Exception "Scheme already exists" when trying to implement multiple authentication schemes

Jörg Auberg (Admin) 5 Reputation points
2023-01-26T11:56:01.52+00:00

For a Azure app service that uses two different app registrations for internal and external users I want to implement multiple authentication schemes. I use a ASP.NET Core web application (.NET6) with the following app settings:

"AzureAdInternal": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "demo.example.com",
    "TenantId": "tenantId",
    "ClientId": "clientId",
    "ClientSecret": "clientSecret",
    "CallbackPath": "/signin-oidc"
  },
  "AzureAdExternal": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "demo.example.com",
    "TenantId": "tenantId",
    "ClientId": "clientId",
    "ClientSecret": "clientSecret",
    "CallbackPath": "/signin-oidc"
	}

In the web app program.cs file two authentications for these sections are added:

// Internal
builder.Services
    .AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftIdentityWebApp(
        builder.Configuration.GetSection(Configuration.AzureActiveDirectoryInternalIdentifier)
    )
    .EnableTokenAcquisitionToCallDownstreamApi(internalScopes)
    .AddMicrosoftGraph(builder.Configuration.GetSection(Configuration.MicrosoftGraphIdentifier))
    .AddInMemoryTokenCaches();

// External
builder.Services
    .AddAuthentication()
    .AddMicrosoftIdentityWebApp(
        builder.Configuration.GetSection(Configuration.AzureActiveDirectoryExternalIdentifier),
        "openid2",
        Configuration.AzureActiveDirectoryExternalCookieIdentifier, false, "Display Name"
    );
    //.EnableTokenAcquisitionToCallDownstreamApi(externalScopes)
    //.AddDownstreamWebApi(
    //    Configuration.Downstream2ApiIdentifier,
    //    builder.Configuration.GetSection(Configuration.Downstream2ApiIdentifier)
    //);

After the deployment on the Azure portal the app fails to start. According to the application event log a second scheme cannot be added:

"Unhandled exception. System.InvalidOperationException: Scheme already exists: AppServicesAuthentication".

Has anybody an idea why this usage of multiple schemes fails?

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,024 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more