azure-active-directory

问题 I've been messing with this for a few days now... What I would like to do is Authenticate users with Azure AD, and when successful, automatically log them in using ASP.NET Identity for authorization. If they do not have an account I would like to create one automatically. Essentially Azure AD is just confirming that they are a part of the organization, the ASP.NET Identity portion is it's own database where I can use the [Authorize] attribute to set up custom roles OUTSIDE of Azure AD. This

问题 I have an API and that API needs some data from the Microsft Graph API. I was thinking of implementing an endpoint in my API to refresh the token and use that token to make calls from the frontend. I don't know if that's optimal or safe, hence my question. EDIT 1: To give a better perspective of what I have, this is the logic I have at the moment. Tell me if this is correct please. User requests my API's authorization endpoint, which has the Azure's secret key, then the user is redirected to

问题 I am newbie to Azure AD and want to interact with it through my java app. After doing some research, I found that we need to get bearer_token in order to use Graph API for Azure AD. I am following this link to get bearer token but facing issue with one of parameters. Now as shown in below image from above link, there are several parameters and information related to them is given like what they are and how to retrieve them but I dont see any information related 'code' parameter. Can somebody

问题 I am newbie to Azure AD and want to interact with it through my java app. After doing some research, I found that we need to get bearer_token in order to use Graph API for Azure AD. I am following this link to get bearer token but facing issue with one of parameters. Now as shown in below image from above link, there are several parameters and information related to them is given like what they are and how to retrieve them but I dont see any information related 'code' parameter. Can somebody

问题 I am newbie to Azure AD and want to interact with it through my java app. After doing some research, I found that we need to get bearer_token in order to use Graph API for Azure AD. I am following this link to get bearer token but facing issue with one of parameters. Now as shown in below image from above link, there are several parameters and information related to them is given like what they are and how to retrieve them but I dont see any information related 'code' parameter. Can somebody

问题 I have Office 365 Developer account & tenant in windows azure to manage office 365 users. using consent framework "prompt=admin_consent", i granted access rights to one of my web application already registered in Azure AD (which is managed by me) to use office 365 API services, After granting access using admin consent, all my Azure AD users are able to authenticate themselves against Azure AD. I am able to see the applications that i granted access using http://myapps.microsoft.com but i am

问题 I have Office 365 Developer account & tenant in windows azure to manage office 365 users. using consent framework "prompt=admin_consent", i granted access rights to one of my web application already registered in Azure AD (which is managed by me) to use office 365 API services, After granting access using admin consent, all my Azure AD users are able to authenticate themselves against Azure AD. I am able to see the applications that i granted access using http://myapps.microsoft.com but i am

问题 To automate maintenance of an Azure Digital Twins instance, we require service-to-service API access so that we can use Azure middle-tier options to run as daemon apps (e.g. Logic App or Function). However, the Azure Digitial Twins 'preview' API (resource id: 0b07f429-9f4b-4714-9392-cc5e8e80c8b0) does not support Application Permissions when registering the application in Azure Active Directory (only Delegated Permissions). However, the related Microsoft Graph API (resource id: 00000003-0000

问题 I am trying to authenticate user by Azure AD using WS-federation. I've implemented multiple authentication schemes and redirect the user to the respective schemes using Challenge(). return Challenge(new AuthenticationProperties { RedirectUri = "http://localhost:57826/Account/AzureADLogin"}, authenticationScheme); This can redirect me to the Microsoft login page and after successful login, it redirects me to the action method AzureADLogin(). But somehow in AzureADLogin(), I could not able to

问题 In our SQL tables we have columns such as UpdatedBy and CreatedBy with a ref key to a User table. This is useful to keep track of who created/updated an business entity. However we are migrating from this local User table to using Azure AD. We will use Azure AD for authentication and authorization in our client applications. There should be no need for a local User table (or any other tables related to identity, such as Role etc...), but then how do I reference user ids from Azure AD into my