authorization code support in microsoft api manager oauth2–still not working with AAD


Well, unlike a few months ago when I tried it, its now working. What’s working? the oauth2 interaction between Microsoft API manager and AAD (and the backend IDP)

image

 

We set it up by configuring oauth AS in the management console, having created an AAD app in our tenant to complement that oauth consumer definition:

image

rapmlsqa.com app in AAD, to workin with api management consumer of oauth tokens

image

image

image

On the API itself, we bind the api endpoints security guard to this new AS (the AAD app):

image

Over on the developer portal, we can use the built-in test client:

image

image

which we can authorize using AAD (so the client gets authorization codes and tokens to talk to the API)

image

 

We see in the handshake that the client UA does talk to the remove API CLIENT which does attempt to convert the acquired code grant into a token. BUT FAILS (STILL).

The code still does not provide the resource ID on the token endpoint.

image

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in AAD. Bookmark the permalink.