How to Integrate Office 365 Active Directory to Azure and Authenticate Your Application Using Office 365 User

Introduction

This tip shows how to authenticate an ASP application using Office 365 User.

Background

In our organization, we have an Office 365 account where all the user details are stored and also we have more than 50 internal applications which have their own authentication method. This is a big headache for our development team to maintain all the authentications in a single sign-on and also for our employees to remember all the passwords. So, we decided that we will integrate our office 365 sign in credentials to our ASP, PHP, and Java applications, later I will write about PHP and Java.

Requirements

1. Visual Studio 2010 or later
2. Windows Identity foundation SDK

Using the Code

We don't need to write any code for Single Sign-on but for sign-out and other things like accessing user details we need to write some code which I will provide later.

1. You need to have Azure and Office 365 Account
2. Sign in to your Azure Account, Click On New, Then App Services-->Active Directory-->Directory
3. Then you will get a Dialogue with two options, create a New Directory or Use Existing Directory.
4. Select Use Existing Directory and tick the Check Box I am ready to be signed out now

   Now, it will go to the Windows sign-in page.

   C#

   Page.User.Identity.Name

5. Sign In with Your Office 365 Global Administrator Access and after successful Authentication, the Directory will be added to Windows Azure with all the user details.
6. Now, you need to add an application to the Directory by selecting Application Menu inside the directory.
7. Now, click on Add which will be at the Bottom of the Application Page. A Dialogue will open and will ask you for some information like:

   Web application and/or web API

   Rec: Use SSL URL.

   • 7.1. Name ->> Give a Custom Name and Select
   • 7.2. In second Page, provide the App URL and App Id URL both can be Same and you can also use your local URL, to Use Local URL Check Point No 10.
   • 7.3. After successful addition of the application, you will get Federation Metadata URL, now copy the URL.
8. Now open Visual Studio and create ASP or MVC application and right click on The Solution. You will get Identity and Access in VS 2012 or later and add Sts in Earlier VS Edition. Now click that and a page will come with 3 options. Now select Use a Business Identity Provider and you will get two Input fields - one for STS Metadata URL and one for APP ID URL in Metadata URL put the URL you got from the Application in point no 7.3 and in APP ID URL, you provide the APP ID URL which you provided in point no 7.2.
9. Now run the application. It will take you to the Windows sign in page. There, you need to provide the User Credential which is stored in Office 365 Account and after successful sign in, it will redirect you to your APP and you can access the authenticated user name by using:
10. To get a local URL without hosting your site, click on the Web project and go to properties and select the Web Tab. There, you need to select Use Local IIS Web Server and then select Use IIS Express. Now, you will get the URL. To enable SSL, click on the web project and press F4. It will open the property page. There, make SSL Enabled to true and now you will get the SSL URL.