Azure AD Web Api Authentication Multitenant | .Net6 Web API Azure AD Multi Tenant Authentication

Azure AD Web Api Authentication Multitenant | .Net6 Web API Azure AD Multi Tenant Authentication | Azure AD Multi Tenant Authentication | Multi Tenant Authentication Web Api Azure AD | Authenticate Web API with multiple Azure Accounts | .Net Core 6 Azure AD multi tenant Authentication ========================================= .Net6 Web Api Azure AD Multi Tenant authentication and authorization is demonstrated in this video with example. It is super easy to implement multi tenant authentication and authorization in .Net core using Azure AD/Microsoft Entra ID. To Implement multi tenant authentication we need to have multiple tenants. In this video I have used Two Azure AD active directory tenants. First step is to create the app registrations in each Azure directory. Then go to expose an API section and add a scope. If you have roles you can add it in app roles section. You have to configure these in multi tenants. i.e in all the tenants that you want to include as part of your Web API Azure AD authentication. Please make a note of Application Id Uri and tenant details. In .Net 6/.Net Core Web API project install Microsoft.AspNetCore.Authentication.JwtBearer.dll so AddJwtBearer method will be available. In app settings.json file, you have to configure multi tenants (in this example two tenants) Issuer, Authority and Audience details. This you can get from Azure AD app registration. It is clearly demonstrated in the video. ================================================ In Program.cs, we need to write AddAuthentication() middleware on the services then we need to write AddJwtBearer for each tenant. In AddJwtBearer configuration, we have to mention all the parameters that we want to validate like ValidateIssuer, ValidateAuthority, ValidateIssuerSigningKey and ValidateLifeTime. We have to do it for each tenant. Later we need to add a policy scheme, which has options.ForwardDefaultSelector func. In this we need to write code to select the JWT Bearer scheme that the application have to select for each request. This configuration will allow the app to decide which jwt bearer configuration to select for each request. Because, we have added multiple tenants in the .Net6 Web API Multi Tenant Authentication. Next, we need to add the policy builders and use RequireAuthenticatedUser and we need to add this in builder.Services.AddAuthorization middleware. Add Authorize attribute on the controller which needs authentication. After doing all these, We have successfully implemented Multi Tenant Azure AD authentication on .Net6 Web API. Next is Testing. For Testing Azure AD Multi Tenant Authentication for .Net6 Web API, we need to create client App registrations in each tenant and provide permissions on Api App in multi tenants. We need to assigns scopes on the client application. After doing all these, you can use Postman to generate the token from Oauth2.0 endpoint of Microsoft Azure AD and use it access the web api. =========================================== Chapters 00:00 .Net6 Azure AD Multi Tenant Authentication -Intro 01:00 Azure Ad .Net6 MultiTenant- Create Api App Reg 03:25 .Net6 Multi Tenant Azure AD- Configurations 05:46 Add Authentication, Jwt Bearer Multi Tenant 14:03 Add Authorization - Azure Ad Multi Tenant 16:45 Client App reg - Web Api Azure AD Multi Tenant 17:20 Testing Azure AD Multitenant Api-Postman #azure #MultTenant #.Net6Authentication