openid sample with group limits


The RC version of visual studio 2015 includes a set of samples, including those for openid connect and use of the AAD graph API, if one installs the azure quickstarts extension:

 

image

image

Building the project requires little expertise:

image

image

image

we see that the AAD wizard, in visual studio, can show the web.config parameters:

image

to which we add directory read permissions using the wizard (that demands a client secret)

image

image

image

note how it adds code to the project and odata-related libs, not just web.config parameters

We use the AAD applications configuration panel, next, to limit which users have access to the endpoint of the new app:

image

image

we see now that if we logon as another user, we get a denied access:

image

image

if we assign group billTypeB to this application

image

image

 

Access to the webapp is granted to the identity rapagent, now.

image

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in AAD. Bookmark the permalink.