Recently authorized to use Identity Server Development Center login to add third-party login, integrated micro-channel, nails, Github, and finally thought of using user Windows 10 systems, most have a Microsoft account, if integrated with Microsoft account, will bring more convenience! So I studied the Microsoft Account OAuth authorization integration.
Use Microsoft Account authorized in several ways:
- Azure Active Directory
- Microsoft Graph
- Azure WebApp
This example is achieved with a simple WebApp register now!
First, the registration Azure WebApp
- Access application registration page https://ms.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
- Select the Applications tab in the individual account, click on the new registration, select "related only to personal accounts", enter a name, click on the registration.
- After registration, see the application list have this new registration application, click on the Settings screen, you can application (client) ID.
- Certificate and password to enter the page, click on the new client password, create a client password.
Second, registering a ExternalProvider in ASP.NET Core applications
Installation package Nuget
<PackageReference Include="Microsoft.AspNetCore.Authentication.MicrosoftAccount" Version="3.0.0" />Registration Microsoft Account OAuth authentication component, configured ClientId and ClientSecret, and a callback path
services.AddAuthentication() .AddMicrosoftAccount(options => { //options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; options.ClientId = Configuration["Microsoft:ClientId"]; options.ClientSecret = Configuration["Microsoft:ClientSecret"]; options.CallbackPath = new PathString("/signin-microsoft"); });PS. After four integrated Identity Server, you may need to set
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;