Azure AD Authentication not working (application to application)

ServiceStack version 5.0.2.

I am using the ServiceStack.Authentication.Aad nuget package (well, I pulled the source down from GitHub and I am using it directly since it has not been updated to support SSv5. Anyway, I have setup a web application in Azure and gotten my clientID and client secret. When I attempt to get a token in Postman, it succeeds. However, if I attempt to use the token to authenticate into my api I get a 401 error. I am sure it is a configuration item at this point, but I have been staring at it for 2 weeks now. Any help is most appreciated!

Web.config values:



// Store users in memory for testing container.Register(new MemoryCacheClient()); var userRep = new InMemoryAuthRepository(); container.Register(userRep);
        Plugins.Add(new SessionFeature());

        var appSettings = new AppSettings();
        var authProviders = new IAuthProvider[]
            new AadAuthProvider(appSettings),
            //new BasicAuthProvider() ,
            //new PrxAzureADOAuthProvider(appSettings), 
            //new OpenIdOAuthProvider(appSettings), 

        Plugins.Add(new AuthFeature(
                        () => new AuthUserSession(),
                        htmlRedirect: "/auth/aad"));

Hi, The ServiceStack.Authentication.Aad isn’t one of our packages. I haven’t seen Jacob on these forums for quite a while so he’s not likely to see this post, the best way to reach him would be to Raise an issue with the ServiceStack.Authentication.Aad project directly.

Another option may be to try the ServiceStack.Authentication.Azure project which builds off Jacbo’s ServiceStack.Authentication.Aad library to authenticate against Azure’s v2.0 endpoint.


Apparantly support for Ws-Federation is coming in dotnet core 2.0.1.
I’ve tested the prelease package yesterday, while connecting to Azure AD or to an on-premise ADFS server.
Both scenarios are working!

@mythz, does the inclusion in dotnet core mean we will get an “official” AuthProvider for this? (As I believe this would help many customers that are working on enterprise apps not allowing a social login)

Tested the code from:

Please submit any feature requests to UserVoice so demand for them can be measured.