Published ASP.NET MVC 5 Application with Organizational Account Authentication Redirects back to localhost
I have a problem publishing a web application that uses an organization account for authentication. Namely, I decided to publish it on the azure website using the new azure SQL database as my db tenant. I use a single account and specify the .onmicrosoft.com domain.
Step by step:
- New ASP.NET Application, MVC
- Change Authentication -> Organizational Accounts -> Cloud - Single Organization, Domain: .onmicrosoft.com, Access Level: Single Sign On
- Microsoft Azure -> host in the cloud (checked), website
- Selected Database Server in Azure
- Debug / run in IIS Express works as expected on the Organization page for Authentication and then navigate to Home / Index which displays the user's email in the navigation pane.
- Publishing to the Web with a default profile (automatically generated) generates a couple of errors: 6.1. It looks at http, not https by default 6.2. Manual browsing at https: // .... redirects to onmicrosoft.com for authentication and upon successful authentication redirects back to
https://localhost:xxxxx
Where can I set up a redirect URL for organizational accounts? I've done Microsoft account authentication for some previous projects, and I know that the client ID and secret ID are tied to a specific return url, but I don't know where to look for application properties when using organization accounts.
Thank.
Predrag.
source to share
To answer my question. Below is one possible workflow:
- From Visual Studio 2013, Project-> New-> Web-> ASP.NET Web Application
- Name: WebApplication2
-
New ASP.NET Project - WebApplication2
and. Choose a pattern: MVC
b. Change authentication
i. Organizational Accounts ii. Cloud – Single Organization iii. Domain: <organization_name>.onmicrosoft.com iv. Access Level: Single Sign On
from. OK
-
Setting up a Microsoft Azure website
and. Site name: WebApplicationXXXXX
b. Region: Northern Europe
from. Database Server: Existing Database Server
e. Database username: admin
e. Database password: admin_password
f. OK
-
Publish with default profile without changing any parameters
and. The result will be a server error in the application. In the address bar it will be
http://webapplicationXXXXX.azurewebsites.net/
-
Go to https instead of http:
https://webapplicationXXXXX.azurewebsites.net/
and. It will be correctly redirected to the organization account. After successful authentication, it will be redirected back to
https://localhost:44310/
which is not available on the Azure website, so it will fail. -
Start publishing with some fixes this time, publish the website
and. Connection-> DestinationUrl:
https://webapplicationXXXXX.azurewebsites.net/
b. Settings-> Enable Organizational Authentication (Verification)
i. Domain: <organization_name>.onmicrosoft.com ii. Access Level: Single Sign On
from. Publish
It may not authenticate the first time (not sure why), but when manually viewed before, https://webapplicationXXXXX.azurewebsites.net/
it will work as expected. Skipping steps 5 and 6 above will make your workflow workable. Its another question if it is optimal and in line with best practices.
source to share
I had the same problem, but found that the automatic authentication option was removed in Visual Studio 2015 and 2017.
You need to edit the trusted parties trust on your ADFS server. Right click> Properties> Endpoints> Add WS-Federation Endpoint pointing to your default https root> Tick site url.
My site is now running and authenticated with ADFS.
source to share