I have an iOS App that connects to an ASP.NET WebAPI on the server side for CRUD operations.

I now need to add authentication against a Active Directory Foundation Service (AD FS 2019) to protect the WebAPI. In the app we would like to use AppAuth-iOS () as helper for the authentication via OpenID Connect (or OAuth2?)

I have no prior experience with ADFS or OpenID but i found a working example with .NET Framework WebAPI and a Windows Desktop client ()

As a first step, I'd like to port that example to .NET 9. That way I can familiarize myself with the base concept of ADFS and OpenID. And that is where I'm struggling right now:

1. In .NET Framework there is a namespace Microsoft.Owin.Security.ActiveDirectory available that is used for the bearer token authentication with ADFS. Is there an equivalent Nuget available for .NET 9?

2. The client seems to rely on the namespace Microsoft.Identity.Client for the authentication. Is there an equivalent for .NET 9?

3. The above example doesn't seem to use OpenID Connect (or OAuth) but some Microsoft protocol. I found the .AddOpenIdConnect() extension in the Microsoft.ApsNetCore.Authentication.OpenIdConnect namespace for the service side. What namespace/Nuget package can I use for a .NET Desktop Client for testing?

Most examples I found using Azure AD and/or Entra. But I need examples for on-premise only (there are no connections to any cloud services)