Razor, Blazor Page Azure AD Continuous Access
Implement Azure AD Continuous Access in an ASP.NET Core Razor Page app using a Web API
Implement Azure AD Continuous Access (CA) step up with ASP.NET Core Blazor using a Web API
Implement Azure AD Continuous Access (CA) standalone with Blazor ASP.NET Core
Force MFA in Blazor using Azure AD and Continuous Access
Force phishing resistant authentication in an ASP.NET Core application using Azure AD
History
- 2023-11-04 Updated packages, fixed security headers
- 2023-08-06 Updated packages
- 2023-04-29 Updated packages, some style fixes
- 2023-02-19 Updated to .NET 7
- 2022-10-09 Updated packages
- 2022-09-11 Updated packages
- 2022-06-13 Force MFA authn from an APP
- 2022-05-23 Improve code in Blazor applications
- 2022-05-20 Add standalone samples
- 2022-05-13 Add CAE Blazor example
- 2022-05-08 Update packages
- 2022-04-16 Update packages
- 2022-04-05 Added CAE admin tool using Microsoft Graph
- 2022-04-03 initial version
Azure app registration manifest access token
"optionalClaims": {
"idToken": [],
"accessToken": [
{
"name": "xms_cc",
"source": null,
"essential": false,
"additionalProperties": []
}
],
"saml2Token": []
},
Azure app registration manifest id_token
"optionalClaims": {
"idToken": [
{
"name": "xms_cc",
"source": null,
"essential": false,
"additionalProperties": []
}
],
"accessToken": [],
"saml2Token": []
},
Claims challenge returned from the API
{"access_token":{"acrs":{"essential":true,"value":"c1"}}}
Access token
{
"aud": "7c839e15-096b-4abb-a869-df9e6b34027c",
"iss": "https://login.microsoftonline.com/5698af84-5720-4ff0-bdc3-9d9195314244/v2.0",
"iat": 1648841224,
"nbf": 1648841224,
"exp": 1648845383,
"acrs": [
"c1"
],
"azp": "7c839e15-096b-4abb-a869-df9e6b34027c",
"azpacr": "1",
"ver": "2.0",
"xms_cc": [
"cp1"
],
// plus more claims
}
Links
https://github.com/Azure-Samples/ms-identity-ca-auth-context
https://github.com/Azure-Samples/ms-identity-dotnetcore-ca-auth-context-app
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
https://github.com/Azure-Samples/ms-identity-dotnetcore-daemon-graph-cae
https://docs.microsoft.com/en-us/azure/active-directory/develop/claims-challenge
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-conditional-access-dev-guide
https://www.youtube.com/watch?v=_iO7CfoktTY