owin.security.providers for AAD

here are the changes I made to the github provider … to make it talk instead to Azure’s AAD (in non-managed IDP mode).





yes .. it uses the code from /auth twice, once to get a non-standard access token (that access the “standard” openid userinfo resource) and twice to get a JWT (the id token) suited for access the JWT-powered graphAPI of AAD.

Go figure this American mess.


About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in AAD. Bookmark the permalink.