- ABP Framework version: v4..3.0
- UI type: Blazor
- DB provider: EF Core
- **Tiered (MVC) **: yes
I am managed to integrate Azure AD with ABP and Blazor UI.
What I want is to get more properties from Azure AD like "Groups" and "Managed By" and get access to them in ABP "CurrentUser" shared property.
How do I do this task?
2 Answer(s)
-
0
I guess it is enterprise feature since i couldn't find any group management or related claim management in my personal azure account. Since it is not related with ABP, you can find better answers asking this question in stackoverflow. It should help better about Azure Active Directory specific questions.
But logic should be adding the scope to application in Azure Portal application management and requesting the scope here in openid connection configuration: <br>
.AddOpenIdConnect("AzureOpenId", "Azure AD OpenId", options => { options.Authority = "[https://login.microsoftonline.com/](https://login.microsoftonline.com/)" + configuration["AzureAd:TenantId"] + "/v2.0/"; options.ClientId = configuration["AzureAd:ClientId"]; options.ResponseType = OpenIdConnectResponseType.CodeIdToken; options.CallbackPath = configuration["AzureAd:CallbackPath"]; options.ClientSecret = configuration["AzureAd:ClientSecret"]; options.RequireHttpsMetadata = false; options.SaveTokens = false; options.GetClaimsFromUserInfoEndpoint = true; options.Scope.Add("email"); options.Scope.Add(ClaimTypes.Groups); //Whatever the claim is options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub"); options.Events.OnTokenValidated = async ctx => { var claimsFromOidcProvider = ctx.Principal?.Claims.ToList(); // check here for returned claims await Task.CompletedTask; }; });
Check the logs, if you come across any error. It will be either the scope you requested in openid configuration is invalid (invalid_scope) or the scope you request is not allowed for the application (that you need to fix in Azure portal).
Check adding custom claims to current user question about how to add newly acquired claim.
-
0
This question has been automatically marked as stale because it has not had recent activity.