locked
Azure AD + database authentication RRS feed

  • Question

  • User446457093 posted

    I create an Asp.Net Core 3 Blazor WASM app for my work. App users are stored in Azure AD. User roles and claims are stored in the database on premise MSSQL server. I use Azure AD authentication then I need to retrieve user roles and claims. I created a middleware which queries the database for roles and claims on each request and I put this middleware right after useAuthentication().

    I would like to stop abusing the database server with each request. I'd like to make that the app queried the database for roles and claims only once, then stored this data on the client as JWT or cookie. With each request, after Azure AD authentication, checked if the user has got particular roles and claims. If he has, then used them for authorization. If he doesn't have then queried the database. In case of positive query result stored the roles and the claims on the client. In case of negative query result refused to authorizate.

    Is this possible? Maybe some hints? Or it's a wrong idea and must be done somehow quite differently? I'm very fresh on Asp.Net Core, the Identity library, authentication and authorization stuff seem to be so broad, deep and complicated, whenever I try to find the answer in microsoft.docs I quickly lose the path.

    Saturday, November 7, 2020 6:44 AM

All replies