Injection in ASP.NET Core
- ASP.NET Core 3.1 Azure AD Authentication throws OptionsValidationException
- Confirm form resubmission - ASP.NET 5 MVC
- Serialise HTML Form with time/text input type and validation of time fields
- How to show loading progress while wasm part being loaded (.NET 8, no pre-render)
- How to merge multiple arrays from ASP.Net Core configuration files?
- ASP.NET Core EF Identity Roles while using JWT Bearer Scheme
- Pass the selected value of a dropdown in to a URL.Action so that a modal form is displayed on a button click
- Why I am getting Cascade delete cycle error when updating the database
- To have different session timeout for different users
- How to setup a beta versioning in Swagger endpoint?
- Is there a way to have dynamic regex strings in a RegularExpression attribute?
- Is there a way to have the Identity Library cookies be tied to the root domain?
- How to access Microsoft.AspNetCore.Routing namespace
- What is the difference between regular and Async methods (OnGet vs OnGetAsync)
- Changing property in Razor @ref component does not update its usage in HTML element
- Visual Studio Project doesn't load after changing folder name
- Web Push via Azure Notification Hubs: JSON value could not be converted to Microsoft.NotificationHubs.Contracts.LegacyModels.BrowserPushSubscription
- Unable to create new .NET Core projects in Visual Studio
- How to prevent the business logic present inside the Blazor SSR component's OnInitialized method from executing twice?
- How to fix Razor Pages CRUD Scaffolding Error