This walkthrough will run through setting up AdminUI manually in Azure.
The IdentityExpress Admin UI integrates with an IdentityServer installation for authentication and authorization.
AdminUI is deployed a single Azure Web Application.
It is envisaged that it will be configured to communicate with your existing (external) identity server.
Before beginning the installation, please ensure that you have an
Duende IdentityServer installation and either a
SqlServer database set up.
If you already have a working IdentityServer installation up and running then this walkthrough is for you.
This walkthrough will take you through the entire Azure configuration process, resulting in a working environment for IdentityExpress AdminUI which is in communication with your IdentityServer installation. This will also include migrating your user store to the AdminUI Identity Schema.
Configure a Database
AdminUI currently only supports
SqlServer. These can run in any azure or non-azure service.
Any used databases must accept remote connections, also ensure that your firewall allows connections on any used ports.
Create Azure Website
Initially you will want to create an Azure Web App (note this process can also be done with Azure VM's, though you will need to follow the AdminUI IIS Installation guide.
Once you have a Website created for AdminUI, you will need to add some variables to the site in order to get it to run. The variables to be aware of are:
DbProviderThis sets the database type you are using. Supported types and their values are
IdentityConnectionStringThe connection string for your Identity database (users)
IdentityServerConnectionStringThe connection string for your IdentityServer database (clients, resources & grants)
AzureAppServiceLogging (optional)Used for debugging the API - see the enable logging page for more details.
AuthorityUrlUrl of the IdentityServer installation
UiUrlUrl of the AdminUI frontend
falseif you want to ensure IdentityServer discovery endpoint uses TLS. Must be true for production.
AuditRecordsConnectionStringThe connection string for AdminUI audits, if missing will default to the
AuditRecordsCultureLanguage used for generation of audit records, if missing or invalid will default to English (en-GB), supported cultures and their values are:
false, if missing will default to
falseno audit records will be generated for read actions e.g when a user views resources though AdminUI
AuthorityUrlUrl of the IdentityServer installation.
UiUrlUrl of the AdminUI frontend (this Web APP).
ApiUrlUrl of the API setup in the previous step.
AzureAppServiceLogging (optional)Used for debugging the UI - see the enable logging page for more details.
In Azure, these variables will need to be added manually to the App Settings header in the Application Settings blade.
For a full list of configuration settings, see Configuring AdminUI.
Deploying to Azure Web App
You will need to FTP the folders supplied to the correct Azure folder. To achieve this you will need an FTP Client such as Filezilla. Once you have an FTP Client setup, you will need to go in to the Deployment Credentials blade of your app underneath the deployment header and setup the FTP credentials. Next go into the Properties blade underneath the Settings Header. From this blade you can grab your FTP HOST NAME.
Using your FTP Client, connect to this website, from here navigate to Site -> wwwroot. You will want to place the contents of the relevant folder in this wwwroot folder.
Whether you are installing AdminUI for the first time or upgrading to the latest version of AdminUI, you will need to run some form of migrations to ensure your databases are inline with AdminUI
If you extract the zip on your local machine, You can run the following command to migrate your database
dotnet IdentityExpress.Manager.UI.dll -migrate all -connectionstring "Server=tcp:example.database.windows.net;Database=ExampleDatabase;User ID=Username;Password=Password;Trusted_Connection=False;Encrypt=True;" -dbprovider SqlServer
If you want more options when setting up your databases, then there are more fine tune migrations you can do, for more info see our full migration docs here
If you're having issues, we recommend you first enable logging.
If the logs do not report any issues, the logs are reporting "Could not find 'aspnetcorev2_inprocess.dll'" or you see a screen with the following error: "Http Error 500.32 - ANCM Failed to Load dll", then the most likely culprit is that you are running AdminUI on a .NET Framework App Service and will need to make 2 modifications to the web.config file.
First you will need to remove the
hostingmodel="inprocess" property from the
<aspNetCore> element and change the AspNetCoreModule from V2 to V1 by modifying the
<handlers> section like so:
<handlers> <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" /> </handlers> <aspNetCore processPath="dotnet" arguments=".\IdentityExpress.Manager.UI.dll" ... hostingModel="inprocess"> </aspNetCore>
<handlers> <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" /> </handlers> <aspNetCore processPath="dotnet" arguments=".\IdentityExpress.Manager.UI.dll" ...> </aspNetCore>
If you are still experiencing issues after this please don't hesitate to email us at [email protected]