Microsoft Account External Login Setup

Back to: ASP.NET Core Identity Tutorials

Microsoft Account External Login Setup

In this article, I will discuss Microsoft Account External Login Setup. Please read our previous article discussing Integrating Google External Authentication in ASP.NET Core MVC Application.

What is Microsoft Account External Login?

A Microsoft Account External Login in web development refers to integrating Microsoft’s authentication system into a web application to allow users to sign in using their Microsoft Account credentials. This feature enables users to sign in to your ASP.NET Core application using their existing Microsoft Account (which could be their Outlook, Live, Hotmail, or Xbox account, among others).

Microsoft Account External Login Setup

Setting up Microsoft Account as an external login option for our application allows the users to sign in using their existing Microsoft credentials. This not only simplifies the login process for users but also enhances security by using Microsoft’s authentication mechanisms.

To set up Microsoft Account external login in an ASP.NET Core application, we need to use the ASP.NET Core Identity system along with Microsoft Authentication. Let us proceed and understand the step-by-step process of integrating Microsoft Account external login into our application.

Register your Application in Microsoft Azure

To allow users to sign in with their Microsoft accounts, you need to register your application with the Microsoft identity platform. To do so, go to the Microsoft Azure portal and sign in with your Microsoft account. If you don’t have a Microsoft account, select Create one. So, please visit the URL https://portal.azure.com/, which will open the following page:

Once you click on the Next button, it will ask you to enter the password. Once you enter the password, click on the Sign-in button as shown in the image below.

Once you click on the Sign in button, it will open the following Verify Your Identity window. Click on the Email option as shown in the below image.

Once you click on the above, it will send a verification code to your Microsoft account and open the following verification window. Copy the verification code from your Microsoft account, paste it here, and then click the Verify button, as shown in the image below.

Once you click on the Verify button, your account will be created. After signing in, you are redirected to the following dashboard page.

Register a New Application:

Click on the “App registrations” button from the dashboard, as shown in the image below.

This will open the following App registrations page. Please click on the New Registration button from this page as shown in the image below.

Once you click on the New registration button, the following page will open. Here, you need to provide the details of your application, such as

• Name: Enter a descriptive name for your application (e.g., “MyApp External Login”, “Dot Net Tutorials“, etc.). I am giving the app name as Dot Net Tutorials.
• Supported Account Types: Choose who can use the application. For external logins, please select the “Accounts in any organizational directory (Any Microsoft Entra ID tenant – Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)” account type.
• Platform: Please select the platform as Web, as we will integrate external authentication in a web application. The other options are mobile, desktop, and spa platforms.
• Redirect URI: Specify the URI where authentication responses can be sent. This is usually your application’s URL followed by a specific path (e.g., https://yourapp.com/signin-microsoft). In our case, we are providing localhost, and my application is running on a 7080 port number, so I am providing https://localhost:7080/signin-microsoft as the redirect URL.

After providing the above details, please click the Register button, as shown in the image below.

Once you click the Register button, it will register your application and get the following dashboard. Here, you need to copy the value of the Application (client) ID, which is required in our ASP.NET Core Application when integrating Microsoft Authentication.

Get Application (Client) ID and Secret:

Once your app is registered, you will receive an Application (Client) ID. This is your app’s unique identifier. You also need to create a new client secret (a key that your application will use to authenticate with Microsoft’s servers). To Create the client secret for your application, from the left pane, select Manage => Certificates & secrets option as shown in the below image:

Once you click on the Certificates & secrets, the following page will open. Here, you need to click on the New client secret button as shown in the below image:

Once you click on the New client secret button, it will ask you to provide a description for the client secret and the expire time of the client secret as shown in the below image. Here, give a description, select an expiration time, and click on the Add button, as shown in the image below.

Once you click the Add button, it will add the client secret, as shown in the image below. Under Client secrets, copy the value of the client secret, which we will use in our ASP.NET Core Application when integrating Microsoft authentication.

Note: Client secret values cannot be viewed later except immediately after creation. Be sure to save the secret when created before leaving the page.

Once we have the Client ID and Client Secret, we can use these two pieces of information in our ASP.NET Core Application to implement Microsoft External Authentication, which we will discuss in our next article.

In the next article, I will discuss Integrating Microsoft External Authentication in ASP.NET Core MVC Application. In this article, I explain Microsoft Account External Login Setup. I hope you enjoy this article, Microsoft Account External Login Setup.