Quote of the Day

more Quotes

Categories

Recent Posts

Top Posts

Get notified of new posts

Buy me coffee

Tag Archives for " azure ad "

Migrating from Microsoft.AspNetCore.Authentication.AzureAD to Microsoft Identity Web authentication library to integrate with Azure AD.

Published September 6, 2021 in .NET core , ASP.NET core , Azure , Azure Active Directory , Azure ADB2C , OAuth2 , OpenID Connect , security - 0 Comments

I recently had a chance to clean up some of the deprecated libraries I used for validating a JWT access token or obtain one via the client-credentials flow or the on-behalf-of flow. The libraries I used were under the Microsoft.AspNetCore.Authentication.AzureAD packages. Per the document, since ASP.NET core 5.0, users should use the Microsoft.Identity.Web package to integrate with Azure AD and Azure ADB2C.

Continue reading
Tags: azure ad , bearer token , client credentials , JWT , Microsoft Identity Platform , microsoft identity web , on behalf of

How to authenticate user against Azure ADB2C from Angular app using oidc-client-js.

Published February 17, 2020 in Azure , Azure Active Directory , Azure ADB2C , OpenID Connect , security - 3 Comments

In this post, I show you how to authenticate your user against azure adb2c to obtain an id and access token. Specifically, we’ll discuss the following:

  • Create azure adb2c directory
  • Register applications in b2c tenant.
  • Define scopes and setup permissions.
  • Setup sign up and sign in user flow.
  • Authentication service.
  • Response to authentication events in component.

Please checkout the latest codes for this post here.

Also, check out the follow-up posts relating to using oidc-client-js to interact with Azure ADB2C:

Continue reading

Tags: adb2c , azure ad , Microsoft Identity Platform , oidc-client , openid

Implement OAuth2 Client-Credentials flow with Azure AD and Microsoft Identity Platform.

Published December 16, 2019 in ASP.NET core , Azure , Azure Active Directory , OAuth2 , OpenID Connect , security - 5 Comments

OAuth2 Client Credentials flow is a protocol to allow secure communication between two web APIs. Specifically, the protocol specifies the flow of obtaining authorization for a client to access protected endpoints of a resource server with no user interaction involved. With Microsoft Identity Platform, Azure portal, Microsoft Authentication Library (MSAL), and .NET core security middleware, you can implement the OAuth2 client credentials flow without much difficulty. In this post, I go over how to leverage those technologies to protect your ASP.NET core web APIs.

Continue reading

Tags: azure ad , client credentials flow , Microsoft Identity Platform , OAuth2

Using oidc-client-js to obtain tokens from Azure AD (v1.0) or Microsoft identity platform (v2.0) .

Published August 14, 2019 in Angular , OAuth2 , OpenID Connect , security - 1 Comment

In my previous post, I mention using MSAL for angular to implement implicit flow in angular application. However, MSAL is still in preview and I could not get it to work in IE 11. In addition, I could not find a way to obtain both access and id tokens in a single call. I have switched to oidc-client-js. Besides adding the polyfills for IE, I did not have to do much for oidc-client-js to run in IE11. The library also allows me to configure response_type parameter of a request to the authorization endpoint to obtain both id and access tokens in one call. Overall, I have found the library to be more stable than MSAL for angular. In this post, I share how I configure oidc-client-js in an angular application to obtain tokens from Azure Active Directory (v1.0 endpoint) as well as some of the lessons I have learned.

Continue reading

Tags: azure ad , implicit flow , Microsoft Identity Platform , MSAL for angular , oidc-client-js