Install in Azure

This walkthrough will run through setting up AdminUI manually in Azure.

The IdentityExpress Admin UI integrates with an IdentityServer installation for authentication and authorization.

AdminUI Deployment

AdminUI is deployed a single Azure Web Application.

It is envisaged that it will be configured to communicate with your existing (external) identity server.

Prerequisites

Before beginning installation, please ensure that you have downloaded:

• Latest version of AdminUI
• Installed IdentityServer4 or IdentityServer6 (Duende), a sample can be found here that is already integrated with our IdentityExpress.Identity schema.
• Either a MySql, PostgreSQL, or SqlServer database set up

Walkthrough

If you already have a working IdentityServer installation up and running then this walkthrough is for you.

This walkthrough will take you through the entire Azure configuration process, resulting in a working environment for IdentityExpress AdminUI which is in communication with your IdentityServer installation. This will also include migrating your user store to the AdminUI Identity Schema.

Configure a Database

AdminUI currently only supports MySql, PostgreSQL and SqlServer. These can run in any azure or non-azure service.

Any used databases must accept remote connections, also ensure that your firewall allows connections on any used ports.

Create Azure Website

Initially you will want to create an Azure Web App (note this process can also be done with Azure VM's, though you will need to follow the AdminUI IIS Installation guide.

AdminUI Configuration

Once you have a Website created for AdminUI, you will need to add some variables to the site in order to get it to run. The variables to be aware of are:

• DbProvider This sets the database type you are using. Supported types and their values are SqlServer, MySql, or PostreSql
• IdentityConnectionString The connection string for your Identity database (users)
• IdentityServerConnectionString The connection string for your IdentityServer database (clients, resources & grants)
• AzureAppServiceLogging (optional) Used for debugging the API - see the enable logging page for more details.
• AuthorityUrl Url of the IdentityServer installation
• UiUrl Url of the AdminUI frontend
• RequireHttpsMetadata Set to true or false if you want to ensure IdentityServer discovery endpoint uses TLS. Must be true for production.
• AuditRecordsConnectionString The connection string for AdminUI audits, if missing will default to the IdentityServerConnectionString
• AuditRecordsCulture Language used for generation of audit records, if missing or invalid will default to English (en-GB), supported cultures and their values are:
  • de German
  • zh-TW Chinese (Traditional)
  • zh-CN Chinese (Simplified)
  • es Spanish
  • fr French
• AuditReadActions Set to true or false, if missing will default to true, if false no audit records will be generated for read actions e.g when a user views resources though AdminUI
• AuthorityUrl Url of the IdentityServer installation.
• UiUrl Url of the AdminUI frontend (this Web APP).
• ApiUrl Url of the API setup in the previous step.
• AzureAppServiceLogging (optional) Used for debugging the UI - see the enable logging page for more details.

In Azure, these variables will need to be added manually to the App Settings header in the Application Settings blade.

For a full list of configuration settings, see Configuring AdminUI.

Deploying to Azure Web App

You will need to FTP the folders supplied to the correct Azure folder. To achieve this you will need an FTP Client such as Filezilla. Once you have an FTP Client setup, you will need to go in to the Deployment Credentials blade of your app underneath the deployment header and setup the FTP credentials. Next go into the Properties blade underneath the Settings Header. From this blade you can grab your FTP HOST NAME.

Using your FTP Client, connect to this website, from here navigate to Site -> wwwroot. You will want to place the contents of the relevant folder in this wwwroot folder.

Migrations

Whether you are installing AdminUI for the first time or upgrading to the latest version of AdminUI, you will need to run some form of migrations to ensure your databases are inline with AdminUI

If you extract the zip on your local machine, You can run the following command to migrate your database

dotnet IdentityExpress.Manager.UI.dll -migrate all -connectionstring "Server=tcp:example.database.windows.net;Database=ExampleDatabase;User ID=Username;Password=Password;Trusted_Connection=False;Encrypt=True;" -dbprovider SqlServer

If you want more options when setting up your databases, then there are more fine tune migrations you can do, for more info see our full migration docs here

Troubleshooting

If you're having issues, we recommend you first enable logging.

If the logs do not report any issues, the logs are reporting "Could not find 'aspnetcorev2_inprocess.dll'" or you see a screen with the following error: "Http Error 500.32 - ANCM Failed to Load dll", then the most likely culprit is that you are running AdminUI on a .NET Framework App Service and will need to make 2 modifications to the web.config file.

First you will need to remove the hostingmodel="inprocess" property from the <aspNetCore> element and change the AspNetCoreModule from V2 to V1 by modifying the <handlers> section like so:

    <handlers>
      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
    </handlers>

    <aspNetCore processPath="dotnet" arguments=".\IdentityExpress.Manager.UI.dll" ... hostingModel="inprocess">
    </aspNetCore>

to

    <handlers>
      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
    </handlers>

    <aspNetCore processPath="dotnet" arguments=".\IdentityExpress.Manager.UI.dll" ...>
    </aspNetCore>

If you are still experiencing issues after this please don't hesitate to email us at support@identityserver.com