有没有办法使用 JWT 和 Azure AD 令牌来授权 Net Core 3.0 API [英] Is there a way to Authorize Net Core 3.0 APIs with JWT and also Azure AD Tokens
问题描述
我正在创建一个包含身份验证(无身份)的 Web 服务,并且我使用 JWT 保护了 APIS(当用户通过电子邮件、密码、姓名等登录或注册时返回令牌),但我还有一个使用 MSAL 的微软登录/注册,我还创建了一个 Azure 应用程序.如何使用 microsoft 验证登录以返回 JWT 或如何使用 JWT 和 Azure AD 实现 API 授权.
您当前已经注册了一个Azure应用程序,您可以将其设置为客户端应用程序,然后您需要创建一个>后端应用代表api,然后让用户登录你的客户端应用完成授权并获取访问令牌,最后使用访问令牌调用api应用.
操作流程如下:
首先暴露后端应用的api,并添加客户端应用.
接下来,在API 权限"下,授予前端应用程序访问后端 api 的权限:
- 在API 权限"下点击添加权限",然后点击我的 API"标签.
- 找到您的后端应用程序并选择适当的范围.
- 点击添加权限".
- 为您的 API 授予管理员许可.
接下来,您需要使用
解析token:
最后可以使用token调用api了.
完整的示例 供您参考.
I'm creating a web service that contains authentication (no identity), and I protected the APIS with JWT (the token is returned when the user logs in or registers by email, password, name, etc..) but I also have a microsoft login/register using MSAL, I also created an Azure App. How do I validate the login with microsoft to return the JWT or how could I implement the API authorization using both JWT and Azure AD.
You have currently registered an Azure application, you can set it as a client application, and then you need to create a back-end application representing the api, and then let the user log in to your client application to complete authorization and obtain an access token, and finally use the the access token calls the api application.
The operation process is as follows:
First expose the api of the back-end application and add the client application.
Next,under 'API permissions', give your front-end application access to your backend api:
- Under 'API permissions' click on 'Add permission', then click on the 'My APIs' tab.
- Find your backend application and select the appropriate scope.
- Click 'Add permissions'.
- Grant admin consent for your APIs.
Next, you need to use the auth code flow to obtain an access token,which requires you to log in to the user and obtain the authorization code, and then use the authorization code to redeem the access token.
Parse the token:
Finally, you can use the token to call the api.
The complete sample is for your reference.
这篇关于有没有办法使用 JWT 和 Azure AD 令牌来授权 Net Core 3.0 API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
