Skip to content

Instantly share code, notes, and snippets.

@shammelburg

shammelburg/asppsettings.json

Created February 16, 2018 09:48
Show Gist options
  • Save shammelburg/534cbd43581b68f91face29b0a28e614 to your computer and use it in GitHub Desktop.
Save shammelburg/534cbd43581b68f91face29b0a28e614 to your computer and use it in GitHub Desktop.
Download ZIP
Azure AD SecurityGroup Setup
Raw
asppsettings.json
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "Directory.onmicrosoft.com",
"TenantId": "Dictory ID",
"ClientId": "Application ID",
"CallbackPath": "/signin-oidc"
},
//
}
Raw
controller.cs
[Authorize(Policy = "Admins")]
public IActionResult About()
{
ViewData["Message"] = "Your application description page.";
return View();
}
[Authorize(Policy = "PolicyTest")]
public IActionResult Contact()
{
ViewData["Message"] = "Your contact page.";
return View();
}
Raw
registeredApp.json
// Manifest File
{
//
"groupMembershipClaims": "SecurityGroup",
//
}
Raw
startup.cs
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAd(options => Configuration.Bind("AzureAd", options))
.AddCookie();
services.AddAuthorization(options =>
{
options.AddPolicy("Admins", policyBuilder => policyBuilder.RequireClaim("groups", "ObjectID"));
options.AddPolicy("PolicyTest", policyBuilder => policyBuilder.RequireClaim("groups", "ObjectID"));
});
app.UseAuthentication();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment