Documentation integrating Identity Server with BD, Windows AD and Azure AAD

Code copied and improved from

Run the project

Download Sources.
Run the project AspNetCoreWindowsAuth.sln .
The following screen should show :

Code Integration with local database

I have used Sqlite , since it does not require any installation of Server When the user signs in with UserName and Password, the following code is called The events are for notifying IdentityServer about our user

External Integration - with local Active Directory

See in Startup.cs the following When the user clicks the Windows authenticatio the following code is called

External Integration - with Azure Active Directory

This was by far the most complicated As a pre-requisites , we need to configure the Azure Active Directory and grab the client Id for the application. The code in the startup.cs os And the code that retrieves the user is:

Configure Azure Active Directory

This implies to go to
First you create a new application in the Azure Active Directory
Please retain the applicationId in order to put to the code
Do not forget about checking the token on authentication

because of this code And that is all that needs to be done.

Roles for Windows

In Computer Management, I define the user : testUser that belongs to MyGroup

In startup.cs I define the Policy for this: I also define an Controller that require this policy So now if you logon on Windows with testuser, it will require the policy to be satisfied

Now, to understand the code
Read and
Now some more code:
Transforming Groups to role claims And putting back to user
Finally see TestController to see how to authorize external users via API