I have an ASP.NET Core 5 MVC hosted in an Azure AppService.
I've use Azure AD to limit access to the app to specific set of users. This has been working fine without any Authentication code or configuration in the app.
Now I'm trying to use Azure AD App Roles to limit functionality per roles. I defined App Roles in Azure AD, and assigned them to different users.
Running the App, and going to ./auth/me
, I get the user access token the roles are showing as expected.
Now I thought I can only use the [Authorize(Roles = "SomeRole")]
on top of ASP.NET controller actions to control access.
First trial, I get the following error when invoking the controller action with the [Authorize]
attribute:
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
I can solve this error by adding the following call in the ConfigureServices
method:
services.AddMicrosoftIdentityWebApiAuthentication(Configuration);
But now trying to invoke the controller action I get the following error:
Access Denied, you are not Authorized.
So apparently I'm missing something to link the [Authorize]
attribute with the access token received, which has the correct roles.
Please advise.
CodePudding user response:
This has been working fine without any Authentication code or configuration in the app
Then I'm afraid you are using azure APP service
CodePudding user response:
I had the issue resolved by following the suggested resolution in this blog post.