I am trying to follow this link https://www.codeguru.com/azure/mvc-web-apps-azure/ for integration of Azure AD authentication. I am confused. Which method is this using internally?
Is it using Open ID, SAML 2.0 and LDAP authentication or just Open ID authentication?
I followed the link and the authentication is working fine but want to understand which method is this using internally.
2
Answers
It uses OpenID Connect. The documentation has further explanations how the protocol works: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/auth-oidc
As of my last update in September 2021, Microsoft.Owin.Security.OpenIdConnect is primarily used for OpenID Connect authentication in the .NET framework. It does not directly support SAML 2.0 or LDAP authentication out of the box.
Here’s a brief explanation of each of these authentication protocols:
OpenID Connect: It is an authentication layer built on top of the OAuth 2.0 authorization framework. It allows clients (applications) to verify the identity of end-users based on the authentication performed by an authorization server. It is widely used for Single Sign-On (SSO) scenarios and is commonly used in modern web applications.
SAML 2.0 (Security Assertion Markup Language): Unlike OpenID Connect, SAML 2.0 is not natively supported by Microsoft.Owin.Security.OpenIdConnect. SAML is a different authentication and authorization protocol primarily used for web-based SSO scenarios, often in enterprise environments. .NET applications can use other libraries and packages to support SAML 2.0 authentication.
LDAP (Lightweight Directory Access Protocol): LDAP is not an authentication protocol but rather a directory services protocol used for querying and modifying directory information. While it is not directly related to Microsoft.Owin.Security.OpenIdConnect, it is often used alongside authentication systems for user lookup and authentication in enterprise environments.
If you need to support SAML 2.0 or LDAP authentication in your .NET application, you will need to explore other libraries or packages that specifically provide support for these protocols. For SAML 2.0, you may consider using libraries like "ComponentSpace" or "ITfoxtec.Identity.Saml2" in combination with "Microsoft.Owin.Security". For LDAP, you can explore libraries like "Novell.Directory.Ldap" or "System.DirectoryServices".
Keep in mind that the landscape of software and libraries is constantly evolving, so it’s always a good idea to check for the latest updates and recommendations from Microsoft or the open-source community when implementing authentication mechanisms in your .NET applications.