| title | description | author | manager | ms.prod | ms.technology | ms.custom | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|---|
Using the Active Directory connected service (Visual Studio) |
Connect Microsoft Entra ID (formerly Azure Active Directory) to your application by using Connected Services in Visual Studio on Windows. |
ghogen |
jillfra |
visual-studio-windows |
vs-azure |
devx-track-csharp |
how-to |
12/14/2021 |
ghogen |
[!INCLUDE Visual Studio]
By using Microsoft Entra ID, you can support Single Sign-On (SSO) for ASP.NET MVC web applications, or Active Directory Authentication in web API services. With Microsoft Entra authentication, your users can use their accounts from Microsoft Entra ID to connect to your web applications. The advantages of Microsoft Entra authentication with web API include enhanced data security when exposing an API from a web application. With Microsoft Entra ID, you do not have to manage a separate authentication system with its own account and user management.
This article and its companion articles provide details of using the Visual Studio Connected Service feature for Active Directory. The capability is available in Visual Studio 2015 and later.
At present, the Active Directory connected service does not support ASP.NET Core applications.
- Azure account: if you don't have an Azure account, you can sign up for a free trial or activate your Visual Studio subscriber benefits.
- Visual Studio 2015 or later. Download Visual Studio now.
-
In Visual Studio, create or open an ASP.NET MVC project, or an ASP.NET Web API project. You can use the MVC, Web API, Single-Page Application, Azure API App, Azure Mobile App, and Azure Mobile Service templates.
-
Select the Project > Add Connected Service... menu command, or double-click the Connected Services node found under the project in Solution Explorer.
-
On the Connected Services page, select Authentication with Microsoft Entra ID.
-
On the Introduction page, select Next. If you see errors on this page, refer to Diagnosing errors with the Microsoft Entra Connected Service.
-
On the Single-Sign On page, select a domain from the Domain drop-down list. The list contains all domains accessible by the accounts listed in the Account Settings dialog of Visual Studio (File > Account Settings...). As an alternative, you can enter a domain name if you don’t find the one you’re looking for, such as
mydomain.onmicrosoft.com. You can choose the option to create a Microsoft Entra app or use the settings from an existing Microsoft Entra app. Select Next when done.
-
On the Directory Access page, select the Read directory data option as desired. Developers typically include this option.
-
Select Finish to start modifications to your project to enable Microsoft Entra authentication. Visual Studio shows progress during this time:
-
When the process is complete, Visual Studio opens your browser to one of the following articles, as appropriate to your project type:
-
You can also see the Active Directory domain on the Azure portal.
When you add the connected service the wizard, Visual Studio adds Microsoft Entra ID and associated references to your project. Configuration files and code files in your project are also modified to add support for Microsoft Entra ID. The specific modifications that Visual Studio makes depend on the project type. See the following articles for details: