Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

  • Blaž Lozej 5 posts 75 karma points
    Mar 23, 2022 @ 12:37
    Blaž Lozej

    External member login via azure ad and jwt bearer token

    Hello, I have been developing an app on Umbraco 9.3 that uses Azure AD as external login provider. Everything works on the backoffice side, and users (backoffice users) can login directly via Azure AD. I have used authBuilder.AddOpenIdConnect extension method to achive this.

    I am having trouble integrating Azure AD for frontend users, so members via JWT tokens. I have tried using the below code but the requests with auth header set to Bearer + token, do not get authenticated.

    builder.AddMemberExternalLogins(loginsBuilder => { loginsBuilder.AddMemberLogin(authBuilder => { authBuilder.AddJwtBearer(scheme, options => { options.Audience = azureAdConfig.Audience; options.Authority = "{tenantId}/"; }); }); });

    I have tested this setup in a simple .net5 api project and the requests get authenticated without a problem.

    I need to authenticate mebmers via JWT, becouse we are preparing a solution where the frontend is written in Angular and umbraco serves data via graphql.

    Any help would be great :)

  • Justin Spradlin 139 posts 347 karma points
    Apr 04, 2022 @ 02:21
    Justin Spradlin

    I am running into the same issue on 9.4.1. Have you had any luck figuring this out? On my system it looks like when I make an API call from the client using the JWT Bearer token, the Umbraco system tries to redirect my user with a 302 to /Account/Login which does not exist.

  • Justin Spradlin 139 posts 347 karma points
    Apr 04, 2022 @ 03:06
    Justin Spradlin

    I was just able to get my user to login using the JWT token. I had to set the default authentication scheme to "Bearer".

    You would need that to match whatever sheme you are registering with your call to AddJwtBearer. I think it is also "Bearer" but I am not 100% sure. I am using Azure AD B2C and the default scheme for AddMicrosoftIdentityWebApi is "Bearer".

       builder.Services.AddAuthentication(auth =>
         auth.DefaultAuthenticateScheme = "Bearer";
Please Sign in or register to post replies

Write your reply to: