Home > Software design >  How to use the Authorize attribute for RBAC with Azure AD?
How to use the Authorize attribute for RBAC with Azure AD?

Time:01-06

I have an ASP.NET Core 5 MVC hosted in an Azure AppService.

I've use Azure AD to limit access to the app to specific set of users. This has been working fine without any Authentication code or configuration in the app.

Now I'm trying to use Azure AD App Roles to limit functionality per roles. I defined App Roles in Azure AD, and assigned them to different users.

Running the App, and going to ./auth/me, I get the user access token the roles are showing as expected.

Now I thought I can only use the [Authorize(Roles = "SomeRole")] on top of ASP.NET controller actions to control access.

First trial, I get the following error when invoking the controller action with the [Authorize] attribute:

InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.

I can solve this error by adding the following call in the ConfigureServices method:

services.AddMicrosoftIdentityWebApiAuthentication(Configuration);

But now trying to invoke the controller action I get the following error:

Access Denied, you are not Authorized.

So apparently I'm missing something to link the [Authorize] attribute with the access token received, which has the correct roles.

Please advise.

CodePudding user response:

This has been working fine without any Authentication code or configuration in the app

Then I'm afraid you are using azure APP service enter image description here

CodePudding user response:

I had the issue resolved by following the suggested resolution in this blog post.

Page link:https//www.codepudding.com/Softwaredesign/663601.html

Prev:Form Submission with two buttons
Next:how to change my app's target API level from 29 to 31 in ionic android
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding