microsoft-identity-platform

问题 I need a bit of help understanding which is the problem with Microsoft Identity Platform login on my cms (ASP.NET Webforms). It used to work without problems, last time I tried was maybe a month ago. Now I'm receiving a "400 bad request" response on the second step of the code flow authentication, when I send back the authorization_code that I received after the user login to the token endpoint, to request the access_token. The original GET request to send the user to the Microsoft login

问题 I need a bit of help understanding which is the problem with Microsoft Identity Platform login on my cms (ASP.NET Webforms). It used to work without problems, last time I tried was maybe a month ago. Now I'm receiving a "400 bad request" response on the second step of the code flow authentication, when I send back the authorization_code that I received after the user login to the token endpoint, to request the access_token. The original GET request to send the user to the Microsoft login

问题 In this documentation it gives a complete flow for a web application that calls a web API: The web application executes a policy and the user completes the user experience. Azure AD B2C returns an (OpenID Connect) id_token and an authorization code to the browser. The browser posts the id_token and authorization code to the redirect URI. The web server validates the id_token and sets a session cookie. The web server asks Azure AD B2C for an access_token by providing it with the authorization

来源： https://stackoverflow.com/questions/64193349/idw10201-neither-scope-or-roles-claim-was-found-in-the-bearer-token

来源： https://stackoverflow.com/questions/64193349/idw10201-neither-scope-or-roles-claim-was-found-in-the-bearer-token

问题 To automate maintenance of an Azure Digital Twins instance, we require service-to-service API access so that we can use Azure middle-tier options to run as daemon apps (e.g. Logic App or Function). However, the Azure Digitial Twins 'preview' API (resource id: 0b07f429-9f4b-4714-9392-cc5e8e80c8b0) does not support Application Permissions when registering the application in Azure Active Directory (only Delegated Permissions). However, the related Microsoft Graph API (resource id: 00000003-0000

问题 I have seen many same or similar questions, and tried all their answers if there was one, but none of those works for me. I'm using this example from Microsoft's Github account as my project base. It works well for just signing in users. The project has 1 WebApi, 1 Angular App. Then I followed this Microsoft example to add code to call Graph API. Here is the controller code: [Authorize] [Route("api/[controller]")] [ApiController] public class BillsController : ControllerBase { static readonly

问题 I have seen many same or similar questions, and tried all their answers if there was one, but none of those works for me. I'm using this example from Microsoft's Github account as my project base. It works well for just signing in users. The project has 1 WebApi, 1 Angular App. Then I followed this Microsoft example to add code to call Graph API. Here is the controller code: [Authorize] [Route("api/[controller]")] [ApiController] public class BillsController : ControllerBase { static readonly

问题 I have a web application that sends e-mails to users via Exchange Online (Office365) using MailKit and Basic Authentication. Our company is MS partner and therefor is obligated to turn off Basic Authentication for our services by the end of february 2020. So, I want to use OAuth 2.0 to connect to Exchange Online, similar to this example. In fact, there might be a solution available according to this answer but I'm unable to find anything about it. Right now I'm playing around with MS Identity

问题 The "Grant admin consent" button in the current Azure AD app registration experience (under Azure portal > Azure AD > App registrations > (app) > API permissions) is sometimes greyed out. In the legacy experience, I could always click the button. What's the difference between the two? 回答1: The "Grant permission" button in the legacy app registration experience behaves differently depending on what you're allowed to do: If you're allowed to do tenant-wide admin consent, the button grants the