![\"image\"](\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2014\/07\/image5.png\" "\\"image\\"")
<\/a><\/p>\nVisual Studio will create your project according to the template you picked. Before moving any further, let\u2019s enable SSL.<\/p>\n
- \n
- Select the project node in solution explorer. Hit F4.<\/li>\n
- In the resulting property pages, flip SSL Enabled from false to true.<\/li>\n
- Copy the newly populated SSL URL.<\/li>\n
- Right click on the project node. Choose properties.<\/li>\n
- Move to the Web tab. Paste the SSL Url in the Project Url field. Shift+CTR+S to save the new settings.<\/li>\n<\/ul>\n
Provision the app in Azure AD<\/h2>\n
Let\u2019s leave VS for few moments and pay a visit to the Azure portal, where we will tell to our Azure AD tenant about our newly minted application.<\/p>\n
Navigate to https:\/\/manage.windowsazure.com\/<\/a>, sign in as your tenant admin, scroll to the Active Directory tab, choose the tenant you want to use, select the Applications tab, and click the Add button on the appbar at the bottom of the screen.<\/p>\n
Choose \u201cAdd an application my organization is developing\u201d.<\/p>\n
Give to the app any name you like. Keep the default \u201cweb application and\/or web api\u201d. Click the Next arrow.<\/p>\n
In the Sign-On URL enter the HTTPS address you got when you enabled SSL on the project (mine is https:\/\/localhost:44307\/<\/a>). In the App ID URI enter any valid URI that will later remind you of what this app is. For my test app I chose http:\/\/wifeistravellinghenceIblogoutofboredom<\/a>. Click the Done button.<\/p>\n
Click on the Configure tab and leave the browser open there. We\u2019re going to need some of the values here in just a moment.<\/p>\n
Add references to the Cookie\/OpenId Connect\/SystemWeb NuGets<\/h2>\n
Next, let\u2019s go back to Visual Studio. Go to Tools->Library Package Manager->Package Manager Console. In the console, enter the following three magic commands:<\/p>\n
Install-Package Microsoft.Owin.Security.OpenIdConnect -Pre<\/span><\/p>\n
Install-Package Microsoft.Owin.Security.Cookies \u2013Pre<\/span><\/p>\n
Install-Package Microsoft.Owin.Host.SystemWeb \u2013Pre<\/span><\/p>\n
Those will bring down the Katana components you need.<\/p>\n
Add the initialization logic<\/h2>\n
We are in good shape! Given that we started from the Individual Auth template, the OWIN pipeline is already present. We just need to change it to use OpenId Connect. If for some reason (e.g ADFS) you want to use WS-Federation, the mechanism is *exactly* the same, you just use the appropriate middleware.<\/p>\n
- \n
- Go to the App_Start folder and open Startup.Auth.cs.<\/li>\n
- Change the usings directives with the following:<\/li>\n<\/ul>\n
using<\/span> Microsoft.Owin.Security;\r\nusing<\/span> Microsoft.Owin.Security.Cookies;\r\nusing<\/span> Microsoft.Owin.Security.OpenIdConnect;\r\nusing<\/span> Owin;<\/pre>\n<\/p>\n
- \n
- Next, change the body of ConfigureAuth to match the following:<\/li>\n<\/ul>\n
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);\r\n\r\napp.UseCookieAuthentication(new<\/span> CookieAuthenticationOptions());\r\n\r\napp.UseOpenIdConnectAuthentication(\r\n new<\/span> OpenIdConnectAuthenticationOptions\r\n {\r\n ClientId = \"d04fb01f-0715-4ed7-a656-0793b545e1f1\"<\/span>,\r\n Authority = \"https:\/\/login.windows.net\/6c3d51dd-f0e5-4959-b4ea-a80c4e36fe5e\"<\/span>\r\n });\r\n<\/pre>\nThat will change the pipeline to use OpenId Connect. The values you see there are associated to my test app: you will have to change those with the coordinates of your own app, in your own tenant. Namely:<\/p>\n
- \n
- Go back to the portal. Scroll the app configuration page until you find Client ID. Copy the value. Come back to VS and paste the copied value in the string initializing ClientId<\/li>\n
- In the string used to initialize Authority, substitute the GUID you see there with the domain of your tenant (e.g. myawesometenant.onmicrosoft.com).<\/li>\n<\/ul>\n
Done.<\/p>\n
Give it a spin!<\/h2>\n
Hit F5. Your page will come up. Click on the Log In link on the top right corner, which comes directly from the template bits.<\/p>\n
![\"image\"](\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2014\/07\/image_thumb6.png\" "\\"image\\"")
<\/a><\/p>\nOn the right hand side, you\u2019ll notice the OpenIdConnect button. Hit it.<\/p>\n
![\"image\"](\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2014\/07\/image_thumb7.png\" "\\"image\\"")
<\/a><\/p>\nYou\u2019ll see the familiar AAD authentication UX. Enter your test user.<\/p>\n
- Next, change the body of ConfigureAuth to match the following:<\/li>\n<\/ul>\n