![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![[DEALS] The All-in-One Microsoft Office Pro 2019 for Windows: Lifetime License + Windows 11 Pro Bundle (89% off) & Other Deals Up To 98% Off](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![Is this too much for a modular monolith system? [closed]](https://i.sstatic.net/pYL1nsfg.png)
_Andreas_Prott_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![What features do you get with Gemini Advanced? [April 2025]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2024/02/gemini-advanced-cover.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Apple Shares Official Trailer for 'Long Way Home' Starring Ewan McGregor and Charley Boorman [Video]](https://www.iclarified.com/images/news/97069/97069/97069-640.jpg)
![Apple Watch Series 10 Back On Sale for $299! [Lowest Price Ever]](https://www.iclarified.com/images/news/96657/96657/96657-640.jpg)
![EU Postpones Apple App Store Fines Amid Tariff Negotiations [Report]](https://www.iclarified.com/images/news/97068/97068/97068-640.jpg)
![Apple Slips to Fifth in China's Smartphone Market with 9% Decline [Report]](https://www.iclarified.com/images/news/97065/97065/97065-640.jpg)
Replace Twilio-based OTP (SMS login) system with Azure Active Directory (Azure AD)
Switching your .NET application from Twilio-based authentication (like SMS 2FA/OTP) to Active Directory authentication (either Azure AD or on-prem AD) involves replacing your current authentication mechanism with one based on enterprise identity management. After the migration, authentication will be secured through Azure Active Directory, supporting Single Sign-On (SSO) and ready for Multi-Factor Authentication (MFA). The identity storage is fully managed within Azure AD, removing the need for custom solutions. User onboarding will automatically be handled through Active Directory, simplifying access management. SMS-related costs, such as those from Twilio, will be eliminated. Lastly, the overall enterprise compliance posture will be improved through standardized and secure identity practices. Let’s break this down clearly: Pre-Requisites: Your app is built in ASP.NET Core (.NET 5, 6, 7 or 8). You have access to an Azure AD tenant. You are able to register applications in Azure AD (via Azure Portal or your AD admin). Your app currently uses Twilio for OTP logins (e.g., phone number + code). Overview of Key Differences Twilio OTP : User Identity Source uses a Custom database or phone-based Auth Type uses one time pass code (OTP) using SMS Security & Scalability are Basic User Experience is Manual login Auth Azure AD Authentication : User Identity Source uses Azure AD (SSO, corporate directory) Auth Type is OAuth2 + OpenID Connect Security & Scalability - Enterprise-grade (MFA, conditional access) User Experience - Seamless SSO, AD-integrated login Step-by-Step : Switch from Twilio to Active Directory Authentication Step 1: Identify Your Target AD Azure Active Directory (Azure AD) – for cloud-based authentication (common for web apps) On-Premises Active Directory – use Windows Authentication or LDAP via a VPN or internal network Most modern .NET Core apps use Azure AD for seamless SSO and federation. Step 2: Remove Twilio Auth Logic Remove or comment out OTP generation and SMS logic in your login flow Typically, this would be in services like AuthService, OTPController, or middleware Example: //C# // Remove code that sends verification code via Twilio // twilioClient.SendMessage(phoneNumber, "Your OTP is..."); Step 3: Add Azure AD Authentication (for ASP.NET Core) 3.1. Install the NuGet Package: bash: dotnet add package Microsoft.AspNetCore.Authentication.AzureAD.UI For .NET 6+, use Microsoft.Identity.Web 3.2. In Program.cs or Startup.cs: //If .NET 6+ //C# builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme) .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd")); builder.Services.AddControllersWithViews(); //If .NET Core 3.1/5.0: services.AddAuthentication(AzureADDefaults.AuthenticationScheme) .AddAzureAD(options => Configuration.Bind("AzureAd", options)); 3.3. In appsettings.json: "AzureAd": { "Instance": "https://login.microsoftonline.com/", "Domain": "yourcompany.com", "TenantId": "YOUR_TENANT_ID", "ClientId": "YOUR_CLIENT_ID", "CallbackPath": "/signin-oidc" 3.4. Add Authentication Middleware: //C# app.UseAuthentication(); app.UseAuthorization(); Step 4: Protect Your Controllers/Pages //C# [Authorize] public class DashboardController : Controller { public IActionResult Index() { return View(); } } Step 5: (Optional) Display AD Info or Roles //C# User.Identity.Name; // Gets AD username User.IsInRole("Admin"); // Role-based access Note: If you need to access more user info (email, group membership, etc.), you can use Microsoft Graph API. Final Step: Test the Authentication Flow When users hit a protected route, they should be redirected to Microsoft login After login, they’re redirected back to your app with an authenticated session
Switching your .NET application from Twilio-based authentication (like SMS 2FA/OTP) to Active Directory authentication (either Azure AD or on-prem AD) involves replacing your current authentication mechanism with one based on enterprise identity management.
After the migration, authentication will be secured through Azure Active Directory, supporting Single Sign-On (SSO) and ready for Multi-Factor Authentication (MFA).
The identity storage is fully managed within Azure AD, removing the need for custom solutions.
User onboarding will automatically be handled through Active Directory, simplifying access management.
SMS-related costs, such as those from Twilio, will be eliminated.
Lastly, the overall enterprise compliance posture will be improved through standardized and secure identity practices.
Let’s break this down clearly:
Pre-Requisites:
- Your app is built in ASP.NET Core (.NET 5, 6, 7 or 8).
- You have access to an Azure AD tenant.
- You are able to register applications in Azure AD (via Azure Portal or your AD admin).
- Your app currently uses Twilio for OTP logins (e.g., phone number + code). Overview of Key Differences
Twilio OTP :
User Identity Source uses a Custom database or phone-based
Auth Type uses one time pass code (OTP) using SMS
Security & Scalability are Basic
User Experience is Manual login
Auth Azure AD Authentication :
User Identity Source uses Azure AD (SSO, corporate directory)
Auth Type is OAuth2 + OpenID Connect
Security & Scalability - Enterprise-grade (MFA, conditional access)
User Experience - Seamless SSO, AD-integrated login
Step-by-Step : Switch from Twilio to Active Directory Authentication
Step 1: Identify Your Target AD
Azure Active Directory (Azure AD) – for cloud-based authentication (common for web apps)
On-Premises Active Directory – use Windows Authentication or LDAP via a VPN or internal network
Most modern .NET Core apps use Azure AD for seamless SSO and federation.
Step 2: Remove Twilio Auth Logic
Remove or comment out OTP generation and SMS logic in your login flow
Typically, this would be in services like AuthService, OTPController, or middleware
Example:
//C#
// Remove code that sends verification code via Twilio
// twilioClient.SendMessage(phoneNumber, "Your OTP is...");
Step 3: Add Azure AD Authentication (for ASP.NET Core)
3.1. Install the NuGet Package:
bash: dotnet add package Microsoft.AspNetCore.Authentication.AzureAD.UI
For .NET 6+, use Microsoft.Identity.Web
3.2. In Program.cs or Startup.cs:
//If .NET 6+
//C#
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"));
builder.Services.AddControllersWithViews();
//If .NET Core 3.1/5.0:
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
3.3. In appsettings.json:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "yourcompany.com",
"TenantId": "YOUR_TENANT_ID",
"ClientId": "YOUR_CLIENT_ID",
"CallbackPath": "/signin-oidc"
3.4. Add Authentication Middleware:
//C#
app.UseAuthentication();
app.UseAuthorization();
Step 4: Protect Your Controllers/Pages
//C#
[Authorize]
public class DashboardController : Controller
{
public IActionResult Index()
{
return View();
}
}
Step 5: (Optional) Display AD Info or Roles
//C#
User.Identity.Name; // Gets AD username
User.IsInRole("Admin"); // Role-based access
Note: If you need to access more user info (email, group membership, etc.), you can use Microsoft Graph API.
Final Step: Test the Authentication Flow
- When users hit a protected route, they should be redirected to Microsoft login
- After login, they’re redirected back to your app with an authenticated session
