Open Closed

Azure AD and Blazor with Custom User Properties #1310


User avatar
0
smutairi created
  • ABP Framework version: v4..3.0
  • UI type: Blazor
  • DB provider: EF Core
  • **Tiered (MVC) **: yes

I am managed to integrate Azure AD with ABP and Blazor UI.

What I want is to get more properties from Azure AD like "Groups" and "Managed By" and get access to them in ABP "CurrentUser" shared property.

How do I do this task?


2 Answer(s)
  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    I guess it is enterprise feature since i couldn't find any group management or related claim management in my personal azure account. Since it is not related with ABP, you can find better answers asking this question in stackoverflow. It should help better about Azure Active Directory specific questions.

    But logic should be adding the scope to application in Azure Portal application management and requesting the scope here in openid connection configuration: <br>

    .AddOpenIdConnect("AzureOpenId", "Azure AD OpenId", options =>
    {
        options.Authority = "[https://login.microsoftonline.com/](https://login.microsoftonline.com/)" + configuration["AzureAd:TenantId"] +
                            "/v2.0/";
        options.ClientId = configuration["AzureAd:ClientId"];
        options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
        options.CallbackPath = configuration["AzureAd:CallbackPath"];
        options.ClientSecret = configuration["AzureAd:ClientSecret"];
        options.RequireHttpsMetadata = false;
        options.SaveTokens = false;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.Scope.Add("email");
        options.Scope.Add(ClaimTypes.Groups); //Whatever the claim is
    
        options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
    
        options.Events.OnTokenValidated = async ctx =>    {
            var claimsFromOidcProvider = ctx.Principal?.Claims.ToList();
            // check here for returned claims
            await Task.CompletedTask;
        };
    });
    

    Check the logs, if you come across any error. It will be either the scope you requested in openid configuration is invalid (invalid_scope) or the scope you request is not allowed for the application (that you need to fix in Azure portal).

    Check adding custom claims to current user question about how to add newly acquired claim.

  • User Avatar
    0
    ServiceBot created
    Support Team Automatic process manager

    This question has been automatically marked as stale because it has not had recent activity.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09