I have a web application that exposed an SCIM api endpoint. Then I used Azure AD SCIM validator to validate my SCIM endpoint. Azure AD needs a token to be able to connect to my app.
Problem is I generate Oauth 2 token using postman, I use this token in SCIM validator but the token does not work. It always responds as Invalid Credentials.
The token when used with Postman works though.
Anybody encountered same problem?
Any help is appreciated.
Related
The access token that the app receives after successful authentication, can we use the same token for invoking GRAPH APIs for /me.
I tried to use the access token that I received in POSTMAN for /me but got an invalid token error. If I explicitly generate the token in POSTMAN, I am able to use it for /me.
What am I doing wrong here?!
I tested it.The access token you get after successful authentication of the app you use should be b2c, while b2c cannot be used to request a graph endpoint. See reference from Azure AD B2C auth code flow.
You can successfully request /me endpoint with the explicitly generated access token in POSTMAN because you are using an access token from Azure AD auth code flow.
We have an Angular SPA and Web API which is hosted in IIS - standalone server.
Our Web API uses user ID and password OAuth token authentication.
One of our client wants to use their Azure AD instead of our application's user id and password.
How to pass their AD token in our /token API call? Is there any easy way to implement this?
We can do this by two ways.
Approach 1# using ADAL.js in SPA
For SSO Clients
Get AD Token using ADAL, then pass it to /token with custom grant_type and decrypt AD token and generate your own token
Apporach 2# using SAML approach
For SSO Clients
Get SAML response, and pass it to /token with custom grant_type and decrypt SAML token with certificate you received from AD SSO then generate your own token
The issue I am facing is to get webApi authenticated with bearer token received from webapp authentication.
Created web app, Angular template of .net core 2.1. Aded WsFed authentication to it. https://demoapp (dummy name)
Created Web Api app. Added wsfed authentication to it. https://demoapp-api (dummy name)
Now target is to authenticate web app, use token from there to make calls to api, and get data.
In WebApp, in OnTicketReceived WsFederationEvent, acquiring token using AcquireTokenAsync(AppId, credential);
Doing this because, we receive SAML token from WsFed.
Here tried with AppId of WebAPI, and also of WebApp. Both tokens do not work.
Passing this token as Bearer token in header to API.
When hitting API, facing redirection for authentication.
Ideally, when sending token, it should be allowed, right ?
I have added permissions of WebAPI on WebAPP in Azure portal, and also vice-versa.
Acquiring token using AppSecret.
Am I missing something here ? Or I am trying to achieve something which is not possible with WsFed ?
Can anyone please help with this webapp-webapi-wsfed scenario ?
Hi to all and sorry for my English!
I'm new to Google-API and I need use Google Service Account to access Google-API on my php server.
I can't use client-php-google-api, so I'd like call google-api by REST.
Do I need a refresh token? If Yes, how can I get a refresh token for service account?
You will require a service account and access token (No need for refresh token in this scenario). To get an access token, you will require JWT. JWT token has an expiry of maximum 1 hour and you will need to re-issue a new JWT after its expiry. Please refer to following guide on getting JWT/Access Token and then making API calls:
Using OAuth 2.0 for Server to Server Applications
I have an issue with a web api returning HTTP 401 – Unauthorized when I use a Bearer Token to access it from a xamarin client. Either the iOS or UWP fail.
-This is an application that authenticates with Azure Active Directory to allow a user to login
-Once successfully logged in it gets a token that in turn is added to the web api request header
-The web api has its authentication turn on
The issue with azure settings
https://1drv.ms/v/s!ApPhjsvemKJggpR2ax5w4wRJcY7uXQ
the code
https://github.com/wleon12/XamarinForms-AAD-WebAPI.git
I cant seem to figure out what is wrong, appreciate any input or guidance
It depends how you protect the web API.
Normally, when we protect the web API using Azure AD, we will provide the the Audience and Tenant like this code sample. So that when we send the request with the token, the web API will verify the signature of the token and the value we config.
So for the 401 issue, please check the token you acquired with the value you config for the web API project. To check the Audience, Tenant and other values in the token, you can decode it from this site.