My app submission to the Apple Store got rejected because it requires users to log in though it does not implement Apple sign-in. My app is written in Xamarin.Form and uses Microsoft.Azure.Mobile.Client to communicate with my Azure Mobile App backend. It supports authentication with Facebook, Google, Twitter and Microsoft. For all those providers I use the "server flow". I followed some instructions I found on Apple sign-in here: https://learn.microsoft.com/en-us/samples/xamarin/xamarin-forms-samples/signinwithapple/
I got to the point where I get a userId and a token from the client but I am stuck on what to do next to enable authentication with the Azure Mobile App service.
Any help is greatly appreciated!
Thank you!
Related
I am developing an Azure bot for Microsoft teams, using Azure Bot Service, Bot registration channel setup. The messaging endpoint is an App Service that is authenticated with AAD login. Could some please help me understand how to call this authenticated endpoint from a bot? currently, I am testing it on Webchat and I get a 401 unauthorized error. I tried configuring the Oauth Setting in the bot as per this, but still getting 401.
Could someone please point to any concepts and documentation required here.
There is no need to enable the App service Authentication. Just follow this article to add authentication to your bot via Azure Bot service. Then logon is required when you use the bot.
Reference:
Azure AD integration with Bot Framework / teams
Microsoft Teams behaves somewhat differently than other channels in regards to OAuth and requires a few changes to properly implement authentication. Specifically an Invoke Activity is sent to the bot rather than the Event Activity used by other channels. This Invoke Activity must be forwarded to the dialog if the OAuthPrompt is being used. This is done by subclassing the TeamsActivityHandler and implementing handleTeamsSigninVerifyState. It is best advised to make use of the 46.teams-auth sample to set up OAuth in Teams.
Hope this helps.
I have an angular website which is secured using Azure AD B2C. B2C is configured with local accounts and three social providers (MS, Google & Facebook) and everything from the web app perspective works great.
The web app calls a separate .NET Core web API which has a couple of secured endpoints. The web API has been set up as an application in B2C with all of the relevant scopes and the scopes have then been added to the web app as described in the getting started docs from MS.
If I'm logged in to the web app using a local account the API call's work perfectly however if I'm logged in using a social provider they fail. In the case of an MS account I see the following:
Frame with URL 'https://login.live.com/oauth20_authorize.srf?client_id=omitted for brevity'
attempted to navigate its top-level window with origin 'https://localhost:44314'.
Navigating the top-level window from a cross-origin iframe will soon require that the iframe has received a user gesture.
See https://www.chromestatus.com/features/5851021045661696.
Google and Facebook provide similar errors. It looks to me like somewhere along the line a redirect is being initiated to try and log in again.
On the Angualr app I'm using msal-angular (https://www.npmjs.com/package/#azure/msal-angular) which is configured as described in the link.
I've scoured the docs and google to try to find a solution but to no avail so any help would be greatly appreciated. I'm not sure if I'm just running into something that's not currently supported in B2C.
Thanks in advance.
We need to build a desktop (using angular4) and a mobile application (using react-native) that supports single sign on for our clients who are using ADFS in their organisations. We are looking forward to implement outh2 authentication on desktop and mobile app.
Can someone please guide how can we implement it. Should the app(s) be registered at azure-portal or apps.dev.microsoft.com? Do we need a backend API, what would this backend api do?
Thanks.
You need to register your app on azure.portal if you want to support sign in with Active Directory organizational or work accounts, which I believe is your case.
The apps.dev.microsoft.com portal is for registering apps that want to support sign in with both AD work accounts and Microsoft personal accounts.
You can read this article to get an idea of the different application types and platforms that are supported.
I am excited about the latest global (Google, Microsoft, Facebook, etc...) Authentication options in Azure Web Apps. I am posting a Web API app. However does anyone know how to program the login and get a token from a Windows 10 UWP app? I am first interested in using Microsoft Account Authentication.
Glad to see the excitement! Some documentation links below.
How to configure Microsoft Account authentication (using the management portal).
https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-how-to-configure-microsoft-authentication/
Here is some documentation showing how to set up a Windows Store application on Azure App Service. This example uses Facebook, but you should be able to make some very simple changes to enable Microsoft Account authentication.
https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-windows-store-dotnet-get-started-users/
Does this help you get started?
I have set up authentication with Azure Mobile Services using Facebook and Google successfully in my iOS app implemented in Xamarin.
It works fine but it does require the user to input username and password in some nasty web UI.
Ive seen may other apps and websites where you just click the facebook login and since you are already signed in with facebook on the device you just get some popup to accept and in you go without entering any username or password.
How do I achieve this?
You have to use the Facebook SDK to achieve this. You can get it from the Xamarin component store here (Facebook SDK Component)
I believe you are then able to pass the token to azure to log into the azure mobile services instance. Something like this (This is for Windows Phone)
Hope this helps