metrolistmlsqa server-side app authentication flow


Azure mobile provides a nice easy way to create an andoid app, using android studio. It also host a backend (javascript) website that supports that app, particularly when doing “server-side login”.

image

image

image

 

This flow is one in which the code provided by the AS as a result of the app-invoked embedded browser is delivered to a server-side endpoint – via an HTTP redirect. This last step is espied by the app, which shuts down the browser and interacts with the website t0- get itself a local session, app to site. The site’s own webapp process has, meantime, converted the code to a token, to support the maintenance of the local session. This interaction is configured by setting identity values in the mobile app configuration to align with that of an associated AAD application (and vice versa):

we configure the mobile backend site to talk to the “homespotter webapp” AAD application registration, in our netmagic.onmicrosoft.com AAD tenant.

image

image

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in AAD, azuremobile. Bookmark the permalink.