In this video, see a demonstration of the running application.
So that's what I'll do. It's not essential, but it'll just make things a little less annoying. And I'm going to go ahead and hit this play button. Again, you may be using a different browser. It really doesn't matter. So I'm going to hit play. And if this is the first time you're running SSL in a development on your machine, you may get a dialog like this. So go ahead and hit yes, and you may be asked to trust the certificate one more time. I'm going to hit yes again. And now I'm greeted with the user interface that looks like this.
This is our application. The application that we just wrote. Notice that there's a sign in button in the top right hand corner. Go ahead and click on it. And it redirects me to the sign in URL now because I'm already signed in to Office 365 in this browser based user interface. I wasn't even prompted to enter my credentials. There's a chance that if your browser instance is not participating in the current sign in session, then you will be asked to provide your ASHA ID credentials.
If you are asked to provide your ASHA ID credentials, provide your developer tenant credentials that you're working with. So it tells me that I'm already authenticated, but one thing it asks me is that my web application needs permission to sign in as me and read my profile. So this is the first time when you run the application, and it's asking for these permissions. And I'll just say, okay. And I will accept. This is the basic bare minimum permission that any application needs.
And this error you're getting because Chrome doesn't understand this ASHA tps certificate. I'm going to click on advanced. I'm going to click on proceed. And now you see that I'm able to get the user's identity from here. This is usual claims based identities that UPN claim or INT.main will give you the same information. And we're able to see this information here. As I mentioned earlier in our code, that we're redirecting to route after sign ins so that is exactly what happened. You can use a separate redirect bureau if that's what you prefer.
They can even be two different websites. And I'm going to click on sign out, and this signs me out completely. Out of my session. Again, look at the post logout redirect URL. It redirected me back to my application. And this is how a simple ASP.net application, or for that matter, any web based application can participate in ASHA ID authentication and sort of become part of your Office 365 talents.
- What is Microsoft Graph?
- Registering a web application in Azure AD
- Adding authentication logic and authentication UI
- Native applications calling Graph
- Reviewing scenarios where web apps involving Graph are useful
- Web applications with application identity and delegated identity calling Graph
- Daemons calling Graph