如何将JWT版本更新到2.0? [英] How to update JWT version to 2.0?

问题描述

在通过login.microsoftonline.com对自己进行身份验证后，我有一个来自Azure的JWT，它的iss值为https://sts.windows.net/...(做过一些研究后，看来这是由于JWT的"ver": 1.0 ).为了获得https://login.microsoftonline.com/...发出的JWT，我已经更新了应用程序的清单，以便将accessTokenAcceptedVersion设置为2，而不是默认情况下不再设置为null.

I have a JWT coming from Azure after authenticating myself via login.microsoftonline.com, that has the iss value of https://sts.windows.net/... (after doing some research, it seems this is due to the "ver": 1.0 of the JWT). In order to get a JWT issued by https://login.microsoftonline.com/... I have updated the app's Manifest, so that the accessTokenAcceptedVersion is set to 2, and not null as per default anymore.

我等待了5个多小时，但是我仍然得到了错误的令牌版本，我一直使用"ver": 1.0和"iss": "https://sts.windows.net/..."来获得JWT.我缺少任何步骤吗?

I waited more than 5 hours, but I still get the wrong version of the token, I keep getting the JWT with "ver": 1.0 and "iss": "https://sts.windows.net/...". Is there any step that I am missing?

AuthConfig的scope值为openid，我目前正在使用隐式流程(很快将更改为身份验证代码流程，但仅在解决JWT版本问题之后才可以使用.)

The scope of the AuthConfig has the value openid and I'm currently using Implicit Flow (will change to auth code flow soon, but only after the JWT version issue is fixed..)

提前谢谢！

推荐答案

访问令牌的版本与用于请求令牌的端点无关，但与您请求的资源有关. ms graph api的默认版本是版本1.0的标记.如果要获取令牌的2.0版本，则应请求自定义api.

The version of the access token has nothing to do with the endpoint you use to request the token, but is related to the resource you requested. The default version of ms graph api is the token of version 1.0. If you want to obtain the 2.0 version of the token, you should request your custom api.

首先，您需要创建一个代表api的应用程序，然后公开受Azure保护的api.

First, you need to create an application that represents the api, and then expose the api protected by Azure.

接下来，在"API权限"下，授予您的前端应用程序对您的后端api的访问权限:

Next,under 'API permissions', give your front-end application access to your backend api:

• 在"API权限"下，单击添加权限"，然后单击我的API"标签.
• 找到您的后端应用程序，然后选择适当的范围.
• 点击添加权限".
• 获得您的API的管理员同意.

接下来，您需要使用

Next, you need to use the auth code flow to obtain an access token,which requires you to log in to the user and obtain the authorization code, and then use the authorization code to redeem the access token.

解析访问令牌，它将显示v2.

Parse the access token, it will show v2.

这篇关于如何将JWT版本更新到2.0?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！