azure-active-directory

问题 Is there an end-to-end sample provided to query for the list of members and their basic profiles, including Teams user IDs and Azure Active Directory (Azure AD)? I am following https://docs.microsoft.com/en-us/microsoftteams/platform/bots/how-to/get-teams-context?tabs=json and microsoft graph Postman collection, however it seems too complex for me to understand. I need to fetch all the userId under for my MS Team 回答1: The document you are following is indeed used to get the information you

问题 I have a webapi which generates aad token and I have written token generation logic in Get() method in webapi. I'm able generate aad jwt token from webapi get() method but, now I want to include some custom claims into the token. How can I set custom claims to aad token using c#. I have used below code for generating aad token. var authenticationContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext("https://login.windows.net/" + ConfigurationManager.AppSettings[

问题 How to Validate OpenID Connect Access Token generated by Azure AD (v2!!!) in ASP.NET core WEB API? The Scenario is: I have an Angular 8 Client Application which is getting an OpenID Connect access Token after Login. The Client can call the API along with the Access Token. But Question is, How should I validate that Token in ASP.NET core API? With this code I get an Authorize Error without any descriptions. services.AddAuthentication(AzureADDefaults.BearerAuthenticationScheme)

问题 I'm getting invalid_grant error while generating access token using refresh token POST https://login.microsoftonline.com/common/oauth2/v2.0/token Response { "error": "invalid_grant", "error_description": "AADSTS50173: The provided grant has expired due to it being revoked. The user might have changed or reset their password. The grant was issued on '2018-06-13T23:20:02.9860000Z' and the TokensValidFrom date for this user is '2018-06-15T17:21:11.0000000Z'\r\nTrace ID: 4237d0b8-51fe-43c2-9b5c

问题 I've set up authentication through Azure Active Directory (AAD) and everything works fine (I receive my access and refresh tokens). I've read about app roles and I would like to use them (for simplicity, let's assume I want to have Admin and User roles). I've followed the official documentation (which is missing the last part ..) here. Unfortunately, the tokens don't contain the 'roles' claim. Here is my setup in more detail: 1) I have Azure AD app called TestAuthApp and I added roles to the

问题 Please help me to understand the difference between JWT token validation from the ASP netcore application and the netcore Kestrel hosted application. There are two applications that verifies token using the source code like below: public static IServiceCollection AddJwtToken(this IServiceCollection services, OAuthConfig config) { services.AddMvc(); services.AddAuthorization(); Logger.DebugFormat("AddJwtBearer authority:{0} audience:{1}", config.GetAuthority(), config.Resource); services

问题 Please help me to understand the difference between JWT token validation from the ASP netcore application and the netcore Kestrel hosted application. There are two applications that verifies token using the source code like below: public static IServiceCollection AddJwtToken(this IServiceCollection services, OAuthConfig config) { services.AddMvc(); services.AddAuthorization(); Logger.DebugFormat("AddJwtBearer authority:{0} audience:{1}", config.GetAuthority(), config.Resource); services

问题 I am getting the azure ad access token from an Utility Service and I want to validate it using some standard token validation parameters which includes issuer, audience and issuer signing key.Now I have the issuer and audience but I don't have the issuer signing key. However I have extracted the key information using the jwks_uri end point of azure ad b2c which gives me a json output as { "keys": [ { "kid": "X5eXk4xyojNFum1kl2Ytv8dlNP4......", "nbf": 1493763266, "use": "sig", "kty": "RSA", "e

问题 I am building an Angular 6 application that will be able to make CRUD operation on Azure Blob Storage. I'm however using postman to test requests before implementing them inside the app and copy-pasting the token that I get from Angular for that resource. When trying to read a file that I have inside the storage for test purposes, I'm getting: <Code>AuthorizationPermissionMismatch</Code> <Message>This request is not authorized to perform this operation using this permission. All in production

问题 I am a beginner in using Azure AD with OAuth2. I deployed a sample WEB API in my Azure AD. I consume my WEB API through the Postman application. Before consume the WEB API in Postman I need to generate the access token. But when i generate the access token in post man it's always accept the Grant Type - Authentication Code . When i change the value to Client Credentials the generated access token is not accepted in the API. it's shows UnAuthorized message. In Azure portal - app settings