Web Api Authentication And Authorization Using Azure ad

Web Api Authentication And Authorization Using Azure ad | add roles to user

Рет қаралды 31,003

Күн бұрын

Пікірлер

@azureteachnet 2 жыл бұрын

Here is the source code - github.com/AzureTeachNet/AzureTeachTutorials/tree/Angular_WebAPI_AzureAD_Authentication_Authorization/WebApiAngularAdDemo

@balamuruganc6866 7 күн бұрын

Great explanation .

@Sivet555 Жыл бұрын

This is a great tutorial. One of the few ones that actually show what I needed.

@azureteachnet Жыл бұрын

Thanks for the feedback. Please subscribe to the channel if you have not subscribed yet.

@mammoetsaus Жыл бұрын

Amazing, the Postman integration is clean! 😎

@jeffwooldridge3495 2 жыл бұрын

Thanks for this video. Excellent overview of getting authentication up and running quickly and seamlessly. Kudos for the Postman setup part too.

@azureteachnet 2 жыл бұрын

Thanks for your comment. There are more videos on Azure in the channel. Please subscribe to the channel if you have not subscribed yet.

@JoachimMaier-em5dz Жыл бұрын

Very nice Tutorial. The Postman part was extremely helpful. Thanks a lot.

@azureteachnet Жыл бұрын

Thanks. Please subscribe to the channel, if you have not subscribed yet.

@juhairahamed5342 Жыл бұрын

Azure As whole series are excellent

@vasilecuzmin5153 13 күн бұрын

Hi! Great tutorial! So in order to access a secured api from Postman, do I have to register a new instance on AD for it?

@azureteachnet 12 күн бұрын

You can use an existing client application too. No need to create a new one if you already have one. Assume, there are two projects, A and B want to consume an API. If A and B are belongs to different teams, A have to create 1 client app and B have to create another one.

@TellaTrix 2 жыл бұрын

Wow, Naga awesome learning today for me. I was always thinking how this custom role does works in azure AD. Thank you Naga

@marcoalayn3633 5 ай бұрын

God Bless you, good man! 🧐👌

@azureteachnet 5 ай бұрын

Thanks for feedback. please subscribe to the channel if you have not subscribed yet. The channel have a lot of realtime videos on azure. Thanks

@amarantes2001 Жыл бұрын

Great tutorial!, exactly what I was looking for. Thanks !

@sivasrisankar Жыл бұрын

Thank you brother ❤

@azureteachnet Жыл бұрын

please subscribe to the channel if you not subscribed yet. Thanks

@hasithagunathilaka1821 8 ай бұрын

Thanks for the video, very helpful

@SirajummuneerParvez Жыл бұрын

That was an awesome tutorial. Helped me a lot.

@azureteachnet Жыл бұрын

Thanks for the feedback. Please subscribe to the channel if you have not subscribed yet.

@TellaTrix Жыл бұрын

I would really thanks for this valuable content on azure, I just have one question about this implicit flow that is this the openid connect protocol that we used ?

@azureteachnet Жыл бұрын

Azure AD uses standard complaint implementations of Oauth2.0 and Open Id connect(OIDC)1.0.

@TellaTrix Жыл бұрын

@@azureteachnet Hi , I really enjoyed your content! It would be great if you could continue to provide us with more information on Auth code flow and Client Credential flow. I’m particularly interested in understanding how, once a user is authenticated using any flow in a web app, they can use the same token to call a secure web API endpoint. I’m not sure what this process is called, but I’d love to learn more about it. Keep up the great work! Please Use dark mode for Visual Studio.

@azureteachnet Жыл бұрын

@@TellaTrix Thanks for your time in providing the detailed feedback. The channel already have multiple videos on delegated and client credentials flow. I will explain auth code flow in one of my future videos. Thanks.

@sonlethanh7375 10 ай бұрын

Cool. Exactly what I was looking for. Thanks

@azureteachnet 10 ай бұрын

Thanks for the feedback. Please subscribe to the channel if you have subscribed yet. Thanks

@discoveryray8299 2 жыл бұрын

Super helpful. I had trouble getting my head around how was the postmanApp able to access WebAPIangluarDemo. My thought/guess is that since postmanAPP is requesting token on resource(WebAPIangularDemoApp) on behalf of the signed in user who has an app role(scope) inside the WebAPIangularDemoApp. Please correct me if i am wrong.

@azureteachnet 2 жыл бұрын

yes. please subscribe to the channel if you have not subscribed yet. Thank you.

@vishalyagnik8758 2 жыл бұрын

I am getting need admin approval for other non manager role users. Can you please help me on that part? Thanks in advance.

@seannalexander Жыл бұрын

thanks bro, this was really helpful.

@azureteachnet Жыл бұрын

Thanks for the feedback. Please subscribe to the channel if you have not subscribed yet. Thanks.

@pedromarcosramos9211 10 ай бұрын

Can you a post a Python3 and Flask3 receiving token from Angular sample, please?

@azureteachnet 10 ай бұрын

I am sorry. My Technical stack is specific to Microsoft Technologies only. I am not experienced with Python. Thanks.

@RAZUMOVSKY228 2 жыл бұрын

Hej, In this video you have created two app registrations: first is AzAngularDemoApp, second: PostmanClientApp, but you have not updated client ID in the application, so that in asp net core api is still client id of AzAngularDemoApp, when we receive the token using postman token ID in it is client ID of postman app registration The question is: How web api fetches the token if client ID in appsettings does not match the client ID in token itself? Or it is done via scope in token?

@stubstunner Жыл бұрын

I think it’s via the JWT itself. The original request from the SPA should contain the scope of the target resource no?

@TheOpposto 2 жыл бұрын

Buen video!! Justo lo que necesitaba. Gracias!!!

@azureteachnet 2 жыл бұрын

Thanks a lot for the feedback. Please subscribe to the channel

@kotavenkataramana6321 2 жыл бұрын

Excellent video in short.. Thanks for sharing the knowledge.. It would be so great if you could make a video on creating azure yml pipeline with a sample application. Thanks.

@azureteachnet 2 жыл бұрын

Thank you. Sure. I have it in my list. I have a plan to create yml pipelines for Docker build and Kubernates deployment using Azure pipelines too. Here is a video on deploying Angular Applications to Azure Storage account using Azure Pipelines(Not yml based). Please check it if you have not watched yet. kzbin.info/www/bejne/b4G3d62Vnbl4prc Thank you.

@normancastrillo7907 Жыл бұрын

awesome! thank you so much

@azureteachnet Жыл бұрын

Thank you for the feedback. Please subscribe to the channel if you have not subscribed yet.

@jialewu5967 2 жыл бұрын

Thank you so much for the video. I follow this video but get an 401 error when calling the api via postman. Is there any possible reasons that I can look into? BTW, I am using .Net 6 for the web api

@azureteachnet 2 жыл бұрын

1. check if the user has roles assigned. 2. verify you are passing the proper scope as shown in the video. 3. Check if the client application (postman) has permissions to access the api. If not, Go to Expose an Api and add postman app registrations client id as client application. 4. grab the token and decode it in jwt.io site to verify if the token has the required scopes and roles. Ideally, If you replicate the video there should not be any issue. There are other videos in the channel in which I had to use the same concept 🙂. Please let me know if you still face the error. Subscribe to the channel, if you have not subscribed yet. There are more azure videos in the channel and more to come in future. Thank you

@rakeshkaddi 2 жыл бұрын

Hi, Can we use Grant Type as client_credentials here?

@azureteachnet 2 жыл бұрын

Yup we can do that. However, In this video, I have shown generating the token on behalf of user (Delegated permissions flow). If you want to use Clinet_Credentials, you need to pass client_id and client_secret. Here is the video which may help. kzbin.info/www/bejne/hqTOiIZ7mchprJY Please subscribe to the channel if you have not subscribed yet. Thank you.

@rakeshkaddi 2 жыл бұрын

@@azureteachnet Can we create AAD application using Powershell/CLI and set Acccess tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows)

@azureteachnet 2 жыл бұрын

@@rakeshkaddi Yes. It is possible.

@rakeshkaddi 2 жыл бұрын

@@azureteachnet Can you please provide me the link or commands

@azureteachnet 2 жыл бұрын

@@rakeshkaddi can you check this - schwabencode.com/blog/2022/03/09/azure-cli-create-azure-active-directory-app-registration . I did not tried it.

@rakeshkaddi 2 жыл бұрын

Nice explanation, Can we add users to the security group programmatically?

@azureteachnet 2 жыл бұрын

yup. we can do that. We can use powershell/Azure CLI or even .net programs as well. Please subscribe to the channel if you have not subscribed yet. Thank you.

@anurag3487 2 жыл бұрын

very clear. thank you

@natheeshkumar 2 жыл бұрын

Nice...can you please add the video for normal email & passowrd, sigin with google option based autentication? please.... :)

@azureteachnet 2 жыл бұрын

Here is a video on Facebook login. Google authentication will be similar if you want to add through the azure. Check if it helps -kzbin.info/www/bejne/qZWZoaCjg75khrs otherwise will post a video soon. Thank you.

@kancharla13 2 жыл бұрын

Thanks for sharing the video. It is very helpful!! I have one question How can we access API from another API (without collection username and password)

@azureteachnet 2 жыл бұрын

Do you want to access the other api delegated(on behalf of user) ? Otherwise you can use an app registration and mention the api scope in startup.cs

@kancharla13 2 жыл бұрын

@@azureteachnet yes, I wanted to call api on behalf of user . Either from class library or any other console app.

@azureteachnet 2 жыл бұрын

@@kancharla13 ok. Will post a video soon.

@kancharla13 2 жыл бұрын

@@azureteachnet ok sure , thank you !! Is there any other services you offer ?

@azureteachnet 2 жыл бұрын

@@kancharla13 Thanks for asking. Right now busy with other commitments and hardly finding time.