This is a Blazor Server based app that connects to a backend Azure Key Vault. It also uses Azure SignalR.
The following identity settings need to be configured before the project can be successfully executed. For more info see https://aka.ms/dotnet-template-ms-identity-platform.
The Domain name would be your Azure Active Directory, usually in the form of [tenant name].onmicrosoft.com. The Tenant Id would also be found in your Azure Active Directory, in the form of a GUID.
The Client Id and Client Secret would be part of your App Registration process. You can follow the process here to create your App Registration: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app. As a further note when you create your App Registration, your Redirect Url would initially be http://localhost:[port number].
The Azure Key Vault name would be the name of your Azure Key Vault. For more information, pay attention to the Azure Key Vault Setup section below.
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "",
"TenantId": "",
"ClientId": "",
"ClientSecret": "",
"CallbackPath": "/signin-oidc"
},
"KeyVaultName": "",
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*",
"KeyVaultApi": {
"BaseUrl": "https://<Your Azure Key Vault Name>.vault.azure.net",
"Scopes": "https://vault.azure.net/user_impersonation"
},
"ManagementApi": {
"BaseUrl": "https://management.azure.com",
"Scopes": "https://management.azure.com/user_impersonation"
},
"Management": {
"SubscriptionId": "<Your Subscription Id where Azure Key Vault is hosted>",
"ResourceGroupName": "<Your Resource Group hosting the Azure Key Vault instance>"
}
}
Note that your user would need to be able to access the management API so the app can determine if a individual secret can be accessed.