Hello,
I have a Blazor WASM + Maui Blazor project + API project in which I have implemented the login through a Microsoft account. I also use OpenIDDict
The logout process is done by calling the following code:
MAUI Blazor:
NavigationManager.NavigateToLogout("/account/logout");
Blazor Web App:
NavigationManager.NavigateToLogout("/authentication/logout");
In both cases, it logs me out of my application, but it does not log me out of Microsoft Entra. This means that when the users tries to log in again through Microsoft Entra, they're automatically logged back in with the same account.
Should the logout process of Abp.IO also send a logout request to my Microsoft Entra account, or do I need to do some extra steps?
Thanks!
Check the docs before asking a question: https://abp.io/docs/latest Check the samples to see the basic tasks: https://abp.io/docs/latest/samples The exact solution to your question may have been answered before, and please first use the search on the homepage.
I am attempting to implement two Microsoft Entra accounts for single-sign in. I am using two calls to AddMicrosoftAccount
var authBuilder = context.Services.AddAuthentication();
var tenantUrl = configuration["AzureEntraMembers:MicrosoftLoginUrl"];
tenantUrl = tenantUrl.TrimEnd('/');
authBuilder.AddMicrosoftAccount(PSACAuthenticationSchemes.MembersEntra, options =>
{
options.ClientId = configuration["AzureEntraMembers:ClientId"]!;
options.ClientSecret = configuration["AzureEntraMembers:ClientSecret"]!;
options.CallbackPath = "/signin-microsoft";
options.AuthorizationEndpoint = $"{tenantUrl}/oauth2/v2.0/authorize";
options.TokenEndpoint = $"{tenantUrl}/oauth2/v2.0/token";
options.ClaimActions.MapCustomJson("picture", _ => "[https://graph.microsoft.com/v1.0/me/photo/$value");](https://graph.microsoft.com/v1.0/me/photo/$value");)
options.SaveTokens = true;
});
var staffTenantUrl = configuration["AzureEntraWorkforce:MicrosoftLoginUrl"];
staffTenantUrl = staffTenantUrl.TrimEnd('/');
authBuilder.AddMicrosoftAccount(PSACAuthenticationSchemes.WorkforceEntra, options =>
{
options.ClientId = configuration["AzureEntraWorkforce:ClientId"]!;
options.ClientSecret = configuration["AzureEntraWorkforce:ClientSecret"]!;
options.CallbackPath = "/signin-microsoft-workforce";
<br>
if (!string.IsNullOrEmpty(staffTenantUrl))
{
options.AuthorizationEndpoint = $"{staffTenantUrl}/oauth2/v2.0/authorize";
options.TokenEndpoint = $"{staffTenantUrl}/oauth2/v2.0/token";
}
options.SaveTokens = true;
});
What happens: it works when I test on localhost, but as soon as I deploy on Azure I get a 404 error when calling /signin-microsoft-workflow. The page displays the error: The resource you are looking for has been removed, had its name changed, or is temporarily unavailable. The weird thing is that my other SSO (callback url: /signin-microsoft) works.
I have verified that my App Registration callbacks are properly configured.
Can you provide me possible causes why I get an error only on /signin-microsoft-workforce callback?
