问题
I've a Python Flask App for which I've use Azure Easy Auth (Azure Active Directory)for App Service. The login mechanism works well. However I want the info of who the logged in user is i.e., name, email etc. For this I understood that we can call http://xyz.contoso.com/.auth/me which will return the data required. However, when I send a get request from the Web App, it does not work and returns a 401 with you do not have permission to view this directory or page. If I browse to the same page with my browser, it works returning the data about the logged in user. Am I missing something ?
回答1:
You can access http://xyz.contoso.com/.auth/me via browser since you have authenticated session. But if you send the get request from the web app, you will have no permission.
However, you can get the user information from the headers. App Service passes user claims to your application by using special headers. External requests aren't allowed to set these headers, so they are present only if set by App Service. Some example headers include:
X-MS-CLIENT-PRINCIPAL-NAME
X-MS-CLIENT-PRINCIPAL-ID
Reference:
Access user claims
来源:https://stackoverflow.com/questions/59550817/permission-error-for-azure-active-directory-easy-auth-auth-me-returns-401