Tutorial: Create and configure an ASP.NET Core project for authentication

In this tutorial, you learn how to create an ASP.NET Core project using an IDE and configure it for authentication and authorization. This tutorial is the second part of a series that demonstrates how to secure a web API using the Microsoft identity platform. In the previous article, you registered an application in your Microsoft Entra ID tenant. In this article, you;

• Create an ASP.NET Core Empty project in your IDE
• Configure the settings for the application
• Identify and install the required NuGet packages

Prerequisites

• Completion of the prerequisites and steps in Tutorial: Register web API with the Microsoft identity platform.
• You can download the IDEs used in this tutorial from the Downloads page.
  • Visual Studio 2022
  • Visual Studio Code
  • Visual Studio 2022 for Mac

• A minimum requirement of .NET 6.0 SDK.

Create an ASP.NET Core project

Use the following tabs to create an ASP.NET Core project within an IDE.

Visual Studio

1. Open Visual Studio, and then select Create a new project.
2. Search for and choose the ASP.NET Core Empty template, and then select Next.
3. Enter a name for the project, such as NewWebAPILocal.
4. Choose a location for the project or accept the default option, and then select Next.
5. Accept the default for the Framework and Configure for HTTPS.
6. Select Create.

Visual Studio Code

1. Open Visual Studio Code, select File > Open Folder.... Navigate to and select the location in which to create your project.

2. Open up a new terminal by selecting Terminal in the top bar, then New Terminal.

3. Create a new folder using the New Folder... icon in the Explorer pane. Provide a name similar to the one registered previously, for example, NewWebAPILocal.

4. Open a new terminal by selecting Terminal > New Terminal.

5. To create an ASP.NET Core Empty template, run the following commands in the terminal to change into the directory and create the project:

   cd NewWebAPILocal
   dotnet new web
   

Visual Studio for Mac

1. Open Visual Studio, and then select New.
2. Under Web and Console in the left navigation bar, select App.
3. Under ASP.NET Core, select API and ensure C# is selected in the drop down menu, then select Continue.
4. Accept the default for the Target Framework and Advanced, then select Continue.
5. Enter a name for the Project name, this will be reflected in Solution Name. Provide a similar name to the one registered on the Microsoft Entra admin center, such as NewAPI1.
6. Accept the default location for the project or choose a different location, and then select Create.

Note

Visual Studio for Mac is scheduled for retirement by August 31, 2024 in accordance with Microsoft’s Modern Lifecycle Policy. Visual Studio for Mac 17.6 will continue to be supported until August 31, 2024, with servicing updates for security issues and updated platforms from Apple. Refer to What's happening to Visual Studio for Mac for more information.

Configure the ASP.NET Core project

The values recorded earlier will be used in appsettings.json to configure the application for authentication. appsettings.json is a configuration file that is used to store application settings used during run-time.

1. Open appsettings.json and replace the file contents with the following code snippet:

   {
     "AzureAd": {
       "Instance": "https://login.microsoftonline.com/",
       "ClientId": "Enter the client ID here",
       "TenantId": "Enter the tenant ID here",
       "Scopes": "Forecast.Read"
     },
     "Logging": {
       "LogLevel": {
         "Default": "Information",
         "Microsoft.AspNetCore": "Warning"
       }
     },
     "AllowedHosts": "*"
   } 
   

   • Instance - The endpoint of the cloud provider. Check with the different available endpoints in National clouds.
   • TenantId - The identifier of the tenant where the application is registered. Replace the text in quotes with the Directory (tenant) ID value that was recorded earlier from the overview page of the registered application.
   • ClientId - The identifier of the application, also referred to as the client. Replace the text in quotes with the Application (client) ID value that was recorded earlier from the overview page of the registered application.
   • Scopes - The scope that is used to request access to the application. For this tutorial, the scope is Forecast.Read.

2. Save the changes to the file.

Install identity packages

Identity related NuGet packages must be installed in the project for authentication of users to be enabled.

Visual Studio

1. In the top menu, select Tools > NuGet Package Manager > Manage NuGet Packages for Solution.
2. With the Browse tab selected, search for Microsoft.Identity.Web, select the Microsoft.Identity.Web package, select the Project checkbox, and then select Install.
3. Select Ok or I Accept for other windows that may appear.

Visual Studio Code

1. In the terminal opened in the previous section, enter the following command:

   dotnet add package Microsoft.Identity.Web
   

Visual Studio for Mac

1. In the top menu, select Tools > Manage NuGet Packages.
2. Search for Microsoft.Identity.Web, select the Microsoft.Identity.Web package, select Project, and then select Add Package.
3. In the pop-up, ensure the correct project is selected, then select Ok.
4. Select Accept if other License Acceptance windows appear.

Next steps

Tutorial: Implement a protected endpoint to your API