We are working on a Saas Application where UI part is an MVC application and it communicates with a Web API for authentication and data.
Currently, We have implemented login with individual accounts with ASP.NET Identity.
Now we are looking to add the login with Microsft Accounts and Azure AD account from multiple active directories.
I am thinking to implement The OWIN OpenID Connect Middleware but exactly not sure How same middleware can be used for Multiple Azure AD and Microsoft Account, as it requires a clientId which will be unique for each Azure AD application registration and for Microsoft account.
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = "c3d5b1ad-ae77-49ac-8a86-dd39a2f91081",
Authority =
"https://login.microsoftonline.com/DeveloperTenant.onmicrosoft.com",
PostLogoutRedirectUri = https://localhost:44300/
});
In above middleware code, I am not sure what to pass for clientId and authority so it works with Microsoft account as well as with multiple azure active directories.
You could use Azure AD V2.0 . Azure AD V2.0 supports both personal Microsoft accounts and work accounts from Azure Active Directory .
Please click here for more details about Azure AD V2.0 Endpoint . Here is a code sample using ASP.NET OpenId Connect OWIN middleware to enable sign in using both user's work/school account or Microsoft account.