Add multiple AAD authentication options using AddMicrosoftIdentityWebAppAuthentication not possible #971
Description
Which version of Microsoft Identity Web are you using?
Microsoft Identity Web 1.6.0
Where is the issue?
- Web app
- Sign-in users
- Sign-in users and call web APIs
- Web API
- Protected web APIs (validating tokens)
- Protected web APIs (validating scopes)
- Protected web APIs call downstream web APIs
- Token cache serialization
- In-memory caches
- Session caches
- Distributed caches
- Other (please describe)
I have an app which needs to support authentication using multiple AAD's, but if I try to call AddMicrosoftIdentityWebAppAuthentication multiple times it seams that only the last one takes affect, but I get a "Unable to unprotect the message.State" exception although I've set different CallbackPath.
Is there an other way to do this?
"azuread1": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "azuread1.onmicrosoft.com",
"TenantId": "xxxxx",
"ClientId": "xxxxxx",
"ClientSecret": "xxxxx",
"CallbackPath": "/signin-oidc/azuread1",
"SignedOutCallbackPath": "/signout-callback-oidc"
},
"azuread2": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "azuread2.onmicrosoft.com",
"TenantId": "yyyyy",
"ClientId": "yyyyy",
"ClientSecret": "yyyyy",
"CallbackPath": "/signin-oidc/azuread2",
"SignedOutCallbackPath": "/signout-callback-oidc"
},services.AddMicrosoftIdentityWebAppAuthentication(configuration: Configuration,
configSectionName: "azuread1",
openIdConnectScheme: "azuread1",
cookieScheme: null);
services.AddMicrosoftIdentityWebAppAuthentication(configuration: Configuration,
configSectionName: "azuread2",
openIdConnectScheme: "azuread2",
cookieScheme: null);If I try to logging using azuread1 it will say the user dows not exist in azuread2.onmicrosoft.com, while if I log in using azuread2 I get an "Unable to unprotect the message.State" exception.