If you've ever spent days configuring OAuth 2.0 and OIDC just to get enterprise authentication working, you're not alone. It's tedious, error-prone, and honestly — it shouldn't be this hard.
That's why I built and open-sourced AzureAdRazorLogin: a ready-to-deploy C# .NET 8 Razor Pages template that handles Azure Active Directory integration out of the box.
The Problem Worth Solving
In distributed, cloud-native architectures, identity is the new perimeter. Yet most teams still hand-roll their authentication setup — misconfiguring redirect URIs, mishandling token validation, or unknowingly introducing security drift across environments.
The result? Technical debt baked into your security layer before you've shipped a single feature.
What AzureAdRazorLogin Does Differently
Rather than following a tutorial and stitching together middleware, this solution gives you a secure baseline from line one.
🔐 Zero-Trust by Default
The app binds natively to Microsoft Entra ID (Azure AD) and enforces a global authorization fallback — every endpoint requires authentication unless explicitly exempted. No accidental public routes.
🔄 Full OIDC Lifecycle Handled
Token acquisition, encrypted cookie session persistence, and centralized logout — including terminating the session at the Azure AD identity provider — are all wired up and working on first run.
⚙️ Environment-Agnostic Config
Tenant IDs and Client IDs are abstracted via structured appsettings.json templates, making transitions between local dev, staging, and production seamless and predictable.
Why This Matters for Engineering Teams
| Without This | With AzureAdRazorLogin |
|---|---|
| Days of OIDC configuration | Deployed in minutes |
| Inconsistent security posture | Deterministic, standards-aligned baseline |
| Manual compliance checks | Microsoft-recommended security posture built-in |
| Custom boilerplate per project | Reusable, versioned open-source artifact |
The template is also CI/CD-ready and containerization-friendly — drop it into Azure App Services or AWS without any additional scaffolding.
Built for the Long Haul
This isn't just a snippet — it's governed like a real open-source project:
- 📄 MIT License
- 🤝 Contributor Covenant
- 🔀 Defined pull-request guidelines
The goal is a living, community-maintained security baseline that evolves with the .NET ecosystem.
Get Started
👉 Check out the full solution and docs: AzureAdRazorLogin on GitHub
If you've been burned by OIDC misconfigurations before, this is for you. Clone it, use it, contribute to it.
How are you handling identity standardization across your .NET microservices? Drop your approach in the comments 👇
#dotnet #azure #security #opensource #webdev #csharp #zerotrust
Top comments (0)