Add Custom Claim from Entra in Blazor

Edit property mapping in Client App → Managed application in local directory → Single sing-on → Attributes & Claims Note: You will receive the following error after creating a new claims. Fix this by setting the “acceptMappedClaims” to “true” in your app manifest. There was an error trying to log you in: ‘xxxxxxx: This application... » read more

Web App Login with Microsoft Entra Error: Redirect URI does not match

Error: Sorry, but we’re having trouble signing you in. AADSTS50011: The redirect URI 'https://app01.domain.com/authentication/login-callback' specified in the request does not match the redirect URIs configured for the application 'xxxxxxxxxx'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about... » read more

Install SSL Certificate on Azure Web App

To secure your site, extract the files from STAR.mydomain.com_cert.zip and STAR.mydomain.com_key.zip on your computer and upload them to your server. Here is a list of the most common server types and how to install SSL on them. If you created a CSR and private key in-browser during SSL activation, you will find key.zip in your downloads folder. How to install an... » read more

Error Using Microsoft Identity Platform Entra (Azure Active Directory) for App Sign In

Error: You get the following error when setting up your web application to use the Entra (Azure Active Directory) for authentication… AADSTS50011: The redirect URI ‘https://xxxxxx/authentication/login-callback’ specified in the request does not match the redirect URIs configured for the application ‘xxxxxxx’. Make sure the redirect URI sent in the request matches one added to your... » read more

Azure Active Directory Entra Group Membership Claims attribute

https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/microsoft-entra-id-groups-and-roles?view=aspnetcore-7.0 https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/graph-api?pivots=graph-sdk-5&view=aspnetcore-7.0 https://learn.microsoft.com/en-us/graph/sdks/sdks-overview Scopes To permit Microsoft Graph API calls for user profile, role assignment, and group membership data: A CLIENT app is configured with the User.Read scope (https://graph.microsoft.com/User.Read) in the Azure portal. A SERVER app is configured with the GroupMember.Read.All scope (https://graph.microsoft.com/GroupMember.Read.All) in the Azure portal. The preceding scopes are required in addition to the scopes required in ME-ID deployment scenarios described by the... » read more

Secure a hosted ASP.NET Core Blazor WebAssembly app with Microsoft Entra ID

https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/hosted-with-microsoft-entra-id?view=aspnetcore-7.0 Walkthrough The subsections of the walkthrough explain how to: Create a tenant in Azure Register a server API app in Azure Register a client app in Azure Create the Blazor app Modify the Server appsettings.json configuration Modify the default access token scope scheme Run the app Create a tenant in Azure Follow the guidance in Quickstart: Set up... » read more

Create Self-Signed Certificate

Open PowerShell as administrator Run the following command: C:\Users\user01> New-SelfSignedCertificate -Subject “CN=OrgCert1234” -CertStoreLocation “cert:\LocalMachine\My” Now, what we have to do is obtain the private key certificate file to be able to upload it to Azure: Press the windows key Type Manage Computer Certificates and press Enter Go to Personal (on the left), then Certificates Double-click on the... » read more

Deployment error from new Development Computer- HTTP Error 500.30 – ASP.NET Core app failed to start due to certificate authentication issue

Issue: Getting the following error message after deploying a Blazor web app from a new development computer Resolution: Update “Self Signed Certificate” to Blazor web app and web app server config. Need to create a new self signed certificate on development computer, upload to Azure web app. Then update the self signed certificate section of... » read more