owin.security.providers for AAD


here are the changes I made to the github provider … to make it talk instead to Azure’s AAD (in non-managed IDP mode).

 

image

image

image

yes .. it uses the code from /auth twice, once to get a non-standard access token (that access the “standard” openid userinfo resource) and twice to get a JWT (the id token) suited for access the JWT-powered graphAPI of AAD.

Go figure this American mess.

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in AAD. Bookmark the permalink.