SaaSFactory.TenantAuth.AzureAD.Enhanced
2.0.0
dotnet add package SaaSFactory.TenantAuth.AzureAD.Enhanced --version 2.0.0
NuGet\Install-Package SaaSFactory.TenantAuth.AzureAD.Enhanced -Version 2.0.0
<PackageReference Include="SaaSFactory.TenantAuth.AzureAD.Enhanced" Version="2.0.0" />
<PackageVersion Include="SaaSFactory.TenantAuth.AzureAD.Enhanced" Version="2.0.0" />
<PackageReference Include="SaaSFactory.TenantAuth.AzureAD.Enhanced" />
paket add SaaSFactory.TenantAuth.AzureAD.Enhanced --version 2.0.0
#r "nuget: SaaSFactory.TenantAuth.AzureAD.Enhanced, 2.0.0"
#:package SaaSFactory.TenantAuth.AzureAD.Enhanced@2.0.0
#addin nuget:?package=SaaSFactory.TenantAuth.AzureAD.Enhanced&version=2.0.0
#tool nuget:?package=SaaSFactory.TenantAuth.AzureAD.Enhanced&version=2.0.0
SaaSFactory.TenantAuth.AzureAD v2.0
Production-ready, multi-tenant Azure AD authentication for ASP.NET Core (.NET 8) with enhanced features, flexible audience validation, and configurable authentication policies.
๐ What's New in v2.0
- โ Enhanced Azure AD Integration with flexible audience validation
- โ Configurable Authentication Policies (optional global authentication)
- โ Improved Debugging with detailed error logging
- โ Legacy Format Support for better Azure AD compatibility
- โ Production Tested with real Azure AD environments
- โ Backward Compatible - all v1.x functionality preserved
Quick Start
Enhanced Authentication (Recommended)
`csharp using SaaSFactory.TenantAuth.AzureAD;
var builder = WebApplication.CreateBuilder(args);
// Enhanced authentication with advanced features builder.Services.AddEnhancedSaaSFactoryAzureADAuth( builder.Configuration, enableStrictTenantValidation: true, enableGlobalAuthPolicy: false, supportLegacyAudienceFormats: true );
builder.Services.AddControllers(); var app = builder.Build();
app.UseAuthentication(); app.UseAuthorization(); app.UseTenantValidation(); app.MapControllers(); app.Run(); `
Configuration
json { "AzureAd": { "Instance": "https://login.microsoftonline.com/", "Domain": "yourdomain.onmicrosoft.com", "TenantId": "your-tenant-id", "ClientId": "your-client-id", "Audience": "api://your-client-id" } }
Features
- ๐ Multi-tenant security with automatic tenant isolation
- ๐ข Enterprise-grade Azure AD integration
- โก High performance with memory caching
- ๐ Comprehensive logging and diagnostics
- ๐ง Flexible audience validation (supports both 'appId' and 'api://appId')
- โ๏ธ Configurable authentication policies
- ๐งช Well tested with unit and integration tests
Requirements
- .NET 8.0 or later
- Azure AD tenant with registered application
License
MIT License
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net8.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 8.0.0)
- Microsoft.Extensions.Caching.Memory (>= 8.0.1)
- Microsoft.Extensions.Configuration.Abstractions (>= 8.0.0)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)
- Microsoft.Extensions.Http (>= 8.0.1)
- Microsoft.Identity.Web (>= 2.15.2)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 2.0.0 | 149 | 8/14/2025 |
Major update v2.0.0 with enhanced Azure AD integration:
NEW ENHANCED FEATURES:
โ
Flexible audience validation (supports both 'appId' and 'api://appId' formats)
โ
Configurable global authentication policy (optional authentication requirement)
โ
Enhanced logging and debugging capabilities with detailed error context
โ
Support for legacy audience formats (backward compatibility for Azure AD variations)
โ
Optional strict tenant validation (can be disabled for external apps)
โ
Production-tested with real Azure AD environments
WHAT'S NEW:
- AddEnhancedSaaSFactoryAzureADAuth() method with advanced configuration options
- Flexible audience format handling for better Azure AD compatibility
- Enhanced error logging with detailed validation context
- Configurable authentication policies for different application types
BACKWARD COMPATIBILITY:
- Original AddSaaSFactoryAzureADAuth() method remains unchanged
- Existing applications continue to work without modifications
- All v1.x features preserved and enhanced
MIGRATION GUIDE:
- New projects: Use AddEnhancedSaaSFactoryAzureADAuth() for advanced features
- Existing projects: No changes required, or optionally upgrade to enhanced method
- External applications: Enhanced method provides better Azure AD compatibility
Includes all v1.x features:
- Strict per-tenant issuer/audience validation (fail-closed)
- Composite tenant resolution (header, path, subdomain, claims)
- DI-first setup with Microsoft.Identity.Web (JwtBearer)
- Structured logging, metrics, and optional tracing
- Dev-friendly idp-config endpoint and probe
- Comprehensive unit/integration tests