I've created a .net application with Azure AD B2B and it works fine, but whenever i try to login it redirect to Microsoft page there it ask for credentials then it come back to my application.
Redirects create user confusion. I want to create the full user experience without the customer leaving our Application. We want to take advantage of secure technologies though.
Is there any way to consume a Azure AD services which help us to login AzureAD without redirecting to Microsoft page?
Please advice!
This is impossible.
This is for the security consideration. The web app which protected by Azure Active Directory requires to login the users via the page proved by Microsoft. This is how OAuth 2.0 Authorization Framework work. You can refer the flow from below. The Authorization Server stands the server provided by Microsoft.
+--------+ +---------------+
| |--(A)- Authorization Request ->| Resource |
| | | Owner |
| |<-(B)-- Authorization Grant ---| |
| | +---------------+
| |
| | +---------------+
| |--(C)-- Authorization Grant -->| Authorization |
| Client | | Server |
| |<-(D)----- Access Token -------| |
| | +---------------+
| |
| | +---------------+
| |--(E)----- Access Token ------>| Resource |
| | | Server |
| |<-(F)--- Protected Resource ---| |
+--------+ +---------------+
If the web app provided the login-page to input the Azure AD account, the site looks like a phishing site which will not be trusted by users.