I have a web api rest web service. The web api, is already configure to authenticate to azure.
Now I want to call the rest web service from a web page using angular. the question is how can I get an access token so I can send it ?
Thanks for any help.
have you seen this sample? Call an Azure AD protected Web API in an AngularJS Single Page App
In this sample, there's a Single Page Application using AngularJS, that also calls another backend Web API.
I hope this helps.
Related
I have a React Application for the Front end hosted on Azure in App Services. I also have another NodeJS app that I am using to create REST APIs for the front-end App. This App is hosted on another App Service.
Now, I want to integrate AD authentication for the front-end app using Azure Active Directory, which I have managed to do using the Easy Auth process. But I don't know how to get (or pass to the front end) the user and token details once the user is authenticated.
The second part of the query is, that I want to use the token to secure my REST APIs by passing it in the header and validating it in the backend. I have gone through various Microsoft documentation but I am not able to figure out how to do this.
Please help me in getting the user and token details. And please suggest how to secure my REST APIs.
You can get the tokens via http headers or via an endpoint /.auth/me. More details: https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-oauth-tokens#retrieve-tokens-in-app-code
Regarding validating tokens, take a look at this: https://github.com/Azure-Samples/active-directory-dotnet-webapi-manual-jwt-validation
I have noticed that when a first-party application is being onboarded, clicking on the "Call an API" section only shows the Graph API as the only possible option. I'm wondering, if possible, what would be the mechanism to onboard an API that is implemented in a custom-built service instead.
If you want to call your web API with AAD authentication, you can refer to Scenario: A web app that calls web APIs.
Different from calling Microsoft Graph API (it only requires you to register an Azure AD app to represent the client app), remember that you need to register two Azure AD apps, one is for client app (front) and the other is for API app (backend). In the API app, you need to expose API. Then you need to configure the client app. Add the permission (scope) which is exposed by API app to the client app.
I want to implement Azure AD B2C with .net core web API application.
The purpose of Web API application, to create/register users, provide bearer token, also when a new user create/register in Azure ADb2c the same entry it will create in SQL DB also.
The Web API application will be accessed by other .Net core web site applications, Android APK, IOS APP.
Using AD B2C how the sign-in/sign up will be handle by Web API with the other application.
Similarly how to get the bearer token and pass to Postman to test/run Web API with Authorize attribute.
Can anyone please guide me on how to implement it with a sample of code.
Thanks.
The Web API's are be used to protect and accept the B2C access tokens from client applications.
You can implement Azure AD B2C .Net Core MVC web application with web api.
Please go through the available code samples which can help you more.
In the web API using the Access token you can connect with Microsoft Graph API using which you can create Users.
Please go through the documentation on how to expose you API service
I need some help with implementing authorization infrastructure for my application.
I have a Angular SPA application that works with a Web API. This Web API in turns uses another Web API to serve its request. So, I have totally 2 Web APIs and a Angular SPA application.
I want the users of the Angular SPA application to be authenticated by our Azure AD account, and then share this token with other two Web APIs to authenticate the requests.
Please advise how to go about it, any thoughts are much appreciated.
So the flow looks like:
1.Sign-in the user in the SPA application.
2.Acquire a token to A Web API and call it.
3.A Web API then calls B Web API.
Take a look at this sample. It uses the On-Befalf-Of flow which applies to your scenario.
This is what i have at the moment :
A React.JS web application which signs in the user to azure ad with the tenant. I'm using https://github.com/salvoravida/react-adal/ for the sign in. With the user authenticated, I am able to get user information from the Microsoft Graph API
A Node.JS Web API which accesses the database. The routes are not secured with Azure AD as yet
What i'm trying to understand/implement :
- The React.JS web app passes the user token for each request to the Web API
- The Web API validates the azure AD token before sending the response
My question now is: Is this actually the right way to do it ? I've tried this sample from Microsoft https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-v1-nodejs-webapi but i'm not sure what kind of token it is suppose to accept.
Thank you for your help.