Active directory

AB
AB
Vote:
 

Hi all,

I'm hoping someone will be able to offer some advice with a high-level issue.

We are currently working on a project that is to be hosted in Episerver DXC.

There is a requirement for the following:

  • CMS users must authenticate with an instance of Azure AD
  • Customers must authenticate with an instance of Azure AD B2C

I have seen many examples that suggest using this following approach:

https://world.episerver.com/documentation/developer-guides/CMS/security/integrate-azure-ad-using-openid-connect/

This approach makes sense if authenticating against one instance of AD.  However, we need to be able to authenticate against two (as above).

Has anyone had any similar requirements?

Thanks,

A

#189447
Mar 19, 2018 18:20
Narayan - Aug 13, 2020 11:43
Hello,

I have same requirements, can you please guide me that how you manged this?

Reagrds,
Narayana
Vote:
 

I haven't done exactly that. But we recently did mixed mode authentication with Azure AD B2C + Local db users. In the future we might do exactly what you are about to do.

AFAIK it shouldn't be a problem to do mixed mode authentication to two different ADs. But it might also be possible to connect the the two ADs to each other, so Episerver just talks to AD B2C, which in turn talks to the other AD. But AD is not really my knowledge area...

Take a look here:

https://world.episerver.com/documentation/developer-guides/CMS/security/configuring-mixed-mode-owin-authentication/

https://hacksbyme.net/2017/05/11/mixed-mode-owin-authentication-for-episerver-editors/

#189518
Mar 20, 2018 14:24
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.