Edit

Share via


Quickstart: Get Started with the Microsoft identity platform Visual Studio Connected Services

Applies to: Green circle with a white check mark symbol. Workforce tenants Green circle with a white check mark symbol. External tenants (learn more)

Integrating identity management solutions into your organizational and customer-facing applications is essential for securing resources and customer data. Visual Studio's Connected Services allow you to quickly integrate the Microsoft identity platform into your ASP.NET web apps and configure sign-in experiences, all within Visual Studio. This article provides details of using Visual Studio's Connected Services feature for Microsoft Entra ID.

Prerequisites

  • Visual Studio 2022 with the ASP.NET and web development workload installed.
  • A Microsoft Entra tenant (workforce or external). If you don’t have one, choose from the following methods:
  • The account you use must have permissions to manage applications in your tenant. Any of the following Microsoft Entra roles have the required permissions:
    • Application Administrator
    • Application Developer
    • Cloud Application Administrator

Create your project and connect it to the Microsoft identity platform

  1. In Visual Studio, create or open an ASP.NET Model–view–controller (MVC) project, or an ASP.NET Web API project. For this quickstart, you use the ‘ASP.NET Core Web App (Razor Pages) template.
  2. Enter Project Name, for example,‘sample-asp-dotnet-webapp’ and the Location where you’d like to create the project then select Next.
  3. In the Framework selection, select .NET 8.0 (Long Term Support).
  4. Under Authentication Type, select Microsoft identity platform.

If you’re creating your app from an empty project template in Visual Studio or already have an existing ASP.NET web app and would like to add Microsoft Entra ID authentication, follow these steps:

  1. Open the solutions explorer and select Connected Services.

  2. When the Connected Services pane opens on Visual Studio, select Add a service dependency or use the + icon.

    Screenshot showing the Connected Services pane on Visual Studio.

  3. From the dropdown list, select Microsoft identity platform. You can use the search tab if needed.

    Screenshot showing Microsoft identity platform and other service dependencies on Visual Studio.

  4. Microsoft identity platform shows under service dependencies in the Connected Services pane, as shown:

    Screenshot showing Microsoft identity platform successfully connected as a service dependency on Visual Studio.

Install required components

To use Microsoft identity platform in your project, you need to install the dotnet msidentity tool. This command line tool enables you to create Microsoft Entra app registrations. It also updates your app to use Microsoft identity platform by modifying the configuration files of your ASP.NET Core applications (MVC, Razor Pages, Blazor WebAssembly (WASM), Blazor WASM Hosted, Blazor Server).

If you don't have the dotnet msidentity tool installed on your device, Visual Studio prompts you to install it, as shown:

Screenshot showing a Visual Studio prompt to install the dotnet msidentity tool

You can install the dotnet msidentity tool from your command line by running:

dotnet tool install --global Microsoft.dotnet-msidentity --version 2.0.8

Once you complete installing the dotnet msidentity tool, select Next to proceed to configuration.

Configure application to use Microsoft identity platform

The Microsoft identity platform connected service allows you to configure applications in either workforce or external tenants. To complete configuration, follow these steps:

  1. In the top right section, sign in to your Microsoft account. If you have multiple accounts, select the account with the tenant where you’d like to register your application.

    Screenshot showing the Visual Studio window where you configure the application to use Microsoft identity platform.

  2. Once you're signed in, you see a list of applications registered in your tenant; with the application’s display name, client ID, and date created.

  3. If you're yet to create an app registration in the Microsoft Entra admin center, select Create new. Choose the tenant where you’d like to create the application and provide a display name, such as sample-web-app and Select Register. You can change the application's display name later.

    Screenshot showing the Visual Studio window where you register a new application.

  4. The application you created now shows in the list. Select it and choose Next.

    Screenshot showing a list of app registrations in your tenant.

  5. On the next screen, you can configure your app's permissions to access Microsoft Graph or other APIs. Select Next to complete the configuration later if you don't have the information yet.

  6. A screen with the summary of the changes being made to your project appears. Select Finish to complete the process.

    Screenshot showing a list of the changes being made to your project.

  7. A Dependency configuration progress screen showing the actual changes being in your project appears, as shown. Once successful, select Close.

    Screenshot showing the dependency configuration progress.

[Optional]: Configure permissions to access a web API

The Microsoft identity platform connected service allows you to optionally add permissions to access Microsoft Graph or any other web API. You can add support for your own API or third-party APIs registered with the Microsoft identity platform.

If you want to modify it, such as to add support for an API such as Microsoft Graph, select the three dots on the Microsoft identity platform service dependency, and then choose Edit dependency. You can repeat the steps and add the APIs that you want to grant access to.

Screenshot showing the window that allows you to add permissions to access Microsoft Graph or any other web API.

Run and test the app

To run the sample application, follow these steps:

  1. Navigate to Visual Studio’s top navigation bar and select Debug > Start Without Debugging to start building your application, as shown:

    Screenshot showing a sample application building on Visual Studio.

  2. Once your build is complete, a new browser window opens at https://localhost:7142.

  3. Depending on what your application does, Microsoft Entra ID will redirect you to perform the required action. For our sample application, the app prompts you to complete the sign-up and sign-in process as shown:

    Screenshot showing a sample application integrated with Microsoft identity platform running on Visual Studio.