azure-active-directory

AZURE AD B2C The browser page is mis-rendered in Embedded Webviews with MSAL.net web(new versio userflow (Recommended))

▼魔方 西西 提交于 2021-02-17 01:56:07
问题 As the microsoft iffical said, The UWP can't use system web with aad b2c, has to use Embedded Webviews. But when I use MSAL.net, it offen mis-render the page, as the image below(in some times , the page maybe right render). And I can run the user flow and right render with my system chrome web browser . The uwp Embedded Webviews is in old edge core(maybe this is the reason?). what can I do? does Microsoft can solve the matter? 回答1: B2C is supported in UWP. Please upgrade the application to

How to call azure graph api using postman

六月ゝ 毕业季﹏ 提交于 2021-02-16 18:14:06
问题 I am trying to call graph api to get user information. I am using postman to get the token first and then using that token trying to make a request to graph api I get the token with below post request and with 4 key values for grant_type, client_id, client_secret and resource. https://login.microsoftonline.com/{{tenantid}}/oauth2/token The response is { "token_type": "Bearer", "expires_in": "3600", "ext_expires_in": "3600", "expires_on": "1555583717", "not_before": "1555579817", "resource":

Blazor using Azure AD authentication allowing anonymous access

≯℡__Kan透↙ 提交于 2021-02-16 09:27:27
问题 I'm currently writing a (Server side) Blazor application that includes the default AzureAD Authentication. This works well for authenticated users - challenging on the entrance ( _Host.cshtml ) file, redirecting and then back once authenticated. I need to have a couple of pages not requiring authentication - I don't want the user being challenged and redirected to Microsoft. What is the correct way to do this? I have experimented with the AllowAnonymousAttribute , the AllowAnonymousToPage

Blazor using Azure AD authentication allowing anonymous access

不打扰是莪最后的温柔 提交于 2021-02-16 09:27:06
问题 I'm currently writing a (Server side) Blazor application that includes the default AzureAD Authentication. This works well for authenticated users - challenging on the entrance ( _Host.cshtml ) file, redirecting and then back once authenticated. I need to have a couple of pages not requiring authentication - I don't want the user being challenged and redirected to Microsoft. What is the correct way to do this? I have experimented with the AllowAnonymousAttribute , the AllowAnonymousToPage

How to get AD access token and pass it to web api controller?

孤街醉人 提交于 2021-02-11 17:43:00
问题 How to get AD access token from login.microsoftonline.com and pass access token to web api controller? as I need "access token" as such to pass on to another partner company website url via post request. Below code doing AAD authentication as expected but also I need "access token" as such, public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a

Azure AD B2C (NodeJS): Unauthorized 401 error for a request with a valid token

我的梦境 提交于 2021-02-11 16:48:57
问题 I'm using Azure AD B2C for authentication for my NodeJS API. However, I keep receiving a 401 Unauthorized error by Azure AD B2C. When I add ignoreExpiration: true to my AAD auth options, I do not get a 401 Unauthorized error and my API works fine. However, once I remove the ignoreExpiration, I get the 401 Unauthorized error. I even generated a new token, verified that it is valid (and not expired) by decoding the token using https://jwt.io/. I even made sure it has the correct scope. The API

Azure App registeration vs Enterprise Applications

主宰稳场 提交于 2021-02-11 15:48:53
问题 I have seen that some Services can add an entry into my ActiveDirectory-> EnterpriseApplications page when i just enter my Azure Account UserId and Password on their page. Using this they can use Azure RestAPI and get List of my subscriptions and Resources etc. Even I have created a custom web Application(hosted on some public server) and I want to access Subscriptions and Resources of users using the REST API. But to do that it asks me to do the AppRegistration. But i do not want every user

Azure App registeration vs Enterprise Applications

为君一笑 提交于 2021-02-11 15:48:44
问题 I have seen that some Services can add an entry into my ActiveDirectory-> EnterpriseApplications page when i just enter my Azure Account UserId and Password on their page. Using this they can use Azure RestAPI and get List of my subscriptions and Resources etc. Even I have created a custom web Application(hosted on some public server) and I want to access Subscriptions and Resources of users using the REST API. But to do that it asks me to do the AppRegistration. But i do not want every user

Sharepoint online 'Unsupported app only token.'

拈花ヽ惹草 提交于 2021-02-11 15:25:13
问题 I got myself a bearer token by calling https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token with the scope https://{tenantName}.sharepoint.com/.default It's a token for a registered app in Azure AD. When I use that token to make an API call like https://infoinnobake.sharepoint.com/_api/search/query?querytext='contentclass:STS_Site contentclass:SP.Webb'&selectproperties='Title,Path'&rowlimit=500 I only reveice 401 Unsupported app only token. can some explain why? Is it possible to