asp.net-core.net-coreazure-active-directorysingle-sign-onws-federation

Is it possible to have multiple azure ad applications for one web app?


I want to configure multiple azure ad application for one web app (don't know whethere it is possible or not). Each application configured on the Azure portal will be single tenant application.

When user enters the username based on that I need to decide on which azure application i have to redirect.

Because metadata and realm configuration are stored in appsettings and use in the startup, I cannot able to update those configuration from the controller side.


Solution

  • You should provide client ID/tenant ID when setting the challenge to OpenID Connect , then Azure will redirect user to application's login page based on client id and tenant , that means you should provide client ID before user enter his credential in Azure login page .

    A workaround is register multiple authentication schemes in your application , before sign in , you should provide a textbox or dropdownlist for user to select which client/tenant he/she wants to login , after that application will challenge specific scheme based on client ID and tenant ID since you register single tenant apps .