Node.js Azure AD-护照-天蓝色广告 [英] Node.js Azure AD - passport-azure-ad
问题描述
你好
我可以使用Azure AD为我的应用程序进行自动化工作.但是我提供的令牌是访问令牌和ID令牌.当我尝试将用户访问令牌压入Azure的API时,我得到该令牌不是有效的JWT令牌. 当我尝试使用ID令牌时,它是有效的,但针对错误的受众或资源.
I was able to get auhtenication working for my application with Azure AD. But the tokens I am provided are and access token and an id token. When i try and pressent the users access token into Azure's API i get that the token is not a valid JWT token. When i try to do the ID token, it is valid but for the wrong audience or resource.
我错过了配置已注册应用程序的步骤吗?
Did I miss a step in configuring the Registrated App?
这是我第一次为应用程序使用Azure AD和Oauth ...
This is my first go around with Azure AD and Oauth for an app...
推荐答案
Id_token发送到客户端应用程序作为OpenId Connect流的一部分,不应代替访问令牌用于授权. 请参考授权 使用OpenID Connect和Azure Active Directory访问Web应用程序以获取有关为应用程序使用OpenId的更多信息.
Id_tokens are sent to the client application as part of OpenId Connect flow and it should not be used for authorization in place of an access token. Please refer to Authorize access to web applications using OpenID Connect and Azure Active Directory to get more information on using OpenId for your application.
请参阅以下文档以获取有关ID和访问令牌的更多详细信息-
Please refer to the below documents to get more details on id and access tokens -
- Id and Access tokens
- Id Tokens
- Access tokens
For using OAuth Code grant flow you need to follow Authorize access to Azure Active Directory web applications using the OAuth 2.0 code grant flow.
这篇关于Node.js Azure AD-护照-天蓝色广告的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
