应用注册将Azure AD上的域名列入白名单 [英] whitelist domain names on Azure AD with App Registration

问题描述

O365的身份验证过程需要在Azure上的应用程序仪表板上的白名单中添加重定向URL.

The authentication process for O365 requires adding the redirect URL in a whitelist on the app’s dashboard on Azure.

但是，此白名单不适用于域名.它需要为每个页面添加整个URL，如果您有大量的URL，则不可能添加此URL，另外，某些URL是由后端动态生成的. 是否可以一次性将包含所有子目录/URL的域列入白名单?

However, this whitelist doesn't work with domain names. It requires to add the entire URL for every page which is not possible if you have a huge number of URLs, plus some of the URLs are dynamically generated by the backend. Is it possible to whitelist the domain with all its sub-directories/URLs in one go?

推荐答案

不，不是(除非您要使用通配符，否则不应该).

No, it is not (unless you want to use wildcards, which you shouldn't).

通常，当您需要动态重定向时， 您应该将要重定向到的位置本地存储在cookie/会话/本地存储/会话存储中. 然后使用单个重定向URL，当您在此处获得重定向时，从存储它的位置获取存储的本地重定向URL"，然后将用户重定向到那里.

In general when you need dynamic redirects, you should store the location you want to redirect to locally in a cookie/session/local storage/session storage. Then use a single redirect URL, and when you get the redirect there, get that stored "local redirect URL" from where you stored it, and redirect the user there.

我在最近的一篇文章中谈到了这一点: https: //joonasw.net/view/avoiding-wildcard-reply-urls-with-msal-js

I touched upon this on a recent article: https://joonasw.net/view/avoiding-wildcard-reply-urls-with-msal-js

这篇关于应用注册将Azure AD上的域名列入白名单的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！