DEV Community


Discussion on: Migrating from old authentication code in ASP.NET with Microsoft.Identity.Web and Azure AD

timmi4sa profile image

Thanks for the article. I would strongly disagree with your assessment that Microsoft made things easier; what they did is turn a black box called Identity 2 (a somewhat extensible but lacking documentation to do so) implementation into a complete black magic! The Identity 2 was the reason that I felt so disadvantaged and dumbfounded since at least 2013, so much so that I had to literally drop everything for a complete month and study OAuth 2 framework to be able to start to comprehend that all that Microsoft did is help us "walk the last mile" to create and store an authentication ticket and store/register the users. But all this "extensible" data store and configuration had obfuscated the simplicity of the OAuth2 framework (along with the OpenIdConnect extension). Pair this with an inability to separate the UI from the database connection (something that arguably has no place in the UI tier unless it's a tiny throw-away app) and you get a classic case of disservice. So thank you for the overview, but no thank you to Microsoft.

christosmatskas profile image
Christos Matskas Author

Hi @timmi4sa , thanks for your comment. I'm sorry you had this experience with the Microsoft Identity platform. The whole point of the new MSAL libraries and, in pariticular, Microsoft.Identity.Web is to hide most of the complexities and enable developers to quickly get off the ground when it comes to authenticating and authorizing users. However, the individual libraries that are needed to interact with the OAuth and OIDC flows are still there if you have more advanced needs and need to customize the process. You don't need to if you don't want/have to but everything's still there.
Let us know if you have specific feedback that you would like to share with us and we'll make sure it get's passed to our engineering teams. thx