How does Azure Active Directory authentication for Azure API Apps work? -


i'm trying call azure api app configured azure ad authentication. assume purposes of question cannot use azure sdk , need write code token , insert api request.*

i have established there 2 modes - 'client flow' , 'server flow', client flow entails following @ least 1 redirect issuer token, , server flow server you. since i'm talking doing in code, following redirects possible fiddly, i'd prefer use mode uri or uris visit known ahead of time , return content, rather redirecting. following diagram illustrates how gateway routes requests.

api app credential flow

i think mode need client flow, go like:

  • get access token identity provider (which what? how find out resides? format of request have send idp?)
  • pass access token gateway (in format?)
  • receive token in gateway response
  • supply token in header when making api request (which header?)

how supposed this? azure documentation doesn't give enough detail how works, , expects users use sdk, hides happening.

the actual reason need called biztalk, uses wcf webhttpbinding call restful services. i'm writing custom behaviour insert token header request, need know how token should acquired. it's possible run arbitrary code in biztalk trying makes solution complicated, , config-only or mostly-config minimal, loosely-coupled code simpler solution

just want understand scenario better, because going use biztalk receive pipeline, scenario can simplified enabling customer authentication token right ? basic username , password api have hosted on cloud. biztalk want authenticate self tokens each ad user ?

to answer of questions

  • get access token identity provider (which what? how find out resides? format of request have send idp?)

after have configured ad configuration, once have completed authentication, assuming using asp.net here, can find need claims on thread.currentprincipal, can convert claimsprincipal var claimsprincipal = thread.currentprincipal claimsprincipal; , find lot of information on object. name of user logged in, list of claims principal has etc. have not explored every avenue here, should starting point.

your api app running on process means have access these claims in api app code well.

i build custom pipeline in biztalk uses azure sdk authenciate , build scenario, bit complicated give more control on goes through pipeline when authentication fails permission issues , on.


Comments

Post a Comment

Popular posts from this blog

html - Outlook 2010 Anchor (url/address/link) -

i'm trying link specific pdf page msoutlook'10 or msword'10, #page=... anchor particularly useful , works fine elsewhere. unfortunately when click [ctr-k] in outlook or winword, links re-formatted assuming unc path. pdf file located on shared drive. using "file:" prefix links open pdf in adobe reader (outside of browser), , "http:" open inside browser. issue seem need open in browser "file:" prefix in order anchor work. know anchors work inside browser. outlook uses windows/explorer default program (based on file extension) seems open in adobe reader neglecting anchor. is aware of solution, link specific page or bookmark of shared-pdf ms outlook and/or winword link? common references: mailermailer.com/...anchor-tags-html-emails campaignmonitor.com/...anchor-links-in-email-newsletters/ stackoverflow.com/...anchor-in-pdf-document
Read more

javascript - Why does running this loop 9 times take 100x longer than running it 8 times? -

consider code: test = function() { } t = new test(); (var = 0; < 8; i++) { result = t instanceof test; } if change number of iterations 8 9 , loop take 100 times longer complete in latest version of firefox (41.0.1). tested on 2 different pcs , magic limit 8. here jsperf test used: http://jsperf.com/instanceof-8-times-vs-9-times does have idea why might happen? seems specific instanceof . not happen if else object, example check property. note: filed bugzilla bug this. jan de mooij mozilla team has posted details in bugzilla thread . here's simplistic interpretation of highly technical answers: in i < 8 case, firefox smart enough hoist result = t instanceof test; statement out of loop (according tests, doesn't seem omit altogether). in i < 9 case, apparently doesn't optimization . why? reason not clear, related fact 9 iterations threshold above function considered "hot" enough run through jit compiler. i < 8 cas...
Read more

Getting gateway time-out Rails app with Nginx + Puma running on Digital Ocean -

following this guide setup app on digital ocean droplet, not working. site not loading , it's throwing: "gateway time-out". the puma server works, since ps aux | grep puma prints: root 15878 0.0 0.4 376832 2168 ? sl 12:50 0:00 puma 2.13.4 (unix:///var/www/myapp/shared/tmp/sockets/myapp-puma.sock) [20150930164940] root 15881 0.0 0.7 903676 3692 ? sl 12:50 0:06 puma: cluster worker 0: 15878 [20150930164940] root 24654 0.0 0.1 11748 916 pts/2 s+ 18:00 0:00 grep --color=auto puma my nginx config: user root; worker_processes 1; events { worker_connections 1024; } http { upstream puma { server unix:///var/www/myapp/shared/tmp/sockets/myapp-puma.sock; } server { listen 80; server_name myapp.com; root /var/www/myapp/current/public; access_log /var/www/myapp/current/log/access.log; error_log /...
Read more