Set up
We have an ASP.NET MVC 5 website and is hosted internally. Also we have a SharePoint online service portal, hosted in the cloud which is our Company Portal. SharePoint portal uses Active Directory to authenticate users via ADFS.
Objective
To avoid multiple Username and Password prompt/Entry, we would like to use the SharePoint's authentication to our MVC website. Basically, pass the authenticated sharepoint user to our MVC website.
Requirement
Our requirement is to have a link [We have created a Tile in SharePoint portal, assigned its URL to MVC website] which directs to our MVC application in SharePoint portal. So that once a User Authenticates himself to SharePoint online service, he will be able to go to the MVC website by clicking the link/Tile; the authenticated user is passed to our MVC website. Then MVC website itself should take the user and allows access to the MVC website according to the privilege given to AD Group/users of an Organizational Unit.
We would want the user to access SharePoint Portal first before to access the MVC website, which essentially means nobody can come directly to the MVC Site.
We want the users to access this MVC website from any channels; from Intranet to Internet and from Desktop to Mobile.
Research
We found that under Claim-Based-Authentication (CBA), SharePoint to pass a token to our MVC 5 website subsequently will allow access to our MVC site. How am I to capture this token from MVC website?
I have little knowledge in such implementation and would welcome any advice on how should I proceed.
or
Should there be an alternative way to implement other than CBA, pls. share with me.
My Research also covers the following but it haven't covered all. This