{"id":1444,"date":"2025-06-25T10:27:55","date_gmt":"2025-06-25T10:27:55","guid":{"rendered":"https:\/\/www.cmarix.com\/qanda\/?p=1444"},"modified":"2026-02-05T12:05:48","modified_gmt":"2026-02-05T12:05:48","slug":"oauth2-in-asp-net-core-8-integration-guide","status":"publish","type":"post","link":"https:\/\/www.cmarix.com\/qanda\/oauth2-in-asp-net-core-8-integration-guide\/","title":{"rendered":"How to Integrate OAuth2 and Microsoft Identity with ASP.NET Core 8?"},"content":{"rendered":"\n<p>If you&#8217;re building a secure application in .NET and want to allow users to sign in with Microsoft accounts, you\u2019re in the right place. In this guide, we\u2019ll walk through integrating <strong>OAuth2<\/strong> and <strong>Microsoft Identity Platform<\/strong> with an <strong>ASP.NET Core 8<\/strong> MVC web app using <strong>OpenID Connect<\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What We\u2019ll Build<\/h2>\n\n\n\n<p><strong>We\u2019ll create a simple ASP.NET Core 8 MVC web app where users can:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sign in using Microsoft accounts (via Azure AD)<\/li>\n\n\n\n<li>View protected pages after login<\/li>\n\n\n\n<li>Log out securely<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Technologies Used<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>.NET 8 (ASP.NET Core MVC)<\/li>\n\n\n\n<li>OAuth2 \/ OpenID Connect<\/li>\n\n\n\n<li>Microsoft Identity Platform (Azure AD)<\/li>\n\n\n\n<li>Visual Studio \/ VS Code<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Prerequisites<\/h2>\n\n\n\n<p><strong>Before starting, make sure you have:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/dotnet.microsoft.com\/en-us\/download\" target=\"_blank\" rel=\"noopener\">.NET 8 SDK<\/a><\/li>\n\n\n\n<li>An Azure account (free tier works)<\/li>\n\n\n\n<li>Visual Studio 2022 or VS Code<\/li>\n\n\n\n<li>Basic understanding of ASP.NET Core MVC<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">How to Build ASP.NET Core 8 MVC Web Applications?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Register the App in Azure AD<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to the<a href=\"https:\/\/portal.azure.com\/\" target=\"_blank\" rel=\"noopener\"> Azure Portal<\/a><\/li>\n\n\n\n<li>Navigate to Microsoft Entra ID > App registrations<\/li>\n\n\n\n<li>Click New registration<\/li>\n\n\n\n<li><strong>Fill in the fields:<\/strong>\n<ul class=\"wp-block-list\">\n<li>Name: MyOAuthApp<\/li>\n\n\n\n<li>Supported account types: Choose based on your needs (e.g., Single Tenant or Multitenant)<\/li>\n\n\n\n<li>Redirect URI: Set it to https:\/\/localhost:5001\/signin-oidc<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Click Register<\/strong><\/li>\n<\/ol>\n\n\n\n<p><strong>Save the following values:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Client ID (Application ID)<\/li>\n\n\n\n<li>Tenant ID<\/li>\n\n\n\n<li>Generate a Client Secret under Certificates &amp; Secrets<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create ASP.NET Core 8 MVC App<\/h3>\n\n\n\n<p>Open your terminal or Visual Studio and create a new project:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>dotnet new mvc -n OAuthMicrosoftIdentityDemo\ncd OAuthMicrosoftIdentityDemo<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Add Required NuGet Packages<\/h3>\n\n\n\n<p>Open your .csproj and add:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;ItemGroup>\n  &lt;PackageReference Include=\"Microsoft.AspNetCore.Authentication.OpenIdConnect\" Version=\"8.0.0\" \/>\n  &lt;PackageReference Include=\"Microsoft.Identity.Web\" Version=\"2.16.0\" \/>\n  &lt;PackageReference Include=\"Microsoft.Identity.Web.UI\" Version=\"2.16.0\" \/>\n&lt;\/ItemGroup><\/code><\/pre>\n\n\n\n<p>Then run:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>dotnet restore<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Configure Azure AD in appsettings.json<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>{\n  \"AzureAd\": {\n    \"Instance\": \"https:\/\/login.microsoftonline.com\/\",\n    \"Domain\": \"yourdomain.onmicrosoft.com\",\n    \"TenantId\": \"YOUR_TENANT_ID\",\n    \"ClientId\": \"YOUR_CLIENT_ID\",\n    \"ClientSecret\": \"YOUR_CLIENT_SECRET\",\n    \"CallbackPath\": \"\/signin-oidc\"\n  },\n  \"Logging\": {\n    \"LogLevel\": {\n      \"Default\": \"Information\",\n      \"Microsoft.AspNetCore\": \"Warning\"\n    }\n  },\n  \"AllowedHosts\": \"*\"\n}<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Configure Authentication in Program.cs<\/h3>\n\n\n\n<p>Replace the contents of Program.cs with:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>using Microsoft.AspNetCore.Authentication.OpenIdConnect;\nusing Microsoft.Identity.Web;\n\nvar builder = WebApplication.CreateBuilder(args);\n\nbuilder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)\n    .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection(\"AzureAd\"));\n\nbuilder.Services.AddAuthorization(options =>\n{\n    options.FallbackPolicy = options.DefaultPolicy;\n});\n\nbuilder.Services.AddControllersWithViews()\n    .AddMicrosoftIdentityUI();\n\nvar app = builder.Build();\n\napp.UseHttpsRedirection();\napp.UseStaticFiles();\napp.UseRouting();\n\napp.UseAuthentication(); \/\/ Enable auth\napp.UseAuthorization();\napp.MapControllerRoute(\n    name: \"default\",\n    pattern: \"{controller=Home}\/{action=Index}\/{id?}\");\n\napp.Run();<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Protect a Page with [Authorize]<\/h3>\n\n\n\n<p>Open or create a new controller like this:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>using Microsoft.AspNetCore.Authorization;\nusing Microsoft.AspNetCore.Mvc;\n\n&#91;Authorize]\npublic class DashboardController : Controller\n{\n    public IActionResult Index()\n    {\n        return View();\n    }\n}<\/code><\/pre>\n\n\n\n<p>Create the view under Views\/Dashboard\/Index.cshtml and put any content you like.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7: Add Login \/ Logout Functionality<\/h3>\n\n\n\n<p>In _Layout.cshtml, add:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>@using Microsoft.AspNetCore.Authentication\n@using Microsoft.AspNetCore.Authentication.OpenIdConnect\n\n&lt;div class=\"navbar\">\n    @if (User.Identity.IsAuthenticated)\n    {\n        &lt;span>Hello, @User.Identity.Name&lt;\/span>\n        &lt;form asp-controller=\"Account\" asp-action=\"SignOut\" method=\"post\">\n            &lt;button type=\"submit\">Sign out&lt;\/button>\n        &lt;\/form>\n    }\n    else\n    {\n        &lt;a asp-controller=\"Account\" asp-action=\"SignIn\">Sign in&lt;\/a>\n    }\n&lt;\/div><\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 8: Add AccountController<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>using Microsoft.AspNetCore.Authentication;\nusing Microsoft.AspNetCore.Authentication.OpenIdConnect;\nusing Microsoft.AspNetCore.Mvc;\nusing Microsoft.AspNetCore.Authentication.Cookies;\n\npublic class AccountController : Controller\n{\n    public IActionResult SignIn(string returnUrl = \"\/\")\n    {\n        return Challenge(new AuthenticationProperties { RedirectUri = returnUrl }, OpenIdConnectDefaults.AuthenticationScheme);\n    }\n\n    &#91;HttpPost]\n    public IActionResult SignOut()\n    {\n        return SignOut(new AuthenticationProperties { RedirectUri = \"\/\" },\n            OpenIdConnectDefaults.AuthenticationScheme,\n            CookieAuthenticationDefaults.AuthenticationScheme);\n    }\n}<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 9: Run the App<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>dotnet run<\/code><\/pre>\n\n\n\n<p>Go to https:\/\/localhost:5001, click <strong>Sign in<\/strong>, and authenticate with your Microsoft Account.<\/p>\n\n\n\n<p>Once logged in, access your protected route like \/Dashboard.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Final Thoughts<\/h2>\n\n\n\n<p>That\u2019s it! You now have a secure ASP.NET Core 8 application using <strong>OAuth2<\/strong> and <strong>Microsoft Identity<\/strong>. This sets the stage for building enterprise-ready applications with Microsoft 365, Graph API, or custom APIs secured by Azure AD.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you&#8217;re building a secure application in .NET and want to allow users to sign in with Microsoft accounts, you\u2019re in the right place. In this guide, we\u2019ll walk through integrating OAuth2 and Microsoft Identity Platform with an ASP.NET Core 8 MVC web app using OpenID Connect. What We\u2019ll Build We\u2019ll create a simple ASP.NET [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1450,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[4,3],"tags":[],"class_list":["post-1444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dot-net","category-web"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/posts\/1444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/comments?post=1444"}],"version-history":[{"count":6,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/posts\/1444\/revisions"}],"predecessor-version":[{"id":1452,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/posts\/1444\/revisions\/1452"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/media\/1450"}],"wp:attachment":[{"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/media?parent=1444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/categories?post=1444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cmarix.com\/qanda\/wp-json\/wp\/v2\/tags?post=1444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}