Azure AD, Scope-based authorization

“Hello World!” Continuing the customization of the basic two tiers scenario introduced in my previous posts, I would like to talk about scopes. OAuth2 defines the concept of scope as a “list of space-delimited, case-sensitive strings” that specifies the scope of the access request. These scopes can be used by a target application to allow…

2

Azure AD Delegation scenario

tl;dr Register a new Web App in AAD for the Api Add the required “delegated” permissions to the external resource (i.e: Microsoft Graph) Register a new Web App in AAD for the FrontEnd Add the permissions to access the Api app Configure the Web apps code with the authentication details as usual (ClientID, Client Secret,…

0