0

Assume I create an ASP.NET Core 2.0 App in Visual Studio 2017:

ASP.NET Core project creation dialog

I can integrate with Azure Active Directory by clicking the Change Authentication dialog.

Cloud single orgationation auth dialog

Then after entering my MSDN credentials 2 or three times it will register my application with Azure Active Directory:

That creates the following snippet in appsettings.json:

"AzureAd": {
  "Instance": "https://login.microsoftonline.com/",
  "Domain": "XXXXXXXX.onmicrosoft.com",
  "TenantId": "XXXXXXXXX",
  "ClientId": "XXXXXXXXX",
  "CallbackPath": "/signin-oidc"
},

Tenant Id matches what this question said it would. And ClientId matches Azure ID. However, I don't see where this Key, that Visual Studio created during the app provisions, is stored:

Keys

Where is that stored?

Nkosi
  • 235,767
  • 35
  • 427
  • 472
Justin Dearing
  • 14,270
  • 22
  • 88
  • 161

1 Answers1

1

AFAIK, the template of Visual Studio does't save the secret when it create it on the Azure. If you want a secret for this app, you can delete the old one and create a new.

Please Note: Once you left that page, the secret was not able to see again.

Fei Xue
  • 14,369
  • 1
  • 19
  • 27
  • So I can have a client without a secret? I know the application Id is hard to guess because its a GUID, but I'm not sure I understand the security implications. – Justin Dearing Oct 10 '17 at 11:40
  • 1
    Yes. The project uses the OpenID connect to acquire the **id_token** by default. So it should work well unless you want to get the **access_token** to call other resource(code grant flow). More info about protocols please refer [this link](https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-openid-connect-code). – Fei Xue Oct 11 '17 at 05:16
  • After dealing with this for a few weeks, it makes better sense now. – Justin Dearing Oct 31 '17 at 17:08