'Policies work locally, but do not work once deployed to Azure App Service
I am using ASP.NET Core 6.0 and deploying to Azure App Service. And I am having a weird issue where Azure AD based Policies work when I spin up locally in development mode, but they do not when pushed to Azure App Service; authorized pages throw 403s.
// Add services to the container.
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"));
builder.Services.AddAuthorization(options =>
{
// By default, all incoming requests will be authorized according to the default policy.
// options.FallbackPolicy = options.DefaultPolicy;
options.AddPolicy("Writers", policy => policy.RequireRole("Task.Write"));
options.AddPolicy("Approvers", policy => policy.RequireRole("Task.Approve"));
});
builder.Services.AddRazorPages()
.AddMicrosoftIdentityUI();
I am now suspecting this part of code has something to do with it. But not too sure.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts(); // This line?
}
Any suggestion would be appreciated.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|