Sorry, but how soon I can expect video. I've also started side project for learning. Thanks sir

Hi Akash, Thank you for reaching out. I will try to make it ASAP. AD authentication is useful mostly for the project in the organization and not suitable for personal or customer facing applications. I'm happy you started with a new project for learning. Happy learning!

Hi Akash, Thank you for waiting on your ask. I'm on it now and will make video within this week. You will see a new video on Azure AD SSO in a day, hope that will keep you busy till your video comes!

Glad it was helpful!

Hi, thank you for watching. Here is the latest video on Azure AD with SSO for multiple applications. kzbin.info/www/bejne/iXOUkK1_ZpaFe6s Hope you will like this too and useful. Please share your comments after watching it.

Thanks for watching!

Hi Sandeep, Yes, it is possible. Here is the video showing how to do what you asked. kzbin.info/www/bejne/ZoSTkqamhqarqMU Hope this helps. Happy learning!

Hi, Thank you for asking your questions. In the video, I show how to create and configure the values in .Net and Angular apps. My demo video had a completed, working application. Important steps are to know how to create an App Registration and configure its values to your apps. Hope this is clear and helps.

Hi there! Sorry for the delayed response. Thank you for the question! 😊 Yes, MSAL authentication can be implemented with dynamic configuration. Just to clarify, are you referring to environment-based dynamic configuration (e.g., switching settings for dev, staging, or production) or something else, like multi-tenant authentication where the app adjusts Azure AD settings dynamically based on the tenant? Both scenarios are possible: Environment-Based Dynamic Configuration: This is often used in real-world apps to manage different Azure AD settings (like client IDs or redirect URIs) for various environments. Multi-Tenant Apps: For applications needing to authenticate users from different Azure AD tenants, dynamic configuration can handle tenant-specific settings at runtime. If you could share more details about your use case, I’d be happy to explore this further and possibly create a video on it! 😊 Best regards, Karthik Learn Smart Coding

@learnsmartcoding thank you so much brother, it means a lot 💘🙏

Hi Ravi, Thank you for your kind words! I’m glad the videos helped clarify some of the complexities around authentication and authorization. Regarding your scenario where the Web API is being exposed to an external app hosted in a different Azure AD tenant: To make this work, you can configure your Web API as a multi-tenant application. Here’s an overview of how you can approach it: Enable Multi-Tenant Support for the Web API: In the Azure AD App Registration of your Web API, update the authentication settings to allow "Accounts in any organizational directory". This makes your API accessible to users from other Azure AD tenants. Grant Permissions to the External App: The external app (in its own tenant) will need to request API permissions to access your Web API. The admin of the external app will need to provide consent for the requested permissions. Token Validation in Your Web API: Your Web API needs to be configured to accept tokens from multiple tenants. This involves handling token issuer validation to allow tokens from different tenants. By following these steps, the external app should be able to authenticate and access your Web API securely.

Hi Ayush, I am glad it helped you. Did you succeed in implementing application using Azure ad?

I will make a video on SSO within this week. Hope that helps.

@@learnsmartcoding Yes it really helped me to integrate Azure AD within my application.

@@learnsmartcoding Thank you. Eagerly waiting for the SSO video.

@learnsmartcoding when the SSO video will come?

Hi, If your organization does not allow you to grant admin consent directly, you'll need to request approval from an admin. Here's a step-by-step guide: Create the App Registration Register your applications (Angular and .NET Core Web API) in Azure AD as usual. Add API Permissions Add the required permissions for your API. For example, if your Web API exposes scopes, ensure those are added. Submit the Admin Consent Request In the Azure portal, navigate to API Permissions under your app registration. You’ll see a "Grant admin consent" button if you have the privilege, but since you don’t, you’ll see a banner stating that admin consent is required. Follow the link or use your organization’s approval process to submit the request. Work with Your Admin Provide your admin with details about the permissions you’re requesting and why they’re needed. You can also share links to Microsoft documentation if additional clarity is required. Await Approval Once the admin consents, you’ll be notified (or you can check back in the Azure portal to see if the permissions are now granted). Test Your App Once admin consent is granted, proceed with testing the authentication and ensure everything works as expected. If you're unsure about the admin approval process in your organization, you may need to contact your IT department or Azure AD admin team for guidance. Let me know if you need additional details!

Hi, are you looking for the application full implementation? Please clarify.

@@learnsmartcoding yes

Hi, Sure. I want to clarify your question. Are you looking for dotnet core web API 8 and Angular 18 courses?

@@learnsmartcoding yes i would say so

@@learnsmartcoding how to get the list of credit card list in the frontend? i can login and logout but the credit card list is not available do i have to run some sort of migration command to populate the data?

At 05:23 the all application tab shows you have used there are 3 application, and you have used those client id but in video it shows only 2 can you help with this ?

Hi Devan, Thank you for watching the video. Let's clarify few things. I have expense tracker app, one is based on AD B2C and one is based on Azure AD authentication. For this video, we use Azure AD authentication so you should refer to this branch. github.com/learnsmartcoding/expense-tracker-web-api/tree/feature/azure_ad_authentication github.com/learnsmartcoding/expense-tracker-web/tree/feature/azure_ad_authentication If you follow the video at your end and then replace the values in the above repo code, it should work. Please explain briefly if you dont succeed after this try. Hope this helps.

Hi Devan, As per the time you mentioned, you might see many app on screen but dont worry as they are for other app purpose. for our app, we need 2 registrations one for dotnet core web api (backend) and one for angular ui (front end). if you configure those correct and replace the config values in the repo code I mentioned in previous comments, it should work. Please watch this video one more time, follow along with the video and try that out. if you face anu issue, drop a comment and I will help you out. Hope this helps.

Hi Patel, Azure AD is mainly for the users in the organization. Azure AD protected applications cannot be used if the user is not part of organization. Please let me know if you have any other questions. hope this helps

Hi Akshay, Use this for testing EmailId : apptester@learnsmartcodinggmail.onmicrosoft.com Password: Nofa59375525

Hi, The client secret is typically used when the backend needs to communicate with another service to obtain a token. From a security perspective, it's crucial to safeguard sensitive configuration values like the Azure client ID, client secret, and other credentials. The best practice is to store these values in environment variables, or even better, in Azure Key Vault for enhanced security. This ensures that sensitive data is not exposed within the application code or configuration files. In my video, I primarily focused on demonstrating how Azure AD integrates with a .NET Core backend and Angular frontend, which is why I didn't go into the details of securely storing secrets, but the backend security is always a key consideration. Hope this helps and feel free to ask any other questions you may have.