Build the Azure SSO login page in Blazor Server application with SAML

What is SSO and How it works?

  1. The user tries to access a web application (for example, the Outlook Web App — https://outlook.office365.com/owa/) from a domain-joined corporate device inside your corporate network.
  2. If the user is not already signed in, the user is redirected to the Azure AD sign-in page.
  3. The user types in their user name into the Azure AD sign-in page.
  4. Using JavaScript in the background, Azure AD challenges the browser, via a 401 Unauthorized response, to provide a Kerberos ticket.
  5. The browser, in turn, requests a ticket from Active Directory for the AZUREADSSOACC computer account (which represents Azure AD).
  6. Active Directory locates the computer account and returns a Kerberos ticket to the browser encrypted with the computer account’s secret.
  7. The browser forwards the Kerberos ticket it acquired from Active Directory to Azure AD.
  8. Azure AD decrypts the Kerberos ticket, which includes the identity of the user signed into the corporate device, using the previously shared key.
  9. After evaluation, Azure AD either returns a token back to the application or asks the user to perform additional proofs, such as Multi-Factor Authentication.
  10. If the user sign-in is successful, the user is able to access the application.

How to code on Blazor application to implement the SSO login page

How to test our application on your local

--

--

--

A hacker and a passionate developer

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Constructors in Java

Easy Install & Configuration of Oracle Unified Directory (OUD)

TAMU CTF 2019 web writeups (Science!)

Blogs: Week of 9 Nov — 15 Nov — Sean Chen

Reporting on Email Message object with Einstein Analytics — Advanced Data Modelling

Migrating to Kubernetes

Is Your iPhone App Still in App Store After June 30?

Hand holding iPhone with a question mark

How to Style Your GTK App with CSS and Haskell

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kevin (Xiaocong) Zheng

Kevin (Xiaocong) Zheng

A hacker and a passionate developer

More from Medium

Install and Setup Apache Tomcat 8 on CentOS/RHEL 7 🐧

What to log…

SQL Server — Do my query use forced plans from Query Store?

How to automatically detect issues in your YAML file with Circle CI