Azure AD Support
Radzen Blazor applications support authentication and authorization against Azure AD.
- Radzen application users can login via their Azure AD credentials.
- Radzen application developers can implement authorization via Azure AD groups.
Enable Azure AD security
To enable Active Directory support in Radzen follow these steps.
- Click the security link at the top right corner (next to data).
- Select Azure AD from the provider dropdown.
- Enter all details (ClientSecret is required only if you have a data source with Azure AD security).
- Click the Save button.
You can get the ClientID and TenantID of your application from the Azure Portal in App Registrations.
- Find your application
- Click it to open the settings
- Use Application (client) ID for ClientID
- Use Directory (tenant) ID for TenantID.
http://localhost:5000/signin-oidc as a Redirect URI in your Azure app registration. Remember to also register the final Redirect URI after deploying your application.
Specify the access of a page
Radzen allows you to specify what groups can access a specified page.
- Create Azure AD application roles by following the official documentation.
- Right-click a page in Radzen and select the Properties menu item.
- Specify what custom roles can access the page.
Use API protected by Azure AD
Once you have enabled Azure AD security for your Radzen Blazor application you can use a data source that requires Azure AD login. To do that you have to set the ClientSecret setting in the Security configuration page.
You can create a client secret from the Azure application settings.
When you define the Azure AD protected data source in Radzen simply check “Azure AD” as authentication method. You don’t need to enter any further configuration. Radzen will use the one from the Security settings.