admin管理员组文章数量:1245119
I am adding Entra ID authentication to an existing ASP.NET Core web app and Web API with standard identity authentication.
Authentication is working. Calling a method on my API using DownstreamApi.CallApiForUserAsync is also working, but only if I set OpenId Connect as the default auth scheme.
When it is not the default auth scheme, then I get an error
Cannot determine the cloud Instance. The provided authentication scheme was ''. Microsoft.Identity.Web inferred 'Identity.Application' as the authentication scheme.
How do I specify the authentication scheme?
Relevant code (with variable and method names changed) - Startup:
builder.Services.AddAuthentication(/*OpenIdConnectDefaults.AuthenticationScheme*/)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(
builder.Configuration.GetSection("X:Scopes").Get<string[]>()
)
.AddInMemoryTokenCaches()
.AddDownstreamApi("X", builder.Configuration.GetSection("X"));
Controller method calling API:
[Authorize(AuthenticationSchemes = OpenIdConnectDefaults.AuthenticationScheme)]
[AuthorizeForScopes(ScopeKeySection = "X:Scopes")]
public async Task<string> GetSomething()
{
HttpResponseMessage response = await _downstreamApi.CallApiForUserAsync("X", options =>
{
options.RelativePath = "path/Something";
});
...
}
If the parameter is provided in the call to AddAuthentication, it works, if not, I get the error mentioned above.
I am adding Entra ID authentication to an existing ASP.NET Core web app and Web API with standard identity authentication.
Authentication is working. Calling a method on my API using DownstreamApi.CallApiForUserAsync is also working, but only if I set OpenId Connect as the default auth scheme.
When it is not the default auth scheme, then I get an error
Cannot determine the cloud Instance. The provided authentication scheme was ''. Microsoft.Identity.Web inferred 'Identity.Application' as the authentication scheme.
How do I specify the authentication scheme?
Relevant code (with variable and method names changed) - Startup:
builder.Services.AddAuthentication(/*OpenIdConnectDefaults.AuthenticationScheme*/)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(
builder.Configuration.GetSection("X:Scopes").Get<string[]>()
)
.AddInMemoryTokenCaches()
.AddDownstreamApi("X", builder.Configuration.GetSection("X"));
Controller method calling API:
[Authorize(AuthenticationSchemes = OpenIdConnectDefaults.AuthenticationScheme)]
[AuthorizeForScopes(ScopeKeySection = "X:Scopes")]
public async Task<string> GetSomething()
{
HttpResponseMessage response = await _downstreamApi.CallApiForUserAsync("X", options =>
{
options.RelativePath = "path/Something";
});
...
}
If the parameter is provided in the call to AddAuthentication, it works, if not, I get the error mentioned above.
- What does your appsettings.json look like? – Conrad Lotz Commented Feb 17 at 17:00
- The Microsoft.Identity.Web package is a Microsoft specific client built on top on the ASP.NET Core OpenID Connect client with some changes to the default client. Microsoft Entra ID is an implementation of OpenId Connect. Please see this link for more info on this package: learn.microsoft/en-us/aspnet/core/security/authentication/…. – SoftwareDveloper Commented Feb 17 at 19:14
1 Answer
Reset to default 0You could read this document for Microsoft.Identity.Web
it requires OpenIdConnectDefaults.AuthenticationScheme as parameter
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
If you want to specify the authentication scheme,you may try:
services.AddAuthentication("MyAuthenticationScheme")
.AddMicrosoftIdentityWebApp(Configuration,
openIdConnectAuthenticationScheme: "MyAuthenticationScheme");
版权声明:本文标题:c# - .NET Core : Calling DownstreamApi.CallApiForUserAsync with non-default authentication scheme - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1740142569a2231176.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论