Identity is a critical component in any mobile application. As there are multiple ways in authenticating (username/password or email/password is an approach), it is tricky to get it right. Using social login has grown across these years, but there’s a problem in – for a certain set of users not having accounts associated with the providers that you support.
Azure AD provides a single click solution to authenticate users via Multi Factor Authentication. We will follow the steps in creating a solution.
- Login to Azure Management Portal and check for Azure Active Directory.
- Select Default Directory in the portal and hit “Add New User” from the bottom Pane. We get to see a “Add User” Dialog.
- Enter the details and pass onto the next step.
Check for Multi-Factor Authentication.
- We will be asked to create a new password.
- In the last step, Azure creates a temporary password. Note the password for future purposes.
Creating a new User is complete.
Now to explain MFA with Azure Active Directory, we will create an MVC application.
- Create a new MVC Project.
- Select the “Change-Authentication“ button,
- Select “Work or School Accounts”, enter your domain names and check Read directory data.
- On clicking OK, it creates a new project. When the new project is created, look for Single Sign-On option.
- Select “Authentication with Azure Active Directory”. A wizard opens up, hit Next.
- Check for the default domain and select “Create a new Azure AD” and hit Next.
- In the next step, select “Read directory data”. Follow the steps as below. Hit Yes in all of the dialogs.
- Once all the process finishes, build the project.
Running the Project.
- When we run the project, we get to see a Login screen. This Login screen is provided from Azure AD.As we have created a new user to the directory, use the same credentials and hit Sign-in.
- In the Login page, the application asks us to set up security verification. Hit “Set it up now”.
- Based on their choice of authentication, users can make a choice. We have selected – Authentication Phone. Enter in the phone number, this will be receiving a security code.
- In this step we receive a code to the phone number. Enter the same here.
- Once the authentication steps are all done, we are brought back to the Login page. The application asks to update the password.
- After updating the password, the application asks to give permission to read directory data and read your profile. Hit Accept and we will be seeing the Home screen.
- When all goes well, we should be able to see the home screen.