azure-active-directory

问题 I am doing azure active directory authentication for function app by following below URL https://www.c-sharpcorner.com/article/secure-azure-function-with-azure-ad/ But when i hitting my url through function app It is giving unauthorized do i need to do anything else please find the below screen shots. any help is appreciated 回答1: We could use the access token to access your Azure function API directly if your azure function authentication level is anonymous or function key is also required.

问题 I have added Graph permissions that "User.ReadWrite.All" and other permissions like below, but I am not able to grant consent permission for the added requests. Even my organization's azure support team members also not able to give me permission. Why the "Grant admin consent for Arcadis" button is not enabled? Why is it showing "Not granted for Arcadis? Need to pay for this API consumption or How to enable this feature? 回答1: To grant consent to these permissions, the signed-in user must be

问题 We are building a nodejs server, which authenticates the user using AAD . We get a JWT accessToken from the Microsoft login endpoint when a user logs in to our app. How do we use this token to make calls to get the blobs/containers using this javascript API? I don't want to make direct ajax requests to the API's using the ( Authorization: Bearer accessToken ) calls. I have succeeded in using postman like this to make the calls? How do I do this programmatically using blobServiceClient ? 回答1:

问题 I recently changed from windows authentication to Azure AD using roughly the "out of the box" code; public void ConfigureAuth(IAppBuilder app) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseKentorOwinCookieSaver(); app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = clientId, Authority = Authority, PostLogoutRedirectUri =

问题 Background So we have an app service that authenticates from Azure AD in another tenancy using OpenIdConnect. Login works on a dev instance of IIS, and it works on our test app service. We saw the issue on test, and it vanished and didn't return during the entire testing phase of the project. Now we've deployed to production, and we're seeing the issue again. The Issue What we're seeing is that everything will work fine for some time, and then after several hours, the issue will emerge again.

问题 I have a functions app in azure that both a machine (client credential flow) and humans (authorization code flow) need to be able to authorize/authenticate against. Initially I was using easy-auth, Azures out-of-the-box solution for securing functions apps. However according to this https://stackoverflow.com/a/57357226/7411328 it's not possible to use the client credentials flow with easy auth. Although I don't understand why this is. Why is it not possbile to use the same authority for two

问题 I'm testing using Azure AD B2C with Xamarin.Forms, specifically with the sample found here: https://docs.microsoft.com/en-us/samples/xamarin/xamarin-forms-samples/webservices-azureadb2cauth/ The code seems to working fine. All is working with UWP as expected. Haven't tested IOS yet. On my Android Emulator, when I click the Login button, the Chrome window opens and I get a blank page. The Debug window shows the following: [ERROR:gl_surface_egl.cc(335)] eglChooseConfig failed with error EGL

问题 net core application. My requirement is to add group based authorization. I am user in Azure AD. I belong to the some group names starts with BR and AR. Users belong to the AR groups only should be able to access my APIs. Currently my client application is Swagger and I am hitting APIS only through swagger. For example, In startup I can have the below code. services.AddAuthorization(options => { options.AddPolicy("AR-BitBucket-User", policyBuilder => policyBuilder.RequireClaim("groups",

问题 We have an Azure AD account with Multi Factor Authentication enabled and are wondering if there is a way we connect to it without a prompt, that is without MFA, through Powershell. We've tried Connect-AzureAD -Credentials however it doesn't proceed when MFA is setup: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access... If there is any way to have MFA setup and connect through

问题 We are using AD deployed Daemon applications that have full read/write access to user's calendar in office 365 to get meeting notifications from Graph API. We have moved away from EWS because of constant issues and MS depreciating its use. There does not currently seem to be a way of restricting the scope of Office 365 Calendar.ReadWrite permission from the organization level to a group/user. Fortune 500 customers are worried that our application has access to all sensitive data inside their