I'm creating an application for a company. Every user is going to exist within AzureAD, so I'm going to authenticate with Microsoft for these users to login to the app.
This is my current logic flow:
- User authenticates with MSAL on frontend
- This is sends token to backend
- Backend authenticates the token and creates a user if it doesn't already exist.
- All requests to the backend become authenticated via token from MSAL.
I can't find a tutorial on how to do this. Also, is there a better way to do this?
Stack: React/.Net Core/Sql Server
This MS doc is a great reference to start with.
Backend authenticates the token and creates a user if it doesn't already exist.
I think the one way you get authenticated if you are a new user is via the Signup flow.
Way I do for my SAAS
Get and send user details from the UI form to API and in API do your business validations if there are any, then create the user in Entra ID using Graph API.
I prefer this way as I have data consistency about user accounts in DB and AD.