How to use the Microsoft Graph Toolkit in an ASP.Net Core web app with Microsoft Entra ID backend authentication - aka a Proxy Provider.
The Requirements
A new Quality Management System web app that needed various levels of authorisation for users of the system.
Quality Managers should be able to assign a NonConformance (NC) to any Quality Supervisor for investigation.
Quality Supervisors in turn should be able to assign Actions to any employee in the company.
An assignment of an NCs or Action should send an email to the assignee notifying them with the details of the NC/Action anb the assigner.
The Solution
Authentication to the system is granted by authenticating with Microsoft Entra.
Authorisation to view information and perform actions on the system is carried out using Application Roles specified in the Application Registration within the Azure portal:
- Quality Managers
- Quality Supervisors
The selection of an employee for assignment is performed in the UI of the web app with the help of the Microsoft Graph Toolkit:
Automated emails are sent using the Microsoft Graph Client. The email will be sent To the assignee’s email address - but most importantly, it will appear in the assigner’s outbox.
Resources
- Microsoft Entra cloud-based identity provider
- Microsoft Entra ID Application Roles
- Microsoft Graph
- Microsoft Graph Client
- Microsoft Graph Toolkit
- Microsoft Graph Toolkit Playground
- Proxy provider
- Proxy Provider and ASP.NET Core
- People picker component in Microsoft Graph Toolkit
- The Ultimate Beginner’s Guide to Microsoft Graph