azure-active-directory

问题 I'm new to the Spring Framework and I'm trying to set up my application with Spring Security using Azure AD authentication. I have the basics set up and my application correctly authenticates to Azure AD. The question I have involves bypassing the default "/login" page that gets generated. Instead of landing on the default "/login" page (or creating my own custom one) when authentication is required, I would like the application to automatically redirect to Microsoft's login page. My

问题 Hello I am learning using MSAL but met a wired issue. I totally followed the tutorial, and I am using the sample code. But I still got this exception building the client in App.xaml.cs : microsoft.identity.client.msalclientexception: the application cannot access the ios keychain for the application publisher (the team id is null). this is needed to enable single sign on between applications of the same publisher. this is an ios configuration issue. see https://aka.ms/msal-net-enable-keychain

问题 I have registered an AzureAD application which is a public client / Native Client. I am using the standard code generated by Azure in the portal. the important bits being static App() { _clientApp = PublicClientApplicationBuilder.Create(ClientId) .WithLogging((level, message, containsPii) => { System.Diagnostics.Debug.WriteLine("*************************"); System.Diagnostics.Debug.WriteLine($"{level}: {message}"); }, LogLevel.Verbose, true, true) .WithAuthority($"{Instance}{Tenant}")

问题 So I'm developing an ASP.NET Core app (.NET Core 2.0), hosted as App Service on Azure. I want to implement authentication with Azure AD, using a single tenant (so only account from our company). I actually added all necessary code, registered the app and configured everything in App Service (at least I think so) and it even works without any problems when I run it locally. The problem occur when I publish the app to Azure and try to log in there. Instead of being redirected to the view of my

问题 I have an angular application hosted in Azure web app. I have selected azure active directory as the authentication provider and if the request is not authenticated then it should log in with the same. So, basically, if the user is already logged in with his/her Microsoft account then he/she does not need to log in again. As per now, I am using .auth/me to get all the user-related details such as givenName, email, etc. Now, I have a requirement to display the user's outlook profile picture.

问题 I would like some clarification on how to use ID tokens and access tokens in an implicit grant flow. I have an Angular SPA using MSAL.js for Angular package and a Web API. The API does NOT call any external services, like MSFT Graph. The back end uses role claims from JWT to establish RBAC authorization to our API functionality only. This doc says: https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens id_tokens are sent to the client application as part of an OpenID

问题 Last week I've been looking at Bot framework Samples, honestly BotFx isn't my area of expertise. I was playing with these samples from the sample library: 18.bot-authentication 24.bot-authentication-msgraph 46.teams-auth The required steps for making work each of them are almost the same, for #18 and make it work in the emulator this include: Register the BotApp in Azure AD Generate a Secret Add the Redirect URI (as documented it should be: https://token.botframework.com/.auth/web/redirect)

问题 Is there possibility to authenticate users through Azure Active Directory when my application written in ASP.NET 5 and MVC 6 is hosted on IIS (not on Azure)? Use case is to have users stored in Azure AD and while login to my application I would checks users in Azure AD. I was thinking about custom ApplicationUserStore which would connect Azure AD. 回答1: Yes, it is definitely possible to authenticate users through Azure Active Directory (AAD) for ASP.NET 5 and MVC 6 application. You could use

问题 I have created a azure web application. This application has been enabled with azure active directory authentication. When authentication process starts first the user email is asked. If I already know the user email address can this step be avoided. In the process if I already have user email id, it should directly go to next step. How this can be controlled from web application? 回答1: Sample login url: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?client_id=.....

问题 I am confused about how Azure B2C works when SPA is talking to backend APIs. We have a VUE app that retrieves data from ASPNet core Web APIs. I connected the VUE with APP on Azure B2C and I can login and retrieve access token, but. How does authentication/authorization between SPA and APIs work? TIA 回答1: Azure B2C uses OATH 2 / OpenID Connect as the main way to secure single page apps and API's. OATH 2 uses Json Web Tokens (stateless cryptographically signed tokens) to provide authentication