Adventures with Azure AD: Group Overage Claim

I have an ASP.NET Core 2.2 Web App. My app authenticates users with OpenIdConnect against Azure Active Directory. I want to use the Security Groups of the authenticated user for role authorization inside my app. To do this, I needed to setup my App Registration in Azure AD to return the Security Groups as claims….

Adventures with Azure AD: Authorizing based on Security Groups

The repository https://github.com/mattruma/SampleAzureADAuthentication has a couple of a sample ASP.NET MVC Core 2.2 applications demonstrating how to authenticate a user against Azure AD and authorize a user based on Security Groups in Azure AD. The first example uses a custom IAuthorizationFilter to look at the groups in principal claims. The second example uses a custom…