ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,777 questions
Exception "Scheme already exists" when trying to implement multiple authentication schemes
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 42%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Jörg Auberg (Admin)
5
Reputation points
For a Azure app service that uses two different app registrations for internal and external users I want to implement multiple authentication schemes. I use a ASP.NET Core web application (.NET6) with the following app settings:
"AzureAdInternal": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "demo.example.com",
"TenantId": "tenantId",
"ClientId": "clientId",
"ClientSecret": "clientSecret",
"CallbackPath": "/signin-oidc"
},
"AzureAdExternal": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "demo.example.com",
"TenantId": "tenantId",
"ClientId": "clientId",
"ClientSecret": "clientSecret",
"CallbackPath": "/signin-oidc"
}
In the web app program.cs file two authentications for these sections are added:
// Internal
builder.Services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(
builder.Configuration.GetSection(Configuration.AzureActiveDirectoryInternalIdentifier)
)
.EnableTokenAcquisitionToCallDownstreamApi(internalScopes)
.AddMicrosoftGraph(builder.Configuration.GetSection(Configuration.MicrosoftGraphIdentifier))
.AddInMemoryTokenCaches();
// External
builder.Services
.AddAuthentication()
.AddMicrosoftIdentityWebApp(
builder.Configuration.GetSection(Configuration.AzureActiveDirectoryExternalIdentifier),
"openid2",
Configuration.AzureActiveDirectoryExternalCookieIdentifier, false, "Display Name"
);
//.EnableTokenAcquisitionToCallDownstreamApi(externalScopes)
//.AddDownstreamWebApi(
// Configuration.Downstream2ApiIdentifier,
// builder.Configuration.GetSection(Configuration.Downstream2ApiIdentifier)
//);
After the deployment on the Azure portal the app fails to start. According to the application event log a second scheme cannot be added:
"Unhandled exception. System.InvalidOperationException: Scheme already exists: AppServicesAuthentication".
Has anybody an idea why this usage of multiple schemes fails?
{count} vote
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Shweta Mathur 30,301 Reputation points Microsoft Employee2023-02-01T11:11:09.33+00:00 Hi @Jörg Auberg (Admin) ,
Thanks for reaching out. Are you facing the same issue locally as well?
Are you able to run successfully if you remove another schema?
Thanks,
Shweta
Sign in to comment
1 answer
Sort by: Most helpful
-
Deleted
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more