azure-authentication

问题 I am developing an API(ASP.NET Core) which is accessed via separately hosted web client(React), both hosted on azure as app services. Client app must have auth based on azure Ad(single tenant, preferably secured by azure auth based on aad). When the user signs in to client the API must have access to MS Graph on behalf of user. Obviously both resources must be secured, I have tried using azure auth based on AAD on both app services, but I couldn't get a token to MsGraph in this approach with

问题 I am developing an API(ASP.NET Core) which is accessed via separately hosted web client(React), both hosted on azure as app services. Client app must have auth based on azure Ad(single tenant, preferably secured by azure auth based on aad). When the user signs in to client the API must have access to MS Graph on behalf of user. Obviously both resources must be secured, I have tried using azure auth based on AAD on both app services, but I couldn't get a token to MsGraph in this approach with

问题 We have been using Azure API for some time for various operations. For example this is one of the APIs we use https://docs.microsoft.com/en-us/rest/api/servicebus/namespaces/createorupdate and as mentioned in the docs the URL that we send request to is: management.azure.com Recently we have had the need to start performing against our Cloud Services via API. I noticed that the URL was different then what we have been using before -- management.core.windows.net as mentioned here https://docs

问题 I developed an Angular 8 App with NgxAdmin and hosted it as Azure Web App. It uses Azure AD Oauth2 Authentication with the help of NbAuthModule. Everything works fine. Now I tried to host the same SPA on an Azure Storage Account. I added the new callback url to the Azure Ad App Registration and updated the redirectUri in the NbOAuth2AuthStrategy.setup-method. When I call the base url of the static app ( https://<projectname>.z6.web.core.windows.net ), it correctly redirects to https://

问题 To run applications in Azure, I need to create an Application in Azure AD and a corresponding Service Principal. Then my application authenticates against this App/Principal pair. To authenticate, I can create an application key in the App registration, or I can create a password in the Service Principal (among other options). What's the difference from a practial standpoint? For example, this code runs exactly the same (from the outside) whether the $key is the App's key or the Service

问题 I followed this tutorial to setup authentication for my Azure Bot. After a successful login, it returns a token for me. I believe that this is an authorization token to access the Microsoft Graph API. If I wanted to use this same token to exchange for an access token to another web application, is that possible? And how would I be able to do it? 回答1: Yes, it's possilbe. You should be able to get a refresh_token after the authorization is finished. Use this refresh_token to exchange another

问题 I am trying to access a Data Lake from a .Net client application using this example I have registered the Client App in AAD Tenant and using the Client Id and Client secret from there (as what i believe is service-to-service authentication.) The Data Lake is in a different subscription but belongs to the same Tenant/AAD The App has Read/Write/Execute permission under 'Owner' and 'Assigned Permissions' for the specific folder (two hierarchies down the root folder) in the datalake. The parent

问题 In my application I am getting exception when my application fetches value of first key vault secret. The exception I am only getting when I turn on "Common Language Run-time Exceptions" from exception settings. Exception that I am getting is- Microsoft.Rest.TransientFaultHandling.HttpRequestWithStatusException: 'Response status code indicates server error: 401 (Unauthorized).' StackTrace:- at Microsoft.Rest.RetryDelegatingHandler.<>c__DisplayClass11_0.<<SendAsync>b__1>d.MoveNext() My code to

问题 I have an ASP.Net Core MVC web application which uses Azure AD for authentication. I have just received a new requirement to force user to reauthenticate before entering some sensitive information (the button to enter this new information calls a controller action that initialises a new view model and returns a partial view into a bootstrap modal). I have followed this article which provides a great guide for achieving this very requirement. I had to make some tweaks to get it to work with

问题 Having a problem with creating an azure automation runbook that will copy a database on demand; I've created a credential and stored the u/p of the account I use to log into the portal in it. Password was written in notepad and pasted in to ensure correct. $Cred = Get-AutomationPSCredential -Name 'automationCredential' Write-Output "UN: $($Cred.Username)" Write-Output "PW: $($Cred.Password.Length)" Add-AzureRmAccount -Credential $Cred Write-Output "Deleting the old $TargetDatabaseName" Remove