Azure-Samples · jennyf19 · Jul 13, 2020 · Jun 24, 2020 · Jul 6, 2020 · Jul 8, 2020
diff --git a/1-WebApp-OIDC/1-1-MyOrg/README.md b/1-WebApp-OIDC/1-1-MyOrg/README.md
@@ -163,7 +163,7 @@ cd "1-WebApp-OIDC\1-1-MyOrg"
      by this line:
 
      ```CSharp
-      services.AddSignIn(Configuration);
+       services.AddMicrosoftWebAppAuthentication(Configuration);
      ```
 
      This enables your application to use the Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School and Microsoft Personal accounts.

diff --git a/1-WebApp-OIDC/1-1-MyOrg/Startup.cs b/1-WebApp-OIDC/1-1-MyOrg/Startup.cs
@@ -34,7 +34,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             // Sign-in users with the Microsoft identity platform
-            services.AddSignIn(Configuration);
+            services.AddMicrosoftWebAppAuthentication(Configuration);
 
             services.AddControllersWithViews(options =>
             {

diff --git a/1-WebApp-OIDC/1-1-MyOrg/WebApp-OpenIDConnect-DotNet.csproj b/1-WebApp-OIDC/1-1-MyOrg/WebApp-OpenIDConnect-DotNet.csproj
@@ -25,8 +25,8 @@
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
     <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="3.0.0" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
     <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="3.0.0" />
   </ItemGroup>
 

diff --git a/1-WebApp-OIDC/1-2-AnyOrg/README-1-1-to-1-2.md b/1-WebApp-OIDC/1-2-AnyOrg/README-1-1-to-1-2.md
@@ -57,14 +57,14 @@ The actual sign-in audience (accounts to sign-in) is the lowest set of what is s
 
 In order to restrict users from specific organizations from signing-in to your web app, you'll need to customize your code a bit more to restrict issuers. In Azure AD, the token issuers are the Azure AD tenants which issue tokens to applications.
 
-In the `Startup.cs` file, in the `ConfigureServices` method, after `services.AddSignIn(Configuration)` add some code to validate specific issuers by overriding the `TokenValidationParameters.IssuerValidator` delegate.
+In the `Startup.cs` file, in the `ConfigureServices` method, after `services.AddMicrosoftWebAppAuthentication(Configuration)` add some code to validate specific issuers by overriding the `TokenValidationParameters.IssuerValidator` delegate.
 
 ```CSharp
     public void ConfigureServices(IServiceCollection services)
     {
     ...
     // Sign-in users with the Microsoft identity platform
-    services.AddSignIn(Configuration, options =>
+    services.AddMicrosoftWebAppAuthentication(Configuration, options =>
     {
         Configuration.Bind("AzureAd", options);
         // Restrict users to specific belonging to specific tenants

diff --git a/1-WebApp-OIDC/1-2-AnyOrg/README.md b/1-WebApp-OIDC/1-2-AnyOrg/README.md
@@ -155,7 +155,7 @@ cd "1-WebApp-OIDC\1-2-AnyOrg"
      by this line:
 
      ```CSharp
-      services.AddSignIn(Configuration);
+      services.AddMicrosoftWebAppAuthentication(Configuration);
      ```
 
      This enables your application to use the Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School and Microsoft Personal accounts.
@@ -221,14 +221,14 @@ These steps are encapsulated in the [Microsoft.Identity.Web](..\..\Microsoft.Ide
 
 In order to restrict users from specific organizations from signing-in to your web app, you'll need to customize your code a bit more to restrict issuers. In Azure AD, the token issuers are the Azure AD tenants which issue tokens to applications.
 
-In the `Startup.cs` file, in the `ConfigureServices` method, after `services.AddMicrosoftIdentityPlatformAuthentication(Configuration)` add some code to filter  issuers by overriding the `TokenValidationParameters.IssuerValidator` delegate.
+In the `Startup.cs` file, in the `ConfigureServices` method, after `services.AddMicrosoftWebAppAuthentication(Configuration)` add some code to filter  issuers by overriding the `TokenValidationParameters.IssuerValidator` delegate.
 
 ```CSharp
     public void ConfigureServices(IServiceCollection services)
     {
     ...
     // Sign-in users with the Microsoft identity platform
-    services.AddSignIn(Configuration);
+    services.AddMicrosoftWebAppAuthentication(Configuration);
 
     // Restrict users to specific belonging to specific tenants
     services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>

diff --git a/1-WebApp-OIDC/1-2-AnyOrg/Startup.cs b/1-WebApp-OIDC/1-2-AnyOrg/Startup.cs
@@ -34,7 +34,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             // Sign-in users with the Microsoft identity platform
-            services.AddSignIn(Configuration);
+            services.AddMicrosoftWebAppAuthentication(Configuration);
 
             services.AddControllersWithViews(options =>
             {

diff --git a/1-WebApp-OIDC/1-2-AnyOrg/WebApp-OpenIDConnect-DotNet.csproj b/1-WebApp-OIDC/1-2-AnyOrg/WebApp-OpenIDConnect-DotNet.csproj
@@ -18,8 +18,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
   </ItemGroup>
 
 </Project>
diff --git a/1-WebApp-OIDC/1-3-AnyOrgOrPersonal/README.md b/1-WebApp-OIDC/1-3-AnyOrgOrPersonal/README.md
@@ -150,7 +150,9 @@ In the **appsettings.json** file:
      by this line:
 
      ```CSharp
-      services.AddSignIn(Configuration);
+
+    services.AddMicrosoftWebAppAuthentication(Configuration);
+
      ```
 
      This enables your application to use the Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School and Microsoft Personal accounts.

diff --git a/1-WebApp-OIDC/1-3-AnyOrgOrPersonal/Startup.cs b/1-WebApp-OIDC/1-3-AnyOrgOrPersonal/Startup.cs
@@ -34,7 +34,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             // Sign-in users with the Microsoft identity platform
-            services.AddSignIn(Configuration);
+            services.AddMicrosoftWebAppAuthentication(Configuration);
 
             services.AddControllersWithViews(options =>
             {

diff --git a/1-WebApp-OIDC/1-3-AnyOrgOrPersonal/WebApp-OpenIDConnect-DotNet.csproj b/1-WebApp-OIDC/1-3-AnyOrgOrPersonal/WebApp-OpenIDConnect-DotNet.csproj
@@ -18,8 +18,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
   </ItemGroup>
 
 </Project>
diff --git a/1-WebApp-OIDC/1-4-Sovereign/README.md b/1-WebApp-OIDC/1-4-Sovereign/README.md
@@ -121,7 +121,7 @@ cd "1-WebApp-OIDC\1-4-Sovereign"
      by this line:
 
      ```CSharp
-      services.AddSignIn(Configuration);
+         services.AddMicrosoftWebAppAuthentication(Configuration);
      ```
 
      This enables your application to use the Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School and Microsoft Personal accounts.

diff --git a/1-WebApp-OIDC/1-4-Sovereign/Startup.cs b/1-WebApp-OIDC/1-4-Sovereign/Startup.cs
@@ -34,7 +34,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             // Sign-in users with the Microsoft identity platform
-            services.AddSignIn(Configuration);
+            services.AddMicrosoftWebAppAuthentication(Configuration);
 
             services.AddControllersWithViews(options =>
             {

diff --git a/1-WebApp-OIDC/1-4-Sovereign/WebApp-OpenIDConnect-DotNet.csproj b/1-WebApp-OIDC/1-4-Sovereign/WebApp-OpenIDConnect-DotNet.csproj
@@ -18,8 +18,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
   </ItemGroup>
 
 </Project>
diff --git a/1-WebApp-OIDC/1-5-B2C/README.md b/1-WebApp-OIDC/1-5-B2C/README.md
@@ -125,12 +125,12 @@ You can trigger the middleware to send an OpenID Connect sign-in request by deco
 Here is the middleware example:
 
 ```csharp
-      services.AddSignIn(Configuration, "AzureAdB2C");
+      services.AddMicrosoftWebAppAuthentication(Configuration, "AzureAdB2C");
 ```
 
 Important things to notice:
 
-- The method `AddSignIn` will configure the authentication based on the `MicrosoftIdentityOptions.cs` options. Feel free to bind more properties on `AzureAdB2C` section on `appsettings.json` if you need to set more options.
+- The method `AddMicrosoftWebAppAuthentication` will configure the authentication based on the `MicrosoftIdentityOptions.cs` options. Feel free to bind more properties on `AzureAdB2C` section on `appsettings.json` if you need to set more options.
 - The urls you set for `CallbackPath` and `SignedOutCallbackPath` should be registered on the **Reply Urls** of your application, in [Azure Portal](https://portal.azure.com).
 
 ## Next steps

diff --git a/1-WebApp-OIDC/1-5-B2C/Startup.cs b/1-WebApp-OIDC/1-5-B2C/Startup.cs
@@ -35,7 +35,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             // Configuration to sign-in users with Azure AD B2C
-            services.AddSignIn(Configuration, "AzureAdB2C");
+            services.AddMicrosoftWebAppAuthentication(Configuration, "AzureAdB2C");
 
             services.AddControllersWithViews()
                 .AddMicrosoftIdentityUI();

diff --git a/1-WebApp-OIDC/1-5-B2C/WebApp-OpenIDConnect-DotNet.csproj b/1-WebApp-OIDC/1-5-B2C/WebApp-OpenIDConnect-DotNet.csproj
@@ -18,8 +18,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
   </ItemGroup>
 
 </Project>
diff --git a/1-WebApp-OIDC/1-6-SignOut/README.md b/1-WebApp-OIDC/1-6-SignOut/README.md
@@ -66,7 +66,7 @@ services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationSch
 
 ### Clearing the token cache
 
-Your application can also intercept the logout event, for instance to clear the entry of the token cache associated with the account that signed out. We'll see in the second part of this tutorial (about the Web app calling a Web API), that the web app will store access tokens for the user in a cache. Intercepting the logout callback enables your web application to remove the user from the token cache. This is illustrated in the `AddWebAppCallsProtectedWebApi()` method of [WebAppServiceCollectionExtensions.cs](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs#L202-L208)
+Your application can also intercept the logout event, for instance to clear the entry of the token cache associated with the account that signed out. We'll see in the second part of this tutorial (about the Web app calling a Web API), that the web app will store access tokens for the user in a cache. Intercepting the logout callback enables your web application to remove the user from the token cache. This is illustrated in the `AddMicrosoftWebAppCallsWebApi()` method of [WebAppServiceCollectionExtensions.cs](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs#L202-L208)
 
 ### Single Sign-Out
 

diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/README.md b/2-WebApp-graph-user/2-1-Call-MSGraph/README.md
@@ -100,11 +100,9 @@ After the following lines in the ConfigureServices(IServiceCollection services)
  public void ConfigureServices(IServiceCollection services)
 {
     . . .
-    services.AddSignIn(Configuration);
-    // Token acquisition service based on MSAL.NET 
-    // and chosen token cache implementation
-    services.AddWebAppCallsProtectedWebApi(Configuration, new string[] { Constants.ScopeUserRead })
-        .AddInMemoryTokenCache();
+     services.AddMicrosoftWebAppAuthentication(Configuration)
+             .AddMicrosoftWebAppCallsWebApi(Configuration, new string[] { Constants.ScopeUserRead })
+             .AddInMemoryTokenCaches();
 ```
 
 The two new lines of code:

diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/Startup.cs b/2-WebApp-graph-user/2-1-Call-MSGraph/Startup.cs
@@ -39,17 +39,13 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             services.AddOptions();
-
-            services.AddSignIn(Configuration);
-
-            // Token acquisition service based on MSAL.NET
-            // and chosen token cache implementation
-            services.AddWebAppCallsProtectedWebApi(Configuration, new string[] { Constants.ScopeUserRead })
-               .AddInMemoryTokenCaches();
 
+            services.AddMicrosoftWebAppAuthentication(Configuration)
+                    .AddMicrosoftWebAppCallsWebApi(Configuration, new string[] { Constants.ScopeUserRead })
+                    .AddInMemoryTokenCaches();
             /*
                // or use a distributed Token Cache by adding 
-                           .AddDistributedTokenCaches();
+                    .AddDistributedTokenCaches();
 
                // and then choose your implementation. 
                // See https://docs.microsoft.com/en-us/aspnet/core/performance/caching/distributed?view=aspnetcore-2.2#distributed-memory-cache
@@ -111,11 +107,11 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
 
             app.UseEndpoints(endpoints =>
             {
-            endpoints.MapControllerRoute(
-                name: "default",
-                pattern: "{controller=Home}/{action=Index}/{id?}");
-            endpoints.MapRazorPages();
-        });
+                endpoints.MapControllerRoute(
+                    name: "default",
+                    pattern: "{controller=Home}/{action=Index}/{id?}");
+                endpoints.MapRazorPages();
+            });
         }
     }
 }
diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/WebApp-OpenIDConnect-DotNet.csproj b/2-WebApp-graph-user/2-1-Call-MSGraph/WebApp-OpenIDConnect-DotNet.csproj
@@ -19,8 +19,8 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Graph" Version="1.21.0" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
   </ItemGroup>
 
 </Project>
diff --git a/2-WebApp-graph-user/2-2-TokenCache/Properties/serviceDependencies.json b/2-WebApp-graph-user/2-2-TokenCache/Properties/serviceDependencies.json
@@ -0,0 +1,7 @@
+{
+  "dependencies": {
+    "secrets1": {
+      "type": "secrets"
+    }
+  }
+}
diff --git a/2-WebApp-graph-user/2-2-TokenCache/Properties/serviceDependencies.local.json b/2-WebApp-graph-user/2-2-TokenCache/Properties/serviceDependencies.local.json
@@ -0,0 +1,7 @@
+{
+  "dependencies": {
+    "secrets1": {
+      "type": "secrets.user"
+    }
+  }
+}
diff --git a/2-WebApp-graph-user/2-2-TokenCache/README-incremental-instructions.md b/2-WebApp-graph-user/2-2-TokenCache/README-incremental-instructions.md
@@ -96,8 +96,8 @@ public void ConfigureServices(IServiceCollection services)
     . . .
     // Token acquisition service based on MSAL.NET 
     // and the Sql server based token cache implementation
-    services.AddMicrosoftIdentityPlatformAuthentication(Configuration)
-            .AddWebAppCallsProtectedWebApi(new string[] { Constants.ScopeUserRead })
+    services.AddMicrosoftWebAppAuthentication(Configuration)
+            .AddMicrosoftWebAppCallsWebApi(new string[] { Constants.ScopeUserRead })
             .AddSqlAppTokenCache(Configuration)
             .AddSqlPerUserTokenCache(Configuration);
 ```

diff --git a/2-WebApp-graph-user/2-2-TokenCache/README.md b/2-WebApp-graph-user/2-2-TokenCache/README.md
@@ -185,11 +185,10 @@ This sample proposes a distributed SQL token cache. To use it, you'll need to ad
 public void ConfigureServices(IServiceCollection services)
 {
     . . .
-    // Token acquisition service based on MSAL.NET 
-    // and the Sql server based token cache implementation
-    services.AddSignIn(Configuration)
-                    .AddWebAppCallsProtectedWebApi(Configuration, new string[] { Constants.ScopeUserRead })
-                    .AddDistributedTokenCaches();
+    services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
+            .AddMicrosoftWebApp(Configuration)
+            .AddMicrosoftWebAppCallsWebApi(Configuration, new string[] { Constants.ScopeUserRead })
+            .AddDistributedTokenCaches();
 
     services.AddDistributedSqlServerCache(options =>
     {

diff --git a/2-WebApp-graph-user/2-2-TokenCache/Startup.cs b/2-WebApp-graph-user/2-2-TokenCache/Startup.cs
@@ -47,16 +47,17 @@ public void ConfigureServices(IServiceCollection services)
             // NOTE : This is a one time use method. We advise using it in development environments to create the tables required to enable token caching.
             // For production deployments, preferably, generate the schema from the tables generated in dev environments and use it to create the necessary tables in production.
             /*
-                dotnet tool install --global dotnet-sql-cache
-                dotnet sql-cache create "Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=MsalTokenCacheDatabase;Integrated Security=True;" dbo TokenCache    
+             *  1. For instance in Visual Studio, open the SQL Server Object explorer, then (localdb)\MSSQLLocalDB, then databases
+             *  2. Right click on Databases and select "Add New database", and then choose the name of the database: 'MsalTokenCacheDatabase'
+             *  3. In the console application run the 2 following commands:
+                     dotnet tool install --global dotnet-sql-cache
+                     dotnet sql-cache create "Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=MsalTokenCacheDatabase;Integrated Security=True;" dbo TokenCache
              */
 
-            services.AddSignIn(Configuration);
-
-            // Token acquisition service based on MSAL.NET
-            // and chosen token cache implementation
-            services.AddWebAppCallsProtectedWebApi(Configuration, new string[] { Constants.ScopeUserRead })
-                .AddDistributedTokenCaches();
+            services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
+                    .AddMicrosoftWebApp(Configuration)
+                    .AddMicrosoftWebAppCallsWebApi(Configuration, new string[] { Constants.ScopeUserRead })
+                    .AddDistributedTokenCaches();
 
             services.AddDistributedSqlServerCache(options =>
             {

diff --git a/2-WebApp-graph-user/2-2-TokenCache/WebApp-OpenIDConnect-DotNet.csproj b/2-WebApp-graph-user/2-2-TokenCache/WebApp-OpenIDConnect-DotNet.csproj
@@ -20,8 +20,8 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="3.0.1" />
     <PackageReference Include="Microsoft.Extensions.Caching.SqlServer" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.1.5-preview" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.1.5-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.0-preview" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="0.2.0-preview" />
   </ItemGroup>
 
 </Project>
diff --git a/2-WebApp-graph-user/2-3-Multi-Tenant/README-National-Cloud.md b/2-WebApp-graph-user/2-3-Multi-Tenant/README-National-Cloud.md
@@ -273,7 +273,7 @@ The `https://graph.microsoft.com/.default` is a static scope that allows the ten
 
 ### Custom token validation allowing only registered tenants
 
-On the `Startup.cs` we are calling `AddSignIn` to configure the authentication, and within that method, we validates that the token issuer is from AAD.
+On the `Startup.cs` we are calling `AddMicrosoftWebAppAuthentication` to configure the authentication, and within that method, we validates that the token issuer is from AAD.
 
 ```csharp
 options.TokenValidationParameters.IssuerValidator = AadIssuerValidator.GetIssuerValidator(options.Authority).Validate;

diff --git a/2-WebApp-graph-user/2-3-Multi-Tenant/README.md b/2-WebApp-graph-user/2-3-Multi-Tenant/README.md
@@ -212,7 +212,8 @@ These steps are encapsulated in the [Microsoft.Identity.Web](..\..\Microsoft.Ide
 In order to be able to sign-in users from multiple tenants, the [/common endpoint](https://docs.microsoft.com/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant#update-your-code-to-send-requests-to-common) must be used. In the sample, this endpoint is used as a result of setting the value for `TenantId` as `organizations` on the `appsettings.json` file, and configuring the middleware to read the values from it.
 
 ```csharp
-services.AddSignIn(Configuration);
+services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
+        .AddMicrosoftWebApp(Configuration)
 ```
 
  You can read about the various endpoints of the Microsoft Identity Platform [here](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols#endpoints).
@@ -248,7 +249,7 @@ The `https://graph.microsoft.com/.default` is a static scope that allows the ten
 
 ### Custom token validation allowing only registered tenants
 
-On the `Startup.cs` we are calling `AddSignIn` to configure the authentication, and within that method, we validates that the token issuer is from AAD.
+On the `Startup.cs` we are calling `AddMicrosoftWebAppAuthentication` to configure the authentication, and within that method, we validates that the token issuer is from AAD.
 
 ```csharp
 options.TokenValidationParameters.IssuerValidator = AadIssuerValidator.GetIssuerValidator(options.Authority).Validate;