I am seeing a strange behavior.
Basically I created Azure AD. Added WebApp. Added permission to the AAD to access "your org directory". The app is multitenant. Now in my actual website I added OWIN middleware to use OpenIDConnect to handle the auth with client id, and client secret. When I launch my web site it redirects me to login page and when I provide my creds it redirects me to consent page (I didn't consent just yet). Now, I created one more application - web API this time, edited its manifest to expose it to other apps. In my main application I added this web API app as "permissions to other applications". Now when I try to sign in with my credentials - it does not show my consent page, instead I am redirected to my main app but openidconnect middleware doesn't sign in user. One of the Fiddler logs shows me next error: "
<html><head><title>Working...</title></head><body><form method="POST" name="hiddenform" action="https://localhost:44312/"><input type="hidden" name="error" value="access_denied" /><input type="hidden" name="error_description" value="AADSTS65005: The application needs access to a service that your organization <orgname> has not subscribed to. Please contact your Administrator to review the configuration of your service subscriptions.Trace ID: 8f7344da-3585-4212-8641-c3c494c5454c
Correlation ID: 04dd9525-a467-4291-a152-0f65422d0721
Timestamp: 2014-06-21 08:56:10Z" /><input type="hidden" name="state" value="OpenIdConnect.AuthenticationProperties=sNPxAxtLKoXI6WTgiF7sps71kX5nTjRPATxG6U7qcjMriVAqjnxl6YbPjAYw3gjbrxTJnt7Hcfe2wENsgMxb99VxzLWONcJed1iKxoTeXkOOhfPVM9TNJBBr_dDoYyrX" /><noscript><p>Script is disabled. Click Submit to continue.</p><input type="submit" value="Submit" /></noscript></form><script language="javascript">window.setTimeout('document.forms[0].submit()', 0);</script></body></html>
"
Though I am not sure if this error is the actual problem.
Any help is greatly appreciated.