Adding an Azure Active Directory by using Connected Services in Visual Studio

By using Azure Active Directory (Azure AD), you can support Single Sign-On (SSO) for ASP.NET MVC web applications, or Active Directory Authentication in Web API services. With Azure AD Authentication, your users can use their accounts from Azure Active Directory to connect to your web applications. The advantages of Azure AD Authentication with Web API include enhanced data security when exposing an API from a web application. With Azure AD, you do not have to manage a separate authentication system with its own account and user management.

This article and its companion articles provide details of using the Visual Studio Connected Service feature for Active Directory. The capability is available in both Visual Studio 2017 and Visual Studio 2015.

At present, the Active Directory connected service does not support ASP.NET Core applications.


Connect to Azure Active Directory using the Connected Services dialog

  1. In Visual Studio, create or open an ASP.NET MVC project, or an ASP.NET Web API project. You can use the MVC, Web API, Single Page Application, Azure API App, Azure Mobile App, and Azure Mobile Service templates.

  2. Select the Project > Add Connected Service... menu command, or double-click the Connected Services node found under the project in Solution Explorer.

  3. On the Connected Services page, select Authentication with Azure Active Directory.

    Connected Services page

  4. On the Introduction page, select Next. If you see errors on this page, refer to Diagnosing errors with the Azure Active Directory Connected Service.

    Introduction page

  5. On the Single-Sign On page, select a domain from the Domain drop-down list. The list contains all domains accessible by the accounts listed in the Account Settings dialog of Visual Studio (File > Account Settings...). As an alternative, you can enter a domain name if you don’t find the one you’re looking for, such as You can choose the option to create an Azure Active Directory app or use the settings from an existing Azure Active Directory app. Select Next when done.

    Single-sign on page

  6. On the Directory Access page, select the Read directory data option as desired. Developers typically include this option.

    Directory access page

  7. Select Finish to start modifications to your project to enable Azure AD authentication. Visual Studio shows progress during this time:

    Active Directory connected service progress

  8. When the process is complete, Visual Studio opens your browser to one of the following articles, as appropriate to your project type:

  9. You can also see the Active Directory domain on the Azure portal.

How your project is modified

When you add the connected service the wizard, Visual Studio adds Azure Active Directory and associated references to your project. Configuration files and code files in your project are also modified to add support for Azure AD. The specific modifications that Visual Studio makes depend on the project type. See the following articles for details:

Next steps