locked
Getting User Role from Azure RRS feed

  • Question

  • User-862686929 posted

    Hi,

    I created a simple Asp.net web application project and published it on Azure using Azure Web App service, I have also set up the authentication but I did it from Azure. In Azure web app you get the option to set authentication using azure Ad. In my app there is  no code for any authentication. Is there a way through which i can get the role of the user which logged-in in my app. I have searched but i am not able to find it. I was able to do it when i set the authentication process through code but i don't want to do it that way. Is there some way i could do it without writing the authentication code in my app?  

    Wednesday, February 21, 2018 6:33 AM

All replies

  • User283571144 posted

    Hi Race12,

    I created a simple Asp.net web application project and published it on Azure using Azure Web App service, I have also set up the authentication but I did it from Azure. In Azure web app you get the option to set authentication using azure Ad. In my app there is  no code for any authentication. Is there a way through which i can get the role of the user which logged-in in my app. I have searched but i am not able to find it. I was able to do it when i set the authentication process through code but i don't want to do it that way. Is there some way i could do it without writing the authentication code in my app?  

    As far as I know, if you enable the azure easy auth for your azure web app.

    About how to enable the azure easy auth, you could refer to below article.

    https://docs.microsoft.com/en-us/azure/app-service/app-service-mobile-how-to-configure-active-directory-authentication 

    Then you could directly get the user's access token.

    The user's access token is in the user's request header.

    X-MS-TOKEN-{yourenabledauthtype:facebook,azureAD,googel..}-ACCESS-TOKEN

    If you have the user access token, you could use this token send request to azure AD graph API to get the user role.

    More details about how to use access token to access azure AD graph API, you could refer to below article.

    http://cgillum.tech/2016/03/25/app-service-auth-aad-graph-api/

    Azure AD Graph API user role membership:

    https://msdn.microsoft.com/zh-tw/library/azure/ad/graph/api/users-operations#GetUsersMemberships 

    Best Regards,

    Brando

    Thursday, February 22, 2018 8:10 AM